Documente Academic
Documente Profesional
Documente Cultură
Contents
Table of Contents
Chapter 1: Introduction
Chapter 3: Requirements
8
9
9
10
11
11
15
16
ii
Contents
18
19
21
21
21
21
22
22
22
23
24
iii
Chapter 1: Introduction
SolarWinds Log & Event Manager (LEM) is a state-of-the-art virtual appliance that
adds value to existing security products and increases efficiencies in
administering, managing and monitoring security policies and safeguards on your
network.
SolarWinds LEM is based on brand new concepts in security. You can think of it
as an immunity system for computers. It is a system that is distributed throughout
your network to several points of presence that work together to protect and
defend your network. SolarWinds LEM responds effectively with focus and speed
to a wide variety of threats, attacks, and other vulnerabilities.
SolarWinds LEM collects, stores and normalizes log data from a variety of
sources and displays that data in an easy to use desktop or web console for
monitoring, searching, and active response. Data is also available for scheduled
and ad hoc reporting from both the LEM Console and standalone LEM Reports
console.
Some common use cases for SolarWinds LEM include the following:
l
Correlating network traffic from a variety of sources using filters and rules.
l
l
The LEM Virtual Appliance collects and processes log and event
information. The virtual appliance is a virtual image of a Linux-based
physical computer. Deploy the LEM Virtual Appliance using either the
VMware vSphere or Microsoft Hyper-V client.
The LEM Console is an interface to the LEM Virtual Appliance. This
interface is deployed on the web or on a desktop. The LEM Web Console is
available in a web browser after you deploy the LEM Virtual Appliance. The
LEM Desktop Console is an Adobe AIR-based console that requires a
separate installation on your desktop.
The LEM Reports Console allows you to create reports and schedule
when you to run those reports. The LEM Reports Console is separate
installation on your desktop or laptop computer.
5. Open the LEMWeb Console or install the LEM Desktop Console on your
computer.
6. Install and activate the LEM license to move from an evaluation to a
production deployment.
7. Install the LEM Reports Console on your computer.
Chapter 3: Requirements
Different sized installations may require greater or fewer resources. For detailed
information on sizing and resource requirements, refer to the "Requirements"
section of the Log & Event Manager Deployment Guide.
Before installing, always make sure your hardware and software meet
the minimum requirements.
Requirements
l
CPUspeed
2 GHz
Memory
8 GB
Chapter 3: Requirements
Requirements
Windows Vista
Windows 7
Windows 8
CPUSpeed
Memory
1 GB
5 GB
Environment
Variables
Desktop console
Adobe Air 18
Requirements
Flash Player 15
l
The default deployment of the LEM Virtual Appliance uses swi-lem as the
hostname and tries to pull network configurations from the DHCP server. The
hostname and IP address can be changed after completing deployment.
By default, LEM deploys with 8 GB of RAM and 2 CPUs on both vSphere and
Hyper-V platforms.
https://<insert IP Address
here>
https://<insert IP Address
here>:8443/lem
reservations, and storage and the Log & Event Manager Deployment Guide
for information. on configuring resource reservations for a large deployment.
7. Select the SolarWinds Log & Event Manager virtual appliance.
8. Start the virtual appliance and connect to it..
9. Write down the IP Address that displays after the virtual appliance starts up.
10. To start the LEM web console, launch a web browser and enter the Web
Console URL shown in the Console screen.
Connecting through the LEM Web Console in a web browser after installing
the LEM Virtual Appliance. No additional installation is required.
Installing, configuring connectivity, and then connecting through the
LEMDesktop Console. This installation is optional. See Installing the LEM
Desktop Console for more information.
10
11
12
IP Address
Subnet Mask
Gateway
13
14
15
Chapter 6: Installing and configuring additional software for accessing the LEM
16
17
18
Description
Platform
CPU Reservation
Number of CPUs
Memory Allocation
Displays the maximum amount of memory the Manager can use. Set this value at or above the reservation value. Defined this value in the VM
configuration. Setting memory allocation to a greater
value than the memory reservation has little effect on
LEM performance.
Memory Reservation
19
Description
this system. Reserving memory ensures enough system memory is available when needed.
Status
Name
Type
Version
IP Address
Port
20
The Configured amount must be at least the same value or higher than
the reservation. You may see memory reservations as high as 256 GB
of RAM for customers over 150 million events per day.
Or verify the reservations using the SSH client:
1. Open a PuTTY session.
2. Enter the manager menu.
3. Enter the viewsysinfo command.
4. View the CPU > Reservation and the Memory > Reservation.
Static ram set to 8 GB, 16 GB, 24 GB, 32 GB, 64 GB, 128 GB, 256 GB
21
22
http://downloads.solarwinds.com/solarwinds/Release/LEM/SolarWindsLEM-v6.0.1-CrystalReportsRuntime.zip.
2. Extract the installer file(s) and place each installer on the local hard drive on
the computer that the reports console will be installed on.
3. Run the Crystal Runtime Installer first.
a. Right-click the installer and select Run as administrator to launch the
install.
b. Follow the installer instructions.
4. Run the LEM Reports installer.
a. Right-click the installer and select Run as administrator to launch the
install.
b. Follow the installaler instructions.
You are now finished installing LEM Reports.
For information on troubleshooting installation issues, see the LEM Reports
Troubleshooting Guide.
23
24