Last updated: February 20, 2017
This document summarizes new features, improvements, and fixed issues in LEM 6.3.1, as well as upgrade notes and workarounds for known issues.
This section describes the new features in this release.
LEM now supports Active Directory single sign-on (SSO). When enabled, LEM does not ask users for a user name and password if they are already logged in to Active Directory (AD). Instead, AD authenticates the user in the background, and LEM automatically logs the user in with the appropriate user access rights. User access in the LEM consoles (both desktop and web), as well as the LEM reports console, is based on AD group membership.
To integrate LEM with Active Directory, a keytab file is required. The keytab file is exported from Active Directory and then imported into LEM. LEM uses this file to authenticate users with Active Directory and to enforce user account security. Kerberos authentication ensures that SSO details are securely transmitted between LEM and Active Directory.
See Set up single sign-on (SSO) in LEM in the SolarWinds LEM 6.3 User Guide for more information.
To configure single sign-on
To configure single sign-on in a web browser, open the Admin user interface available at the following URL:
Use the Admin user interface to configure LDAP and SSO connection settings, import the Active Directory keytab file into LEM Manager, and enable or disable local user account access to LEM.
If using a web browser is not possible, you can also configure LDAP and SSO settings by choosing
admin in the CMC management console menu. See the Open the Admin UI in a text browser section for more information.
The CMC Management Console includes an updated top-level menu with the following new commands:
admin CMC command on the main menu to open the Admin user interface in a text browser. Use this screen to make SSO and LDAP configuration changes without a web browser.
Import a keytab file
If you set up SSO using the CMC console, use the
import command on the main menu to import a keytab file into the manager.
Set up SNMP monitoring on the Orion Web Console
snmp CMC command on the
service menu to enable the SNMP Request Service on the LEM appliance. You can configure SNMP version 3 on the LEM appliance to communicate with SolarWinds Network Performance Manager (NPM) through ports 161 and 162. Use this configuration to monitor CPU, memory, and other critical components from the SolarWinds Orion Web Console.
After you enable the service, set up a managed SNMP node in the Orion Web Console and configure an SNMP polling method to monitor the LEM appliance.
Create a disk usage warning when reaching certain set values
diskusageconfig CMC command on the
appliance menu to set up an event in Monitor view that warns you when the partition reaches a predetermined use limit.
Below is an example of the
cmc::appliance > diskusageconfig Current Disk Usage Configuration: # | Partition (filesystem) | Configured limit ================================================ 1 | LEM (/user/local) | 90% 2 | OS (/) | 90% 3 | Logs/Data (/var/) | 10G 4 | Temp (/tmp) | 90% ------------------------------------------------ You can define your disk use limit by the percentage of unavailable disk space (such as 75%) or the amount of free disk space (such as 58G). Enter the partition number you want to change (enter'exit' and press <Enter> to quit:
Set the disk use limit to a percentage of unavailable disk space (such as 90%), or to the minimum required amount of free disk space (such as 58G). When the limit is reached, an
InternalWarning event displays in the Monitor view.
If you set the OS disk partition limit (option #2) to 75%, the following event displays in the All Events grid and in SolarWinds Alerts when the 75% limit is reached:
ManageMonitor Warning! Disk Usage: The OS filesystem is over 75% full!
If you set the OS disk partition limit (option #2) to 5GB, the following event displays in the All Events grid and in SolarWinds Alerts when the 5GB limit is reached:
ManageMonitor Warning! Disk Usage: The OS filesystem has under 5G left!
dbdiskconfigcommand to change the database disk configuration. SolarWinds recommends setting the Logs/Data partition and the database disk configuration to the same value.
Monitor multiple managers in the console
multimanagerconfig CMC command to enable the multimanager feature that lets you manage information in one place by connecting to multiple managers in the console.
Note: If you enable the multimanager feature, some security scanners may generate cross-domain security warnings about the LEM appliance. Keep this feature disabled if it is not required.
See CMC Commands in the SolarWinds LEM 6.3 User Guide for more information.
For information about installing LEM, see the SolarWinds Log & Event Manager Quick Start and Deployment Guide.
If you are upgrading from a previous version, use the following resources to plan and implement your upgrade:
If you are using multimanager, LEM Managers are disconnected after the upgrade to 6.3.1. To reconnect, set multimanagerconfig to True (enabled). Your Flex cache must be cleared (F12 hotkey) to see the change.
LEM 6.3.1 fixes the following issue:
|n/a||Fixed an issue where when a rule fires on 2 or more events the data filled out in actions is empty.|
LEM 6.3.0 fixes the following issues.
|The Event Details pane in the Monitor view now displays accurate information in the |
|LEM is now running Apache Tomcat® version 8 for improved security.|
|LEM will no longer open concealed hyperlinks (clickjacking).|
|Running BlazeDS in a LEM environment no longer generates "out of memory" messages.|
|An issue with the Rapid7 Nexpose Connector was resolved.|
|An issue with the Rapid7 Nexpose Reader was resolved.|
|Rules that include a |
|For improved security, LEM no longer supports the Transport Layer Security version 1 (TLSv1) cryptography.|
|An issue with the Microsoft SQL (MSSQL) Auditor connector was resolved.|
|LEM will no longer lose its connection to the syslog server when you upgrade to version 6.2.0 and change the host name.|
|Installing an AIX agent no longer generates errors or installation issues.|
|To meet the U.S. Department of Defense requirements, LEM now generates an alert when the LEM appliance hard drive capacity reaches 75%.|
|The LEM Console login screen no longer fills unpopulated username and password fields with asterisks (******).|
|An issue with an agent detecting its own IP address was resolved. The agent can properly connect to the manager appliance.|
|An issue with the HyperSQL database was resolved.|
|CVE-2015-3195 - OpenSSL sensitive information leakage|
|CVE-2015-3197 - Possible to use disabled ciphers|
|CVE-2015-3269 - BlazeDS XXE|
CVE-2015-7547 - Critical vulnerability of glibc
|CVE-2016-0703 - Bleichenbacher RSA padding oracle|
|CVE-2016-0777 - OpenSSH sensitive information leakage|
|CVE-2016-0778 - OpenSSH DoS/buffer overflow|
|n/a||Java/RMI deserialization vulnerability|
|CVE-2015-7575, CVE-2015-4835, CVE-2016-0686 - Oracle Java SE Multiple Vulnerabilities|
|n/a||SSH Weak Algorithms Supported|
|CVE-2015-4000 - SSL/TLS Diffie-Hellman Modulus <= 1024 Bits (Logjam)|
|CVE-2015-5174 - Directory traversal vulnerability in RequestUtil.java in Apache Tomcat|
|CVE-2015-5345 - Directory discovery vulnerability in RequestUtil.java in Apache Tomcat|
|CVE-2015-5346 - Session Fixation vulnerability in Tomcat|
|CVE-2015-5351 - CSRF token leak in Tomcat|
|CVE-2016-0706, CVE-2016-0763 - Security manager bypass in Tomcat|
|CVE-2016-0714 - Security Manager bypass via persistence mechanisms|
|n/a||Adobe cross-domain http://www.adobe.com/devnet/adobe-media-server/articles/cross-domain-xml-for-streaming.html|
LEM 6.3.0 and 6.3.1 include the following connectors.
|Barracuda Load Balancer ADC|
|Barracuda SSL VPN|
|Cisco® ISE data not standard syslog|
|Windows® Network Address Translation (WinNAT) Operational log-DirectAccess|
|Base-Filtering-Engine (BFE) Resource Flows Operational log-DirectAccess|
|Applications And Services Logs|
|Windows VMWare® logging|
|Arbor® Networks Peakflow®|
|Cerberus FTP Server|
Issue: The "Login Automatically Next Time" and "Save Credentials" settings are lost after a user logs out of the LEM web console and refreshes the login page (F5).
Work-around: Set up single sign-on. See "Set up single sign-on (SSO) in LEM" for details.
Issue: The LEM console lists computers running Windows Server 2016 as
Windows NT (unknown).
Work-around: None. This issue will be fixed in the next version of LEM.
Issue: Installing the LEM 6.3.1 Windows agent installer on Windows Server 2016 results in an error.
Work-around: To install the agent on Windows Server 2016, run the remote agent installer from another machine that is not running Windows Server 2016.
Issue: When you run the 6.3.1 HP-UX agent installer, you may receive unexpected results.
Work-around: Install the agent using the 6.2.1 HP-UX agent installer.
Issue: When you open the Reports console and generate a report using an underscore ( _ ) in your search query, the report does not include your search data.
Work-around: Avoid using underscores in your report search queries.
Issue: When you click Build > Users and create a new Admin user, the widget and filter options do not load into their Ops Center and Monitor views.
Work-around: Log out of the console, clear your browser cache, and then log back in to the console.
Issue: When you click Build > Rules and enable or disable a rule, the console redirects you to the All Rules category. The rule status does not change.
Work-around: Refresh the console.
Issue: When you open the Reports console, generate a report, and select a date format, the console generates an error stating that your selected format is not a valid date and time.
Work-around: Use the supported date format. See "Run and schedule reports" in the LEM User Guide for the supported date formats.
Issue: After you install the 6.3.0 HP-UX agent, the system may generate errors.
Work-around: Use Windows File Auditing instead of File Integrity Monitoring (FIM). See your Windows Server operating system documentation for more information.
Issue: If your LEM appliance is connected to a separate database appliance, you cannot generate the following reports in the Reports console:
Workaround: No known workaround. This issue may be resolved in a future release.
Issue: When you install an IronKey™ flash drive into your USB port, USB Defender prevents you from entering a password to access the drive.
Work-around: Disable USB Defender when using an IronKey flash drive.
Issue: When you migrate from legacy to new LDAP users in the LEM Manager and generate a List of Users report in the Reports console, the legacy users appear in the report.
Work-around: Log on to the CMC, open the Manager menu, and restart the Manager Service. This will take the Manager offline for 1–3 minutes.
Issue: When you migrate from a legacy LDAP to a new LDAP configuration, legacy LDAP users do not display in the LEM Console. Additionally, these users are not assigned to subscriptions or email actions to rules after the upgrade.
Work-around: Migrate users to the new LDAP configuration using the following procedure:
Issue: When you upgrade the SolarWinds LEM Desktop Console to version 6.3.0, an error message displays stating that the application cannot be installed due to a certificate problem.
Work-around: Uninstall the current Desktop Console. When you are finished, install Desktop Console version 6.3.0.
Issue: When you connect to the LEM manager using Internet Explorer or the Adobe AIR-enabled desktop console on a workstation running Windows 7, HTTPS is disabled. You can establish an HTTPS connection using Google Chrome or Mozilla Firefox.
Work-around: Install the latest Windows 7 updates or upgrade to the latest supported operating system.
© 2016 SolarWinds Worldwide, LLC. All rights reserved.
This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software and documentation are and shall remain the exclusive property of SolarWinds and its respective licensors.
SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON SOFTWARE AND DOCUMENTATION FURNISHED HEREUNDER INCLUDING WITHOUT LIMITATION THE WARRANTIES OF DESIGN, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
The SolarWinds and other SolarWinds marks, identified on the SolarWinds website, as updated from SolarWinds from time to time and incorporated herein, are registered with the U.S. Patent and Trademark Office and may be registered or pending registration in other countries. All other SolarWinds trademarks may be common law marks or registered or pending registration in the United States or in other countries. All other trademarks or registered trademarks contained and/or mentioned herein are used for identification purposes only and may be trademarks or registered trademarks of their respective companies.