Submit a ticketCall us

Training Class Getting Started with SolarWinds Backup - February 28

This course offers customers an introduction to SolarWinds Backup, focusing on configuring the backup technology, taking backups, data restoration and data security. It is a great primer and will get you up to speed quickly on SolarWinds Backup.
Register for class.

Home > Success Center > Log & Event Manager (LEM) > Vista Alert detected with NT Security Connector

Vista Alert detected with NT Security Connector

Created by Randall Harwood, last modified by Tim Rush on Sep 26, 2017

Views: 794 Votes: 1 Revisions: 6


The wrong connector is being used to read the Windows security event log, and LEM is not saving the Windows security events to the database.
This article provides brief information and steps to resolve the issue when the LEM GUI-console displays "Vista Alerts are detected with NT Security Connector" alerts under Monitor tab > 'Internal Events'.


All LEM versions 


The issue is caused when the Agent is installed on Windows Vista and newer computers, and the incorrect 'older' Security Event log connector is selected (only used for Windows 2000, XP, 2003).
This could also happen if configuring a Connector Profile (under Build > Groups), and selecting the incorrect connector for the security event log. All computers listed under the profile would be affected, and produce the error.
LEM connector name for newer Windows operating systems is "Vista Security".


1. Identify the Detection Ip of the Machine that is providing the alert.

2. Go to Manage > Nodes.

3. Select the Gear to the LEFT of the target Machine.

4. After selecting the Gear, choose Connectors.

5. Select the configured box. You should see the Windows NT/2000/XP Security Log connector running.
     (or uncheck 'configured', then search for 'security log'. "Vista Security" is used for Windows 7/8/10/2008/2012/2016, and "Windows NT/2000/XP Security Log" is used for 2000/XP/2003.)

6. Stop the Connector.

7. Delete the Connector.

8. Uncheck Configured.

9. Search for Windows 7/2008/Vista Security Log.

10. Select the gear next to the Windows 7/2008/Vista Security Log.

11. Choose New.

12. Start the Windows 7/2008/Vista Security Log connector.


You should no longer see Vista Alert Detected with NT Security Connector alerts under LEM Internal Events.




Last modified