Submit a ticketCall us

Don’t fall victim to a ransomware attack
Backups are helpful, but sometimes that’s not enough to protect your business against ransomware. At our live webcast we will discuss how to protect against ransomware attacks with SolarWinds® Patch Manager and how to leverage log data to detect ransomware. Register now for our live webcast.

Home > Success Center > Log & Event Manager (LEM) > Exclude Windows Update from Ndepth search

Exclude Windows Update from Ndepth search

Table of contents
Created by Randall Harwood, last modified by MindTouch on Jun 23, 2016

Views: 11 Votes: 0 Revisions: 4

Overview

This article describes how to exclude Windows Update from Ndepth search.

Environment

All LEM versions

Steps

A few things to try to exclude windows updates from this rule.

  1. Find an event in LEM that is triggered by the Windows Update.
  2. Look for anything unique that can be used in the rule to negate this behavior.
    For example, in eventinfo you might see something that says Microsoft Windows Update.  EventInfo: Microsoft Windows Update.
  3. You can use this in the rule by adding something like the below inside the rule:
    SoftwareInstall.EventInfo (Does not Equal - Equal sign with a line through it) *Microsoft Windows Update*
  4. This will exclude anything that had that in the event info for this rule.

 

Last modified
20:00, 22 Jun 2016

Tags

Classifications

Public