Submit a ticketCall us

Have You Auto Renewed? If not, you're missing out.
The SolarWinds Renewal Program comes with a host of benefits including the most recent product updates, 24/7 technical support, virtual instructor-led training and more. Experience all of this with the convenience of Auto Renewal, and never worry about missing any of these great benefits. Learn More.

Home > Success Center > Log & Event Manager (LEM) > PCI Compliance and Log and Event Manager

PCI Compliance and Log and Event Manager

Created by Jason Dee, last modified by Jason Dee on Apr 11, 2017

Views: 925 Votes: 0 Revisions: 8

Updated April 11, 2017

Overview

This article details how LEM can address PCI auditing requirements.

 

Environment

  • All versions of LEM 
  • PCI Compliance auditing

Detail

SolarWinds Security Information Management in the Payment Card Industry is a SolarWinds whitepaper on how you can use LEM to meet PCI requirements.

FAQ

Q: Does the LEM virtual appliance support installing an anti-virus client?

A: No. The LEM is a self-contained, hardened Linux virtual appliance which doesn't allow outside software to be installed on it.

 

Q: Is there a user-configurable firewall on the appliance itself?

A: No. There is a firewall on the Linux OS level, but the OS level is only accessible by SolarWinds Support.

 

Q: Is it possible to remove data from or delete the LEM database?

A: Being a security appliance used frequently for compliance and auditing reasons, LEM is designed so that it is not possible to remove any part of the database without root access which only SolarWinds Supports has access to.

 

Q: Can LEM notify me if monitoring stops?

A: Yes, there are several rule templates you can clone and configure that can alert you via email if a LEM Agent goes offline, if there is a database connection issue, etc. Go to Build > Rules, expand Rule Categories & Tags > Devices, and look under Manager for appliance monitoring rules and under Operating Systems for Agent monitoring rules.

 

The LEM is not able to notify you if your devices stop sending syslog events, but you can verify how long it has been since each node in your system sent its most recent event. You will find that in the Node Health widget in Ops Center.

 

 

Last modified

Tags

Classifications

Public