Submit a ticketCall us

Don’t fall victim to a ransomware attack
Backups are helpful, but sometimes that’s not enough to protect your business against ransomware. At our live webcast we will discuss how to protect against ransomware attacks with SolarWinds® Patch Manager and how to leverage log data to detect ransomware. Register now for our live webcast.

Home > Success Center > Log & Event Manager (LEM) > LEM detecting incorrect event types or not parsing events properly

LEM detecting incorrect event types or not parsing events properly

Created by Jason Dee, last modified by MindTouch on Jun 23, 2016

Views: 25 Votes: 0 Revisions: 5

Overview

This article describes the issue  when your LEM is generating mismatched or the wrong type of events - or events that should clearly be a different event type. You may also see that the fields are not parsing properly in your events or that the original event included information that the LEM event doesn't have.

Environment

All versions of LEM

Cause 

This can be caused by outdated connectors on your LEM or the current connector isn't parsing data properly.

Resolution

The first thing to do is to make sure you are running on the latest connector revisions. See Updating LEM Connectors.

 

If you are running the latest connectors and still experiencing the issue, open a ticket with SolarWinds Support for further assistance. Please be prepared to provide the following once you are in touch with a representative:

  • For syslog devices: a sample of the logs currently being sent to LEM for the affected connector. See Export log files using the CMC exportsyslog command
  • For Windows connectors: A copy of the entire event log in .evtx format, and specify English when requested for the language option
  • For database connectors (required): A sample of the event table containing the events not being read, along with details about those events
  • For database connectors (optional): If possible, the schema for the database.

 

 

Last modified
20:12, 22 Jun 2016

Tags

Classifications

Public