1 Reply Latest reply on Jan 9, 2016 12:40 PM by curtisi

    Auto-Discovery Inquiry

    jodostie

      Hello,

       

      I'm very new to LEM and ran into a little snag. I'm trialing out this product for use as our syslog solution for our Sophos WS web appliance syslogs. I ran an autodiscovery, and did not commit the nodes by cancelling out of the prompt as I got caught up in a different issue. I went back to LEM and did another auto discovery and it does not find anything now. I turned on the auto discovery and just sits there and spins. Is there a way to manually stop this? Perhaps there's some cache that needs to be clear before it can rediscover the previously discovered nodes?

       

       

       

      Joshua

        • Re: Auto-Discovery Inquiry
          curtisi

          Josh,

           

          Rebooting may help, but if you know what the device is (Sophos WS) and where it logs to (which local facility on the LEM?) you can create the connector manually and the LEM should detect and break out all the devices sending logs to that location.

           

          In Manage --> Appliances, click the gear next to your LEM, and pick "Connectors."  Refine the Results with Sophos, and then click the gear next to the appropriate connector and select "New."  It'll have settings for log file location, and you can modify that if needed, or accept the defaults if you think they are correct.  Save and start your connector, and the LEM ought to pick up the nodes.