Submit a ticketCall us

AnnouncementsAre You “Flying Blind?”

When it comes to your complex IT infrastructure, you want to ensure you have a good grasp of what’s going on to avoid any fire drills that result from guesswork. Read our white paper to learn how proactively monitoring your IT environment can help your organization while giving you peace of mind.

Get your free white paper.

Home > Success Center > Log & Event Manager (LEM) > Log & Event Manager (LEM) Documentation > LEM Administrator Guide > Configure LEM Agents after they are installed

Configure LEM Agents after they are installed

Updated: February 27, 2019

This topic documents LEM Agent configuration tasks.

After installation, the LEM Agent captures log information from sources such as Windows Event Logs, database logs, and local antivirus logs. Additionally, the LEM Agent allows LEM to take specific actions that you can define as rules. You can trigger actions manually from the LEM console using the Respond menu.

View the LEM Agents monitored by each LEM Manager

  1. Open the LEM console. See Log in to the LEM web console or Log in to the LEM desktop console for steps.

  2. Choose Manage > Nodes.

    The Nodes view displays the LEM Agents monitored by each of your LEM Managers.

About the LEM Agent for Windows connectors

The LEM Agent for Windows includes several preconfigured connectors that collect and display data from these systems immediately after you install the LEM Agent. By default, the LEM Agent for Windows includes the following preconfigured connectors:

  • Windows Security Log (for the host OS version)
  • Windows Active Response
  • Windows Application Log
  • Windows System Log

Enable additional connectors to add extra log sources to LEM

Use the following procedure to add additional log sources to your monitored Agent nodes (if desired).

  1. Open the LEM console. See Log in to the LEM web console or Log in to the LEM desktop console for steps.

  2. Click Manage > Nodes, and then select the node you want to configure.

  3. Click  and select Connectors.

  4. In the Connectors grid, select a supported device or application to log.

    Enter a keyword in the Search field or click the Category drop-down menu to filter connectors by category.

  5. Click  next to your selected connector and select Enable.

  6. Click Close.

  7. Repeat step 1 through 5 to add additional log sources to your nodes.

Starting with version 6.4, LEM supports the Opsec check point connector with SHA2.

Next steps:

Last modified

Tags

Classifications

Public