• Save
Unraveling the Mysteries of Log & Event Management: Advanced Training
 

Unraveling the Mysteries of Log & Event Management: Advanced Training

on

  • 1,042 views

For more information on LEM, visit: http://www.solarwinds.com/log-event-manager.aspx ...

For more information on LEM, visit: http://www.solarwinds.com/log-event-manager.aspx

Watch this webcast: http://www.solarwinds.com/resources/webcasts/advanced-training-unraveling-the-mysteries-of-log-and-event-management.html

This session will explore some best practices for monitoring your network and demonstrate how SolarWinds LEM can assist in discovering, reporting, and taking action against inappropriate activities, potential threats and malicious events.

Maintaining insight into our networks and keeping them secure is a fulltime responsibility. Not only can it be difficult to determine what we should be looking for, but when we see it, what can we do about it? Furthermore, how can we do it 24/7/365? SolarWinds Log and Event Manager provides an extremely powerful and flexible solution to those problems and more! Join Sales Engineer Chris Jeffreys and Trainer Gerry “Skeeter” Pond in unraveling the mysteries of log and event management and show you how to use this powerful tool, even when you’re finally getting a few moments of well-deserved sleep.
• Best Practices as to What/Where to Look
• Capturing Network Activities and Events – Filters
• One-Stop Monitoring – Creating an effective LEM dashboard
• On-The-Fly Analysis – Event Explorer and nDepth
• Taking Action against Potential Threats – Active and Reactive
• Reporting – Scheduled and Ad-Hoc

Statistics

Views

Total Views
1,042
Views on SlideShare
1,042
Embed Views
0

Actions

Likes
0
Downloads
0
Comments
2

0 Embeds 0

No embeds

Accessibility

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
  • The Solarwinds Partner / Integrator we used was Tobias International. They are currently the only ones with a team focused on LEM. http://www.tobiassystems.com
    Are you sure you want to
    Your message goes here
    Processing…
  • We just need someone to deploy this for us. Anyone know of a good professional services organization who will help up deploy and integrate the with Cisco ASAs??
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Unraveling the Mysteries of Log & Event Management: Advanced Training Unraveling the Mysteries of Log & Event Management: Advanced Training Presentation Transcript

  • Unraveling the Mysteries of Log and Event Management with SolarWinds LEM FEBRUARY 16, 2012Copyright © 2011, SolarWinds Worldwide, LLC. All rights reserved.
  • Unraveling the Mysteries . . .Hosts: Gerry Pond – Education & Certification Specialist Chris Jeffreys – Sales EngineerProducer: Catherine Jackson Are you Certified?Copyright © 2011, SolarWinds Worldwide, LLC. All rights reserved.
  • Agenda Introductions & Housekeeping Best Practices - What and Where to Look Capturing Network Activities and Events – Filters One-Stop Monitoring – Creating an effective LEM Dashboard On-The-Fly Analysis – Event Explorer and nDepth Taking Action against Potential Threats – Active and Reactive Reporting – Scheduled and Ad Hoc Summary and Q&ACopyright © 2011, SolarWinds Worldwide, LLC. All rights reserved.
  • Housekeeping  Today’s content will range from discussion to demonstration  We only have an hour  Ask questions!!!  Don’t be afraid to ask deeper questions  Don’t wait until the end – ask away  Today’s session is being recorded  Recorded session on SolarWinds.com  Slides available on slideshare.comCopyright © 2011, SolarWinds Worldwide, LLC. All rights reserved.
  • What to Look for and Where  Change Management  Domain Controllers (DC’s)  Change Management Filter  What changes are being made? – Alert Name/EventInfo  Who’s making those changes? – SourceAccount  Are those changes authorized? – Internal PolicyCopyright © 2011, SolarWinds Worldwide, LLC. All rights reserved.
  • What to Look for and Where (continued)  Company Policy Violations  Playing games on company time/equipment  Installing unauthorized software  Individual agents – Process Auditing  Accessing inappropriate websites  Proxy server – WebTrafficCopyright © 2011, SolarWinds Worldwide, LLC. All rights reserved.
  • What to Look for and Where (continued)  Accessing Sensitive Files  Specific file server(s)  FileAuditing ** Data is obtained from logs – LEM does not audit the files themselves **Copyright © 2011, SolarWinds Worldwide, LLC. All rights reserved.
  • What to Look for and Where (continued)  USB Activities  Servers, Critical Agents, Agents  Any alert where ProviderSID = “ *USB* ” Copyright © iStockPhotoCopyright © 2011, SolarWinds Worldwide, LLC. All rights reserved.
  • What to Look for and Where (continued)  Unusual spikes in network traffic  Firewall/Proxy Servers  TCP/UDT/WebTrafficAudit alertsCopyright © 2011, SolarWinds Worldwide, LLC. All rights reserved.
  • One-Stop Monitoring  Filters, filters and more filters  OPS Center Dashboard
  • Reporting  Reports Console  Scheduled reports (including “batch reports)  Ad Hoc reports  nDepth  Export Result Details as a *.csv  Export *.pdf document of all data and graphsCopyright © 2011, SolarWinds Worldwide, LLC. All rights reserved.
  • End of PresentationThank you for attending!To learn more or to download free 30-daytrials of SolarWinds products visit:www.SolarWinds.comFor Log & Event Manager Support:Open a ticket via your customer portal or call toll-free: 866-668-6064P.S. Remember to renew your maintenance!!!Copyright © 2011, SolarWinds Worldwide, LLC. All rights reserved.