Hide this message
Looking to compare latest NPM features with previous versions of NPM?
The NPM new feature summary offers a comparison of new features and improvements offered with this release.
After your LEM agents are installed on your monitored nodes, you can view all monitored events in the All Events grid located in the Monitor view. This view provides real-time monitoring of all normalized LEM events.
In the Monitor view, you can:
To view all monitored events:
All monitored events display in the All Events grid. The DetectionIP column lists the device IP address or hostname that sent the event.
Click Pause in the toolbar to stop the event stream.
The Event Details pane lists the descriptions and details for each event. After you view the event details, you can create a filter that displays all events with the same name in the grid. Use this feature to monitor similar events that may lead to a problem.
When you select an event in the grid, the event details display in the Event Details window. You can view information about the event to help you decide if this is a malicious event that requires an event filter for further investigation.
Select an event in the All Events grid.
View the event details in the Event Details pane.
The event description provides an in-depth description of each event and how they can impact your corporate network.
Click to display the Event Description view. You can use this information to decide whether to set up a filter for this event for further investigation. Click to return to the Event Details view.
If an event displays in the All Events grid that requires additional research, you can create an event filter that displays all similar events in the grid. This process can help you decide if an event requires additional maintenance or security measures to support your corporate IT policy.
To monitor identical event names (for example,
MachineLogon), select the name in the Event Details pane and click to create a filter. LEM filters all incoming events and displays only the filtered event in the grid.
To return to viewing all events, click the Overview drop-down menu in the Filters pane and select All Events.
After you configure your syslog and agent nodes, you can generate a test event to ensure the event displays in the All Events grid. This process helps you verify that your LEM deployment is functioning properly
To generate an example event, restart a Windows service that does not impact a running application (such as Print Spooler). The event will appear in the All Events grid.