Submit a ticketCall us

Webinar: Web Help Desk for HR, Facilities and Accounting Departments
This webinar will focus on use cases for HR, Facilities and Accounting.

Having a unified ticketing and asset management system for all the departments in your company can provide end-users with a seamless experience and make things easier for your IT team. Yet, with different business tasks and objectives, many departments don’t fully understand the capabilities of Web Help Desk and how the software can be customized for effective use in their departments.
Register Now.

Home > Success Center > Log & Event Manager (LEM) > LEM Rule for when users connect to a specific website

LEM Rule for when users connect to a specific website

Created by Craig O’ Neill, last modified by MindTouch on Jun 23, 2016

Views: 57 Votes: 1 Revisions: 4

Overview

This article provides information about the LEM Rules when a user connects to a specific website.

Environment

All versions of LEM

Information

Perform an nDepth query for the following criteria:

WebTrafficAudit.URL CONTAINS /ENTER_URL_HERE/

 

If this returns the expected results, build a new rule and set the correlation to the same as the above. Specify a correlation time and appropriate action.

For more a more further detailed procedure, click HERE.

 

To check the WebTrafficAudit: 

Go to ResourceAudit > NetworkAudit > ApplicationTrafficAudit > WebTrafficAudit.

 

WebTrafficAudit alerts reflect application-layer data related to web services. Included in WebTrafficAudit are client and server web events from web servers, web applications, content filter related events, and other web services.

WebTrafficAudit alerts generally indicate normal traffic, however, alerts of this type could also be symptoms of inappropriate web usage, potential abuse of web services, or other abnormal traffic.

 

 

Last modified
20:14, 22 Jun 2016

Tags

Classifications

Public