Submit a ticketCall us

Announcing NPM 12.2
With NPM 12.2 you can monitor your Cisco ASA firewalls, to monitor VPN tunnels for basic visibility and troubleshooting tunnels. NPM 12.2 also uses the SolarWinds Orion Installer so you can easily install and upgrade one or more Orion Platform products simultaneously.
See new features and improvements.

Home > Success Center > Log & Event Manager (LEM) > Create ndepth FIM File Audit Alert Search

Create ndepth FIM File Audit Alert Search

Table of contents

Updated: November 3, 2016


This article describes how to create a nDepth search for FIM related data.



  • LEM version 6.x


1. Log in to LEM console.

2. Click Monitor tab.

3. Click Explore > nDepth.

4. In nDepth panel, click Event Groups > File Audit Alerts.

5. From the Fields: File Audit Alerts drag EventInfo and then DetectionIP, to look something like the one below:


6. Click Search button on the top right (blue play button as shown below) after selecting small period example 1 hours or last. Change the sample interval to a custom date range. The longer the date range is, the more time it will take for the data to pull depending on how many files/folders FIM was monitoring.


Refer to How to create filter for FIM data if you like to create a filter for FIM.

This article about FIM Related Windos Event ID's might also help with search and reporting.

Last modified
00:53, 3 Nov 2016