Submit a ticketCall us

Don’t fall victim to a ransomware attack
Backups are helpful, but sometimes that’s not enough to protect your business against ransomware. At our live webcast we will discuss how to protect against ransomware attacks with SolarWinds® Patch Manager and how to leverage log data to detect ransomware. Register now for our live webcast.

Home > Success Center > Log & Event Manager (LEM) > Vista Alert detected with NT Security Connector

Vista Alert detected with NT Security Connector

Created by Randall Harwood, last modified by Aileen de Lara_ret on Jun 24, 2016

Views: 33 Votes: 1 Revisions: 5

Overview

This article provides brief information and steps to resolve the issue when Vista Alerts are detected with NT Security Connector alerts under LEM Internal Events.

Environment

All LEM versions 

Cause

The issue is caused when picking up Vista OS or later security events with an XP or older security connector.

Resolution

1. Identify the Detection Ip of the Machine that is providing the alert.

2. Go to Manage > Nodes.

3. Select the Gear to the LEFT of the target Machine.

4. After selecting the Gear, choose Connectors.

5. Select the configured box. You should see the Windows NT/2000/XP Security Log connector running.

6. Stop the Connector.

7. Delete the Connector.

8. Uncheck Configured.

9. Search for Windows 7/2008/Vista Security Log.

10. Select the gear next to the Windows 7/2008/Vista Security Log.

11. Choose New.

12. Start the Windows 7/2008/Vista Security Log connector.

 

You should no longer see Vista Alert Detected with NT Security Connector alerts under LEM Internal Events.

 

 

 

Last modified
00:42, 24 Jun 2016

Tags

Classifications

Public