Submit a ticketCall us

Looking to compare latest NPM features with previous versions of NPM?
The NPM new feature summary offers a comparison of new features and improvements offered with this release.

 

Home > Success Center > Log & Event Manager (LEM) > SolarWinds LEM Quick Start and Deployment Guide > Collect log data

Collect log data

Created by Caroline Juszczak, last modified by Caroline Juszczak on Aug 05, 2016

Views: 86 Votes: 0 Revisions: 1

You can configure Log & Event Manager to receive syslog data from non-agent devices (such as switches, routers, and firewalls) or event log data from Windows servers running the LEM agent. Log & Event Manager uses the connector to translate (or normalize) the raw log data into a supported format that displays in the LEM console. You must associate a connector to a support device or log source to collect syslog data.

If your log sources are located behind firewalls, see SolarWinds LEM port and firewall information to open the necessary ports or the SolarWinds Port Requirements for SolarWinds Products Guide for a list of all ports required to communicate with LEM.

View monitored events and details

You can view all monitored events in the All Events grid located in the Monitor view. This view provides real-time monitoring of all normalized LEM events.

Click Pause in the toolbar to pause the event stream.

File:Success_Center/Reusable_content_-_InfoDev/LEM/LEMQuickStart/0D0/lem_qsg_all_events_grid.png

When you select an event in the grid, the event details display in the window. You can view information about the event so you can take the appropriate action.

File:Success_Center/Reusable_content_-_InfoDev/LEM/LEMQuickStart/0D0/lem_qsg_event_details.png

Filter events

To monitor identical event names (for example, TCPTrafficAudit), select the name in the Event Details pane and click File:Success_Center/Reusable_content_-_InfoDev/LEM/LEMQuickStart/0D0/lem_qsg_create_a_filter_button.png to create a filter. Log & Event Manager filters all incoming events and displays only the filtered events in the grid.

Click All Events in the FIlters pane to disable the filter and monitor all incoming events.

File:Success_Center/Reusable_content_-_InfoDev/LEM/LEMQuickStart/0D0/lem_qsg_TCP_TrafficAudit_event_details_1003x245.png

Test an event

To generate an example event, restart a Windows service (such as Print Spooler) that does not impact a running application. The event will display in the All Events grid.

 
Last modified
09:10, 5 Aug 2016

Tags

Classifications

Public