Submit a ticketCall us

Get a crash course on Network Monitoring delivered right to your inbox
This free 7-day email course provides a primer to the philosophy, theory, and fundamental concepts involved in IT monitoring. Lessons will explain not only how to perform various monitoring tasks, but why and when you should use them. Sign up now.

Home > Success Center > Log & Event Manager (LEM) > PCI Compliance and Log and Event Manager

PCI Compliance and Log and Event Manager

Created by Jason Dee, last modified by Jason Dee on Apr 11, 2017

Views: 455 Votes: 0 Revisions: 8

Updated April 11, 2017

Overview

This article details how LEM can address PCI auditing requirements.

 

Environment

  • All versions of LEM 
  • PCI Compliance auditing

Detail

SolarWinds Security Information Management in the Payment Card Industry is a SolarWinds whitepaper on how you can use LEM to meet PCI requirements.

FAQ

Q: Does the LEM virtual appliance support installing an anti-virus client?

A: No. The LEM is a self-contained, hardened Linux virtual appliance which doesn't allow outside software to be installed on it.

 

Q: Is there a user-configurable firewall on the appliance itself?

A: No. There is a firewall on the Linux OS level, but the OS level is only accessible by SolarWinds Support.

 

Q: Is it possible to remove data from or delete the LEM database?

A: Being a security appliance used frequently for compliance and auditing reasons, LEM is designed so that it is not possible to remove any part of the database without root access which only SolarWinds Supports has access to.

 

Q: Can LEM notify me if monitoring stops?

A: Yes, there are several rule templates you can clone and configure that can alert you via email if a LEM Agent goes offline, if there is a database connection issue, etc. Go to Build > Rules, expand Rule Categories & Tags > Devices, and look under Manager for appliance monitoring rules and under Operating Systems for Agent monitoring rules.

 

The LEM is not able to notify you if your devices stop sending syslog events, but you can verify how long it has been since each node in your system sent its most recent event. You will find that in the Node Health widget in Ops Center.

 

 

Last modified
08:27, 11 Apr 2017

Tags

Classifications

Public