Submit a ticketCall us

Looking to compare latest NPM features with previous versions of NPM?
The NPM new feature summary offers a comparison of new features and improvements offered with this release.

 

Home > Success Center > Log & Event Manager (LEM) > LEM Root Password Disclaimer

LEM Root Password Disclaimer

Table of contents
Created by Malik Haider, last modified by Machaelle LaRue on Aug 12, 2016

Views: 108 Votes: 2 Revisions: 11

Overview

This article briefly discusses the requirement for the 'root' password for Log & Event Manager (LEM). and VMAN

Environment

All LEM versions

Detail

Customers that are asking for the root password for either LEM or VMAN will only be provided this info over the phone.  Sending the password through email opens up the customer to certain security risks.  If it is required, support will phone the customer and provide that information after account verification.

 

SolarWinds keeps root access from customers and requests that they use the hardened CMC shell (available through SSH or the virtual machine console) to protect the accuracy and integrity of the log records.

 

LEM root access allows the ability to alter, modify or delete records. 

 

Root access would allow users to tamper with the alert DB. LEM is used in many cases as an auditing platform to satisfy compliance, allowing customers to alter the alert DB would seriously degrade the value of the LEM.

 

In limited circumstances, SolarWinds can provide the root passwords to customers, but it is with the understanding that any changes made to the system with root credentials might make it impossible for us to fix/support future issues.

 

PLEASE NOTE: Verify that this is an acceptable risk for your company and your auditors as this may constitute an unacceptable breach of your particular compliance standard.

 

Last modified
10:29, 12 Aug 2016

Tags

Classifications

Public