9 Replies Latest reply on Jun 24, 2015 9:03 AM by johnreed

    Basic Log filtering in LEM?

    Dan Howard

      We are evaluating LEM as a possible replacement for our Juniper STRM syslog appliance. We would be using it for basic log aggregation, monitoring and reporting. So far I like the basics of the LEM interface, but I must be missing something because creating a basic filter seems like calculus.

       

      As an example, I just want to search or filter the monitor for a source or destination IP address. Right now I have only one ASA appliance sending logs to LEM and all I want to do is find traffic to/from a certain IP. We do this in STRM all the time for diagnosing problems and it's a 2 click, 5 second process. How the heck do you do this in LEM?

       

      Also, if anyone has gone from STRM or something similar to LEM I would love to hear the pros/cons of the switch.

       

      Thanks in advance.