on-call recurrance
I'm setting on call schedules that cover one week. Everything looks good on the calendar. I then select the "recur" - weekly - every 5 weeks starting with monday. My hope is that it will just repeat...
View ArticleRe: Link on a Custom Query resource (SWQL) ?
The Custom Query resource does not have export capability, but if you can write a SWQL query to get the data you want it is not hard to get a .csv file through other methods. You can use SWQL Studio...
View ArticleRe: Incomplete MIB for Cisco Small Business LAN switch
The MIB Database is used for only setting up the UnDPs, and for incoming Trap Messages. Since already know the OID for the data you want to poll, you do not need to have the corresponding MIBs in the...
View ArticleRe: AuthFailures from network devices
The Network Devices are currently Configured to send out Authentication Traps when they start every SNMP Polling. Please apply "no logging snmp-authfail" to all network Devices to not have them send...
View ArticleRe: To Log Or Not To Log: That Is The Question
cahunt Agreed that the available information of majority malicious activities was IP address and time of activities. If on network of dynamic addressing, we need current or historic data from DHCP,...
View ArticleRe: To Log Or Not To Log: That Is The Question
ecklerwr1 With regulations such as HIPAA or PCI, the teams not only have to come up with what/where/how much to log, but also need to set up mechanisms to follow the retention policies. Things always...
View ArticleClik here to view.
Re: To Log Or Not To Log: That Is The Question
matt.matheus In case of have a non-techical security officer, it's up to the engineering team to advise and to provide support. I understand sometimes it's not that easy and you hope that the security...
View ArticleRe: Unable to edit or create new alert for universal poller
Hopefully this will help someone out in the future. I was able to resolve this by running the Advanced Alert Manager as an Administrator. After this I was able to edit the existing alert and create...
View ArticleRe: To Log Or Not To Log: That Is The Question
ecklerwr1 With Splunk, how do you determine what should and should not send to Splunk? Do you need to store the normalized data or the raw data?
View ArticleRe: LEM to monitor for Network Policy Server errors?
Figures, after I submit this question I figured out the answer myself. In nDepth I created this search: ( "Event Name" = UserAuthAudit ) AND ( ( "Event Name" = UserAuthAudit ) AND ( EventInfo =...
View ArticleRe: Access Points on Down Status
Add this to your query. Then, set Status under Field Formatting tab to Icon and IconType to Status. CASE NPM_NV_WL_ALERT_APS_V.Status WHEN '0' THEN 'Unknown.gif' WHEN '1' THEN 'Up.gif'...
View ArticleRe: To Log Or Not To Log: That Is The Question
Jfrazier It's wonderful that you can have a separate administrative domains of information security and of equipment / application health monitoring. It is very clever, I would say. Apparently your...
View ArticleRe: Orion SDK Information
I don't know what version of Orion you have, but if you have the latest, with some javascript/jquery you should be able to do a http post to https://<orion...
View ArticleRe: To Log Or Not To Log: That Is The Question
Kurt H You are right. Not only the manpower, but also the resource overhead. The InfoSec folks would tell you that for forensics purposes, critical and warning items are not enough.
View ArticleRe: To Log Or Not To Log: That Is The Question
*smile* Radioteacher You are a lucky one. Everyone wants to works in such a healthy environment.
View ArticleRe: To Log Or Not To Log: That Is The Question
It is separation of duties, part of the ITIL framework. The challenge is the culture change to implement. But if done right allows for the various groups to concentrate on their core strengths and...
View ArticleClik here to view.
Gold Car Monitoring
Hello all, I am trying to figure out a way to run a report on the current gold car settings on our routers but am striking out. We have a pretty diverse WAN environment ranging from a single T1 to...
View ArticlePatch Management solutions for Linux Servers?
Are there any plans to develop a Patch Management tool for Linux Server?
View ArticleRe: WHD End User\Technician Guide
How a tech would go about using the software, cover general items likeCreating ticketsUpdating ticketsLinking assets to ticketsUsing the various menu options For the Client guide, It would cover the...
View ArticleDeploy Custom Dameware MSI package using PSexec
Yes, I just started using Dameware MRC. I created a custom MSI file to deploy. I can run the file on a workstation and it works fine.. Now I need some assistance on running that file on a remote...
View Article