Submit a ticketCall us

ebook60.pngHow to be a Cisco® ASA ace

Our eBook, Thou Shalt Not Pass…I Think?! can help you overcome the challenges of monitoring and managing Cisco ASA firewalls. This eBook is a great read if you’ve been frustrated with monitoring firewalls, managing ACL configs, and troubleshooting VPN connections.

Get your free eBook.

Home > Success Center > Log & Event Manager (LEM) > Create ndepth FIM File Audit Alert Search

Create ndepth FIM File Audit Alert Search

Table of contents

Updated: November 3, 2016

Overview

This article describes how to create a nDepth search for FIM related data.

 

Environment

  • LEM version 6.x

Detail

1. Log in to LEM console.

2. Click Monitor tab.

3. Click Explore > nDepth.

4. In nDepth panel, click Event Groups > File Audit Alerts.

5. From the Fields: File Audit Alerts drag EventInfo and then DetectionIP, to look something like the one below:

 

6. Click Search button on the top right (blue play button as shown below) after selecting small period example 1 hours or last. Change the sample interval to a custom date range. The longer the date range is, the more time it will take for the data to pull depending on how many files/folders FIM was monitoring.

 

Refer to How to create filter for FIM data if you like to create a filter for FIM.

This article about FIM Related Windos Event ID's might also help with search and reporting.

 
Last modified

Tags

Classifications

Public