Submit a ticketCall us

Announcing NCM 7.7
With NCM 7.7, you can examine the rules that make up an access control list for a Cisco ASA device. Then you can apply filters to display only rules that meet the specified criteria, order the rules by line number or by the hit count, and much more.
See new features and improvements.

Home > Success Center > Log & Event Manager (LEM) > Vista Alert detected with NT Security Connector

Vista Alert detected with NT Security Connector

Created by Randall Harwood, last modified by Aileen de Lara_ret on Jun 24, 2016

Views: 53 Votes: 1 Revisions: 5

Overview

This article provides brief information and steps to resolve the issue when Vista Alerts are detected with NT Security Connector alerts under LEM Internal Events.

Environment

All LEM versions 

Cause

The issue is caused when picking up Vista OS or later security events with an XP or older security connector.

Resolution

1. Identify the Detection Ip of the Machine that is providing the alert.

2. Go to Manage > Nodes.

3. Select the Gear to the LEFT of the target Machine.

4. After selecting the Gear, choose Connectors.

5. Select the configured box. You should see the Windows NT/2000/XP Security Log connector running.

6. Stop the Connector.

7. Delete the Connector.

8. Uncheck Configured.

9. Search for Windows 7/2008/Vista Security Log.

10. Select the gear next to the Windows 7/2008/Vista Security Log.

11. Choose New.

12. Start the Windows 7/2008/Vista Security Log connector.

 

You should no longer see Vista Alert Detected with NT Security Connector alerts under LEM Internal Events.

 

 

 

Last modified
00:42, 24 Jun 2016

Tags

Classifications

Public