4 Replies Latest reply on Dec 3, 2015 10:06 AM by curtisi

    LEM multiple appliances?

    ejwxcf

      I'm trying to utilize LEM in two different departments, Engineering and IT/IS.  What I'm trying to do is create two accounts (IT/IS and Eng) and when we log into said account we only see our information just like an OS and have the admin account control all of the devices.  so if we logged into the Eng account, we would see our routers/switches/CMTS and if we logged into the IT/IS we would only see their devices.  This way there wouldn't be any conflicting notifications and etc.  Is this even possible to do?  I was thinking about creating one appliance for engineering and another for the IT/IS, and then create users that are only accessible to those appliances.  would that also work?

        • Re: LEM multiple appliances?
          matej

          Hi ejwxcf,

           

          What about this approach:

          - Login as admin. Create user 'Eng' with Administrator Role.

          - Login as 'Eng', delete all filters, create filter only for 'Eng' related events.

          - Login as admin, change permissions of 'Eng' to Monitor only.

           

          - Login as admin. Create user 'IT' with Administrator Role.

          - Login as 'IT', delete all filters, create filter only for 'IT' related events.

          - Login as admin, change permissions of 'IT' to Monitor only.

           

          Result:

          - 'Eng' and 'IT' users can login and see only events related to them. They can't change/mess up anything.

          • Re: LEM multiple appliances?
            curtisi

            Multiple appliances would work, but the licensing might not be worth it, and you lose out on correlations: What if "Bad Thing" is only indicated by Event A and Event B, but Event A is getting reported to Engineering and Event B is going to IT?  LEM appliances don't chat to compare correlation notes (as of version 6.2).

             

            matej's solution could work: create filters and dashboards (OpsCenter) for each team and set them as "Monitor" accounts.  Downside here is it means that you also get to create all the rules and alerts, since your Engineering and IT guys won't be able to modify the rules engine to setup their own notifications and alerts.

             

            Also, the "Manage --> Nodes" screen is universal, so if they have access to that, they can see all the devices logging to the LEM.  If they have access to "Explore --> nDepth" they'll see events from any/all devices that match their search criteria.  There isn't a way to lock a user out of search results if they have access to nDepth in LEM.

             

            Just trying to give some more info for consideration.

              • Re: LEM multiple appliances?
                ejwxcf

                Well I don't think we are wanting correlations between the engineering nodes and the IT/IS nodes.  We essentially want to be able to run two separate LEM accounts under the same license.

                 

                Also, with multiple appliances, I'm thinking about creating an Appliance A for engineering and Appliance B for IT/IS,  would appliance A be able to see any of the information from appliance B and vice versa?