Lem 6 3 1 Installation Guide 3g3z5n

INSTALLATION GUIDE

Log & Event Manager Version 6.3.1

Last Updated: Tuesday, October 24, 2017 Retrieve the latest version from: https://.solarwinds.com/Success_Center/Log_Event_Manager_(LEM)/LEM_Documentation

Copyright © 2017 SolarWinds Worldwide, LLC. All rights reserved worldwide. No part of this document may be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the written consent of SolarWinds. All right, title, and interest in and to the software and documentation are and shall remain the exclusive property of SolarWinds and its respective licensors. SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS OR OTHER , EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON SOFTWARE AND DOCUMENTATION FURNISHED HEREUNDER INCLUDING WITHOUT LIMITATION THE WARRANTIES OF DESIGN, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. The SOLARWINDS and SOLARWINDS & Design marks are the exclusive property of SolarWinds Worldwide, LLC and its s, are ed with the U.S. Patent and Trademark Office, and may be ed or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks, ed or pending registration in the United States or in other countries. All other trademarks mentioned herein are used for identification purposes only and may be or are trademarks or ed trademarks of their respective companies.

page 2

Table of Contents LEM installation overview

6

How LEM works

7

Audit reports

7

Integration with SolarWinds products

7

About the LEM components that make up a typical deployment

8

Overview

8

About the LEM Manager component

9

About the LEM Agent

9

About Network devices

10

About the LEM reports application

10

LEM deployment examples

11

Simple deployment example

11

Complex deployment example with multiple syslog servers

12

Complex deployment example with multiple LEM VMs

13

Choose a licensing method for your LEM deployment

15

About LEM licensing

15

Licensing an evaluation version of LEM

15

LEM 6.3.1 system requirements

17

Sizing criteria

18

LEM VM hardware requirements

19

LEM software requirements

20

LEM Agent hardware and software requirements

21

LEM reports application hardware and software requirements

22

LEM port requirements

23

LEM pre-installation checklist

page 3

24

INSTALLATION GUIDE: LOG & EVENT MANAGER

Prepare the server environment

25

LEM

26

Install LEM on the hypervisor

27

Install SolarWinds LEM on Microsoft Hyper-V

28

Install SolarWinds LEM on VMware vSphere

31

Install LEM Agents to protect servers, domain controllers, and workstations Deploying the LEM Agent Deploying the LEM Agent to multiple Windows computers in an enterprise environment LEM Agent pre-installation checklist: Prepare to deploy LEM Agents

33 34 34 35

LEM Agent installer requirements

35

Antivirus recommendations

35

the LEM Agent installers

36

To a LEM Agent installer from the LEM console

36

To a LEM Agent installer from the SolarWinds Customer Portal

36

Install the LEM Agent on Linux and Unix

37

Installation notes for the Linux Agent installer

37

Run the LEM Agent Installer on Linux or Unix

37

To uninstall the LEM Agent on Linux or Unix

38

Install the LEM Agent on Mac OS X 10.7 and later

39

Installation notes for the Mac OS X installer

39

Run the LEM Agent Installer on Mac OS X

39

To configure the LEM Agent as a Mac OS X service and set it to start automatically

40

To start the LEM Agent on Mac OS X manually

40

Run the LEM Remote Agent Installer non-interactively for large Windows deployments Installation notes for the Remote Agent Installer

41

Run the LEM Agent installer for Windows

42

Run the LEM Local Agent Installer non-interactively for large Windows deployments Installation notes

page 4

41

43 43

Create a setup file for the Local Agent Installer

44

Configure a custom installer.properties file

44

Run the Local Agent Installer non-interactively

45

the LEM Agent connection Install the LEM 6.3.1 optional add-on applications Install the LEM reports application

47 48

Pick a suitable host for the reports application

48

Install the LEM reports application

49

Install the LEM reports application provided in the LEM distribution package

49

Install the LEM reports application files ed from the Customer Portal

49

Connect the LEM reports application to your LEM database Install the LEM desktop console

page 5

46

49 52

Install Adobe Air Runtime for Windows

52

Install the LEM desktop console

52

Configure the LEM desktop console after you install it

53

Resolve the Hostname

53

INSTALLATION GUIDE: LOG & EVENT MANAGER

LEM installation overview In this section:

  • How LEM works • About the LEM components that make up a typical deployment

7 8

• LEM deployment examples

11

• Choose a licensing method for your LEM deployment

15

page 6

How LEM works SolarWinds LEM collects log data in your corporate network from two resources:

 l Agents – An Agent is a software application that collects and normalizes log data before it is sent to the LEM Manager.  l Non-Agent devices – These are devices that send log data directly to the LEM Manager for normalization and processing. After normalization, LEM Manager processes the data. The LEM Manager policy engine correlates the data based on -defined rules and local alert filters, and initiates the associated actions when applicable. These actions can include:

 l Notifying s through the console or by email  l Blocking an IP address  l Shutting down or rebooting a workstation  l ing alerts to the LEM database for future analysis and reporting within the Reports application You can install Agents on workstations, servers, and other network devices. Agents can send log data from security products (such as antivirus software and network-based intrusion systems) on each device to the LEM virtual appliance. If you cannot install an Agent on a device (such as firewalls and routers), you can configure the device to send log data to the LEM Manager for normalization and processing. If your change management process does not permit adding any additional syslog servers to the network device configurations, you can leverage your existing syslog servers.

Audit reports You can generate reports against your Log & Event Manager database using the LEM reports console installed on a ed server. Using the console, you can schedule and execute over 300 audit reports. If your corporate security policy restricts access to sensitive reports, you can configure your LEM Appliance to restrict access to the console by IP address. During the 30-day evaluation period, you can install the console on any server or workstation that can access port 9001 in the LEM Manager. You can also export reports to multiple formats, including TXT, PDF, CSV, DOC, XLS, and HTML.

Integration with SolarWinds products Additional SolarWinds solutions such as Network Performance Monitor (NPM), Server & Application Monitor (SAM), and Virtualization Manager (VMan) can send performance alerts as SNMP Traps to the LEM Manager to correlate performance alerts with LEM events. LEM uses additional data collection tools such as Web Services and SNMP traps. Customer Service for more information about integrating LEM into your corporate enterprise.

page 7

INSTALLATION GUIDE: LOG & EVENT MANAGER

About the LEM components that make up a typical deployment This topic describes the software components that make up a typical SolarWinds LEM deployment. Review this topic to get a better understanding of how LEM should be deployed on your network. This topic includes the following sections:

  • Overview

8

• About the LEM Manager component

9

• About the LEM Agent

9

• About Network devices

10

• About the LEM reports application

10

Overview The following illustration shows the software components, log files, and network protocols in a typical SolarWinds LEM deployment.

page 8

A complete LEM installation includes the following components:

 l The LEM Manager (or LEM VM), which collects and processes log and event information. This component is installed first.  l The desktop software or web client (not shown) that allows you to view LEM information from a desktop or laptop computer.

About the LEM Manager component Originally, LEM was sold as a physical appliance that you deployed on your network. Today, the LEM Manager is the virtual image of a Linux-based appliance. The LEM Manager VM (virtual machine) can be easily deployed on a host computer running a VMware® or Microsoft® hypervisor. The LEM documentation uses the term virtual machine (or VM) to refer to the LEM virtual appliance that runs on the hypervisor. The LEM Manager collects and processes log and event information. It includes the following systems and services:

 l Hardened Linux® OS  l Syslog Server and SNMP Trap Receiver  l High compression, search-optimized database  l Web server  l Correlation engine

About the LEM Agent The LEM Agent is installed on workstations, servers, and other network devices. It collects and normalizes log data in real time before it is sent to the LEM Manager. It also collects security data such as Windows Event Logs, a variety of database logs, and local antivirus logs on each device and transmits that data over T to the LEM Manager. The LEM Agent has a small footprint on the device and prevents log tampering during data collection and transmission. You can also use the LEM Agent with devices that syslog. The Agent transmits syslog messages over T to the LEM Manager. T is preferred over UDP because T ensures messages arrive intact. The LEM Agent provides the following benefits:

 l Captures events in real-time.  l Encrypts and compresses the data for efficient and secure transmission to the LEM Manager.  l Buffers the events locally if you lose network connectivity to the LEM Manager.

page 9

INSTALLATION GUIDE: LOG & EVENT MANAGER

About Network devices The following table lists some network resources that provide input to LEM Manager.

NETWORK RESOURCE

LEM INPUT

Network Device log sources (such as routers, firewalls, and switches

Syslog messages

Servers and applications

LEM Agent data

Microsoft® Windows® Workstations

LEM Agent data

SolarWinds NPM

SNMP traps (performance alerts)

SolarWinds SAM

See "Enable LEM to receive SNMP traps by turning on

SolarWinds Virtualization Manager (VMan)

the SNMP Trap Logging Service" in the

LEM  Guide for details.

LEM accepts device input using the T and UDP protocols:

 l Network devices use T or UDP to send syslog events to the LEM Manager.  l LEM Agents installed on servers and workstations use T to push data to the LEM Manager.  l SolarWinds Orion/VMan server instances (including NPM and SAM) send SNMP traps over UDP to the LEM Manager.

About the LEM reports application You can install the LEM reports application on a networked server to schedule and execute over 300 auditproven reports. For added security, you can initiate the restrictreports command service to limit s by IP address to run these reports. If you are running LEM in Evaluation Mode, you can install the LEM reports application on any server or workstation that can access port 9001 in the LEM Manager.

page 10

LEM deployment examples This section will help get you started planning your LEM architecture. The examples show different LEM deployment options. This topic includes the following sections:

  • Simple deployment example

11

• Complex deployment example with multiple syslog servers

12

• Complex deployment example with multiple LEM VMs

13

Simple deployment example The following deployment example uses one central syslog server to collect log data from your network devices in a local network. In this deployment, network devices use T or UDP to send syslog data to the LEM Manager's syslog server, whereas LEM Agents running on workstations and servers just use T to push log data to the LEM Manager.

page 11

INSTALLATION GUIDE: LOG & EVENT MANAGER The syslog server receives logs on port 514 and saves the data in the LEM Manager /var/log file partition. Log file names vary based on the target facility configured on the network device. The LEM Manager relies on routers, firewalls, and switches to transmit syslog messages to the syslog server running on the LEM Manager. If your log sources are located behind firewalls, see

SolarWinds LEM port and firewall information to open the necessary ports. For a list of all ports required to communicate with LEM, see the SolarWinds Port Requirements for SolarWinds Products Guide at: https://.solarwinds.com/Success_Center/Network_Performance_ Monitor_(NPM)/Port_requirements_for_all_SolarWinds_products

Complex deployment example with multiple syslog servers The following deployment example uses two syslog servers located in different cities. LEM can capture logs from multiple remote locations across wide area network (WAN) links. Because the LEM Agent includes built-in encryption, compression, and buffering capabilities, this can be done securely and efficiently.

Instead of using the syslog server built in to the LEM Manager component, this design calls for one syslog server per location. When using a detached syslog server, you need to install a LEM Agent on each detached server, and then enable the appropriate connectors on the LEM Agent. Following configuration, the LEM connectors normalize raw log messages into LEM events. If you cannot add new logging hosts on your network devices due to restrictive change management processes, consider implementing this multi syslog server deployment example to leverage your existing syslog servers.

page 12

Complex deployment example with multiple LEM VMs To increase performance, you can divide LEM's workload across multiple LEM VMs. Each VM can be configured to provide dedicated processing for tasks such as:

 l Management and event analysis  l Database storage, search, and reporting  l Log storage, search, and analysis  l Log collection Although multi-VM LEM installations are possible, 98% of all LEM deployments perform well as a single appliance that you can scale up by dedicating additional resources from the virtual host. Each LEM VM can specialize and provide dedicated processing for one or more of the following:

 l Management and event analysis  l Database storage, search, and reporting  l nDepth log storage, search, and analysis  l Log collection The following diagram shows four LEM VM instances. One each for the LEM Manager, syslog collection, the normalized data store, and an optional original data store.

Deploying each LEM VM on separate hardware increases performance. You can also deploy multiple VMs on the same hardware host with minimal negative performance impacts.

page 13

INSTALLATION GUIDE: LOG & EVENT MANAGER LEM allows you to assign resources in different ways based on your organization's needs. For example, you can deploy two LEM Managers, each on a separate VM if your organization has logical divides in management and/or monitoring responsibilities.

In the above example a single LEM console provides a consolidated, real-time search and management view across two LEM VMs.

See also:  l "LEM 6.3.1 system requirements" on page 17

page 14

Choose a licensing method for your LEM deployment This section explains how LEM licenses are assigned. It also discusses how to transition from an evaluation version of LEM to a fully-functional production version. It includes the following sections:

  • About LEM licensing • Licensing an evaluation version of LEM

15 15

For more information, see the following topics in the LEM  Guide:

 l "Install the LEM license using the web console"  l "View LEM license information"  l "Enable LEM license recycling"

About LEM licensing Licensing a Log & Event Manager deployment is based on:

 l The number of universal nodes. Universal nodes include non-agent devices, such as switches, routers, and firewalls, and systems running either a Windows Server or Unix operating system.  l The number of workstation nodes. Workstation nodes include desktop systems that run Windows and the LEM Agent. For example, a LEM deployment that has a LWE250 for LEM30 license can add 250 Windows workstation nodes and 30 universal nodes.

Licensing an evaluation version of LEM If you are evaluating Log & Event Manager, you do not need to apply an activation key to activate the LEM VM. For 30 days, you will have unlimited access to all product features. If you have not purchased and provided a license key after 30 days, the application will stop collecting event logs from your syslog and Agent devices. You can continue using Log and Event Manager in this mode and access your saved logs. Applying a license reactivates event log collection and you can continue monitoring all events in your deployment. If you need to extend your evaluation period, Customer Sales. You can a fully-functional production version by purchasing a new license from Customer Sales and ing the license key from the Customer Portal. After you install the new license key, you can access all features within the LEM appliance.

page 15

INSTALLATION GUIDE: LOG & EVENT MANAGER

You cannot upgrade your license using the SolarWinds License Manager.

page 16

LEM 6.3.1 system requirements Use the following tables to plan your Log & Event Manager deployment to suit your network environment. This topic includes the following sections:

  • Sizing criteria

18

• LEM VM hardware requirements

19

• LEM software requirements

20

• LEM Agent hardware and software requirements

21

• LEM reports application hardware and software requirements

22

• LEM port requirements

23

Server sizing is impacted by:

 l Number of nodes and network traffic. Consider event throughput and performance degradation when planning the size of your deployment. As the number of nodes and network traffic increase, the size of your deployment will need to grow with it. For example, if you are running a small deployment and begin to notice performance degradation at 300 nodes, move to a medium deployment.  l Storing original (raw) log messages in addition to normalized log messages. If you will be storing original log messages, increase the U and memory resource requirements by 50%. See your hypervisor documentation for more information.

page 17

INSTALLATION GUIDE: LOG & EVENT MANAGER

Sizing criteria Use the following table to determine if a small, medium, or large deployment is best suited to ing your environment.

SIZING CRITERIA Number of nodes

SMALL Fewer than 500 nodes in the following combinations:

 l 5 – 10 security devices

MEDIUM Between 300 and 2,000 nodes in the following combinations:

LARGE More than 1,000 nodes in the following combinations:

 l 10 – 25 security devices

 l 25 – 50 security devices

 l 200 – 1,000 network devices, including workstations

 l 250 – 1,000 network devices, including workstations  l 500 – 1,000 servers

 l 50 – 500 servers

 l 10 – 250 network devices, including workstations  l 30–150 servers Events received per day

5M – 35M events

Rules fired per day

Up to 500

page 18

30M – 100M events

200M – 400M events Note: The most successful large deployments receive up to 250M events per day.

Up to 1,000

Up to 5,000

LEM VM hardware requirements See "Allocate U and memory resources to the LEM VM" in the LEM  Guide for information about how to manage LEM system resources.

HARDWARE ON THE VM

SMALL

MEDIUM

LARGE

HOST

U

2 – 4 core processors at 2.0 GHz

6 – 10 core processors at 2.0 GHz

10 – 16 core processors at 2.0 GHz

If you will be storing original log messages in addition to normalized log messages, increase the U and memory resource requirements by 50%. Memory

8 GB RAM

16 GB – 48 GB RAM

48 GB – 256 GB RAM

Hard drive storage

250GB, 15k hard drives (RAID 1/mirrored settings)

500GB, 15K hard drives (RAID 1/mirrored settings)

1TB, 15k hard drives (RAID 1/mirrored settings)

 l Installing LEM in a SAN is preferred.  l High-speed hard drives (such as SSD drives) are required for high-end deployments.  l Large deployments may require 1 to 2TB of storage, which you can reserve on VMware ESX(i) 4/5+ and Microsoft Hyper-V 2008 R-2/2012. Input/output 40 – 200 IOPS operations per second (IOPS)

200 – 400 IOPS

400 or more IOPS

NIC

1 GBE NIC

1 GBE NIC

page 19

1 GBE NIC

INSTALLATION GUIDE: LOG & EVENT MANAGER

LEM software requirements SOFTWARE

REQUIREMENTS

Hypervisor (required on the VM host)

One of the following:

 l VMware vSphere ESX 4.0 or ESXi 4.0 and later  l Microsoft Hyper-V Server 2016, 2012 R2, 2012, or 2008 R2

Web browser (required on a remote computer to run the web console)

One of the following:

 l Google® Chrome™ 17 and later  l Microsoft Internet Explorer® 8 and later Note: The web console does not run on Internet Explorer 10 on Windows Server 2012.

 l Mozilla Firefox® 10 and later Adobe Flash (browser plug-in required on a remote computer to run the web console)

Adobe Flash Player 15

Optional software (required if you want to run the desktop console on

Adobe Air Runtime

a desktop computer)

page 20

For more information, visit the "What is Adobe AIR?" page:

http://www.adobe.com/products/air.html.

LEM Agent hardware and software requirements HARDWARE AND SOFTWARE

REQUIREMENTS

Operation System (OS)

The LEM Agent is compatible with the following operating systems:

 l IBM AIX  l Linux  l Mac OS X 10.7 or later  l Oracle® Solaris  l Windows (10, 8, 7, Vista)  l Windows Server (2016, 2012, 2008) The requirements specified below are minimum requirements. Depending on your deployment, you may need additional resources to increased log-traffic volume and data retention. U

450 MHz Pentium III or equivalent

Memory

512 MB RAM

Hard Drive Space

1 GB

Other requirements

istrative access to the device hosting the LEM Agent The LEM Agent for Mac OS X requires Java Runtime Environment (JRE) 1.5 or later.

page 21

INSTALLATION GUIDE: LOG & EVENT MANAGER

LEM reports application hardware and software requirements HARDWARE AND

REQUIREMENTS

SOFTWARE Operation System (OS)

The LEM reports application is Windows only. The following Windows versions are ed:

 l Windows 10, 8, and 7  l Windows Server 2016, 2012, 2008, 2003 Memory

512 MB RAM minimum. SolarWinds recommends using a computer with 1 GB of RAM or more for optimal reports performance.

Other Install the LEM reports application on a system that runs overnight. This is important requirements because the daily and weekly start time for these reports is 1:00 AM and 3:00 AM, respectively.

page 22

LEM port requirements If your log sources are located behind firewalls, see "SolarWinds LEM Port and Firewall Information" at the following location to open the necessary ports: https://.solarwinds.com/Success_Center/Log_ Event_Manager_(LEM)/SolarWinds_LEM_Port_and_Firewall_Information See the "SolarWinds Port Requirements for SolarWinds Products Guide" at the following location for a list of all ports required to communicate with SolarWinds products:

http://www.solarwinds.com/documentation/Orion/docs/SolarWindsPortRequirements.pdf

page 23

INSTALLATION GUIDE: LOG & EVENT MANAGER

LEM pre-installation checklist Before installing Log & Event Manager, complete the pre-installation checklist below. This topic includes the following sections:

  • Prepare the server environment • LEM

25 26

The installation preflight checklist helps you:

 l that system requirements are met, all required software is installed, and required roles and features are enabled.  l Gather the information required to complete the installation.

1. Review system requirements

Make sure that your environment meets the hardware and software requirements for your installations. Hypervisor software should be installed prior to installing LEM. VMware vSphere and Microsoft Hyper-V are both ed. The hypervisor software provides the virtual environment that hosts your LEM deployment. See "LEM 6.3.1 system requirements" on page 17 for details.

2. Select a deployment architecture

Determine if your architecture will include one or more syslog servers.

3. Review release notes

Review the Log & Event Manager release notes and available documentation in the Success Center: https://.solarwinds.com/Success_Center.

4. Gather credentials

The Local is required for installation.

See "LEM deployment examples" on page 11 for details.

The Local is not the same as a domain with local rights. A domain is subject to your domain group policies.

page 24

Prepare the server environment Prepare the server where you will install the LEM VM.

1. Build the environment

Prepare the servers based on your deployment size and system requirements. Install either VMware vSphere or Microsoft Hyper-V. By default, Log & Event Manager deploys with 8GB RAM and 2Us on both hypervisor platforms.

2. Run all OS updates

Before installation, check for and run all OS updates on all servers.

3. Open ports

If your log sources are located behind firewalls, see "SolarWinds LEM Port and

according to requirements

Firewall Information" at the following location to open the necessary ports:

https://.solarwinds.com/Success_Center/Log_Event_Manager_ (LEM)/SolarWinds_LEM_Port_and_Firewall_Information SolarWinds uses these ports to send and receive data.

page 25

INSTALLATION GUIDE: LOG & EVENT MANAGER

LEM SolarWinds provides separate installation packages for Hyper-V and VMware vSphere, so be sure to the correct version.

1. LEM

the LEM installer from the SolarWinds customer portal, or a free trial version from www.solarwinds.com/log-event-manager. The trial version provides unlimited access to all product features for 30 days. See "Licensing an evaluation version of LEM" on page 15 for more information.

Next steps:  l See "Install SolarWinds LEM on Microsoft Hyper-V" on page 28  l See "Install SolarWinds LEM on VMware vSphere" on page 31

page 26

Install LEM on the hypervisor In this section:

  • Install SolarWinds LEM on Microsoft Hyper-V

28

• Install SolarWinds LEM on VMware vSphere

31

page 27

INSTALLATION GUIDE: LOG & EVENT MANAGER

Install SolarWinds LEM on Microsoft Hyper-V These instructions provide steps for installing the Log & Event Manager VM on Microsoft Hyper-V. SolarWinds provides separate installation packages for Hyper-V and VMware vSphere, so check that you ed the correct version. Complete the "LEM pre-installation checklist" on page 24 before installing LEM.

1. Extract the files

Double-click the evaluation EXE file that you ed previously. This step will extract the required files and tools to a folder on your desktop. The "How to Install" page opens automatically. The following image shows the wizard for installing LEM on VMware vSphere.

To return to this page after it is closed, go to

%PROFILE%\Desktop\SolarWinds Log and Event Manager\html\install_now.hta 2. Complete the following steps to import the Virtual Machine.

page 28

 1. In the navigation pane of Hyper-V Manager, select the computer running Hyper-V.  2. Click Action > Import Virtual Machine. Click Next if the "Before You Begin" screen displays.

 3. On the Locate Folder screen, navigate to the folder that matches your version of Windows Server. For example: %PROFILE%\Desktop\SolarWinds Log and Event Manager\SolarWinds Log & Event Manager\Virtual Machines 2012 R2 For Windows Server 2016, navigate to the Virtual Machines 2012 R2 folder.

 4. Click Next. On the Select Virtual Machine screen, select SolarWinds Log & Event Manager, and click Next.  5. On the Select Virtual Machine screen, select SolarWinds Log & Event Manager, and click Next.  6. On the Choose Import Type screen, choose Copy the virtual machine (create a new unique ID), and click Next.  7. On the Choose Folders for Virtual Machine Files screen, change the folder locations that the wizard will import files to (if needed). Otherwise, click Next.  8. On the Choose Folders to Store Virtual Hard Disks screen, change the location of the virtual hard disks for this virtual machine (if needed). Otherwise, click Next.  9. On the Configure Memory screen, configure the Startup RAM setting, and the Minimum RAM and Maximum RAM settings for Dynamic Memory, and then click Next.  10. On the Summary screen, review the configuration settings and click Finish. The installer will copy the SolarWinds-LEM-6.3.1.vhd file to HyperV.

3. Connect to the LEM VM.

Select the newly added VM, and then click Action > Connect on the main Hyper-V Manager window.

The virtual console opens. 4. Start LEM.

Click Action > Start in the virtual console window.

The LEM VM starts.

page 29

INSTALLATION GUIDE: LOG & EVENT MANAGER

After LEM starts, write down the IP Address of the VM. You will be able to change the IP address later during the configuration phase. 5. Set up your new LEM installation.

See "Setting up a new LEM installation" in the LEM  Guide.

Following installation, the default LEM host name is swi-lem. To change the default host name and IP address settings, see "Run the activate command to secure LEM and configure network settings" in the LEM  Guide.

page 30

Install SolarWinds LEM on VMware vSphere These instructions provide steps for installing the Log & Event Manager VM on VMware vSphere. SolarWinds provides separate installation packages for Hyper-V and VMware vSphere, so check that you ed the correct version. Complete the "LEM pre-installation checklist" on page 24 before installing LEM.

1. Extract the files

Double-click the evaluation EXE file that you ed previously. This step will extract the required files and tools to a folder on your desktop. The "How to Install" page opens automatically. The following image shows the wizard for installing LEM on VMware vSphere.

To return to this page after it is closed, go to

%PROFILE%\Desktop\SolarWinds Log and Event Manager\html\install_now.hta 2. Complete the following steps to deploy LEM.

page 31

 1. Start the VMware vSphere Client and with VMware privileges.  2. Deploy the open virtualization format (OVF) template.

INSTALLATION GUIDE: LOG & EVENT MANAGER

 3. Open the SolarWinds Log & Event Manager folder located on your desktop and double-click: Deploy First—LEM Virtual Appliance.ova  4. Complete the setup wizard. When prompted, select the Thin Provisioned disk format. Thin provisioning offers more performance flexibility than thick provisioning, but requires more oversight than thick provisioning. Thin provisioning provides increased performance by dedicating physical storage space.

 5. Map the network interface card (NIC) to the appropriate network.  6. When the OVF deployment is completed, click Finish. 3. Start LEM.

 1. Select the SolarWinds Log and Event Manager virtual appliance and click Play.  2. Click the Console tab. The LEM VM starts. After LEM starts, write down the IP Address of the VM. You will be able to change the IP address later during the configuration phase.

4. Set up your new LEM installation.

See "Setting up a new LEM installation" in the LEM  Guide.

Following installation, the default LEM host name is swi-lem. To change the default host name and IP address settings, see "Run the activate command to secure LEM and configure network settings" in the LEM  Guide.

page 32

Install LEM Agents to protect servers, domain controllers, and workstations In this section:

  • Deploying the LEM Agent

34

• LEM Agent pre-installation checklist: Prepare to deploy LEM Agents 35 • Install the LEM Agent on Linux and Unix

37

• Install the LEM Agent on Mac OS X 10.7 and later

39

• Run the LEM Remote Agent Installer non-interactively for large Windows deployments

41

• Run the LEM Local Agent Installer non-interactively for large Windows deployments

43

• the LEM Agent connection

46

page 33

INSTALLATION GUIDE: LOG & EVENT MANAGER

Deploying the LEM Agent This topic describes options for installing the LEM Agent. See "About the LEM Agent" on page 9 to learn about the role the LEM Agent plays in a typical LEM deployment. SolarWinds provides LEM Agents for these operating systems:

 l Microsoft Windows (local and remote installers)  l Linux  l Mac OS X  l Solaris on Intel  l Solaris on Sparc  l HPUX on PA  l HPUX on Itanium  l AIX

Deploying the LEM Agent to multiple Windows computers in an enterprise environment There are two options for deploying the LEM Agent unattended on Windows:

 l Option 1: You can use the Remote Agent Installer to deploy LEM Agents to computers noninteractively. See "Run the LEM Remote Agent Installer non-interactively for large Windows deployments" on page 41 for more information.  l Option 2: Use the Local Agent Installer with either software distribution policies or local logon scripts to deploy the LEM Agent non-interactively. This method is an alternative to the Remote Agent Installer option for large deployments. See "Run the LEM Local Agent Installer non-interactively for large Windows deployments" on page 43 for more information.

page 34

LEM Agent pre-installation checklist: Prepare to deploy LEM Agents Complete the following tasks before installing the LEM Agent. See "Deploying the LEM Agent" on the previous page to learn more about installing LEM Agents. This topic includes the following sections:

  • LEM Agent installer requirements

35

• Antivirus recommendations

35

• the LEM Agent installers

36

LEM Agent installer requirements 1. Review system requirements

See "LEM Agent hardware and software requirements" on page 21 for details.

2. Gather credentials

that you have istrative access to the servers and workstations you plan to monitor with the Agent. Windows-based systems require Domain or Local istrative privileges; Linux or Unix systems require root-level access. The Local is not the same as a domain with local rights. A domain is subject to your domain group policies.

3. Review the LEM Agent installation overview

See "Deploying the LEM Agent" on the previous page for installation information, and information about unattended Agent installations.

Antivirus recommendations 1. Disable anti-malware and endpoint protection software during installation.

page 35

Turn off any anti-malware or endpoint protection applications on host systems during the installation process, because these applications can affect the process by which installation files are transferred to the hosts.

INSTALLATION GUIDE: LOG & EVENT MANAGER

2. After installation, add an exception to your antivirus or antimalware software for the LEM Agent folder.

Set an exception in your antivirus or anti-malware scanning software for the ContegoSPOP folder where the LEM Agents will be installed. The alerts are kept in queue files, which change constantly as they are normalized and encrypted.

the LEM Agent installers You can LEM Agent installers from the LEM console or from the SolarWinds Customer Portal.

To a LEM Agent installer from the LEM console  1. Open the LEM console. See " to the LEM web console" or " to the LEM desktop console" in the LEM  Guide for steps.  2. Choose from the following options:  l Click Ops Center, go to the Getting Started widget, and click "Add Nodes to Monitor."  l Click Manage > Nodes. Click Add Node, then click Agent Node.  3. Click an Agent to it.

To a LEM Agent installer from the SolarWinds Customer Portal If you are using a trial version of LEM, the LEM Agent installer from the LEM console, or SolarWinds for assistance.

 1. the installer from the SolarWinds Customer Portal: http://www.solarwinds.com/customerportal/LicenseManagement.aspx with your SWID if necessary.  2. Find LEM in the product list, and then click Choose .  3. Find the Agent Installer on the list. Next steps: See the following topics to install the LEM Agents:

 l "Install the LEM Agent on Linux and Unix" on the facing page  l "Install the LEM Agent on Mac OS X 10.7 and later" on page 39  l "Run the LEM Remote Agent Installer non-interactively for large Windows deployments" on page 41  l "Run the LEM Local Agent Installer non-interactively for large Windows deployments" on page 43

page 36

Install the LEM Agent on Linux and Unix This topic describe how to install Agents locally on a variety of Linux and Unix operating systems. Once installed, the LEM Agent automatically starts and connects to the LEM Manager. This topic includes the following sections:

  • Installation notes for the Linux Agent installer

37

• Run the LEM Agent Installer on Linux or Unix

37

• To uninstall the LEM Agent on Linux or Unix

38

See "LEM Agent pre-installation checklist: Prepare to deploy LEM Agents" on page 35 for Agent information and a pre-install checklist.

Installation notes for the Linux Agent installer  l A reboot is not required following installation  l LEM Agents are installed in the /usr/local/contego/ContegoSPOP folder by default.

Run the LEM Agent Installer on Linux or Unix To run the LEM Agent installer:

 1. Extract the contents of the installer ZIP, and then copy setup.bin to a local or network location.  2. cd to the folder that contains the installer.  3. Enter chmod +x setup.bin to convert the installer into an executable application.  4. Run setup.bin as root.  5. Press Enter to start the installer.  6. Press Enter to page through the End License Agreement, and then enter y to accept the if you agree.  7. Enter a custom installation path, or press Enter to accept the default (recommended).  8. Enter the hostname of your LEM Manager. Use the fully qualified domain name for your LEM Manager when you deploy LEM Agents on a different domain. For example, enter LEMhostname.example.com.

 9. Press Enter twice to accept the default port values, and then press Enter again to proceed.  10. Review the Pre-Installation Summary, and then press Enter to proceed.  11. Once the installer finishes, press Enter to exit the installer.

page 37

INSTALLATION GUIDE: LOG & EVENT MANAGER The LEM Agent begins sending alerts to your LEM Manager immediately. To configure the LEM Agent to start automatically on boot, add /etc/init.d/swlem-agent to your list of startup scripts.

Next steps:  l See " the LEM Agent connection" on page 46 to test that the Agent connected to the LEM Manager.

To uninstall the LEM Agent on Linux or Unix To uninstall the LEM Agent:

 1. to you Linux computer as root.  2. Stop the SolarWinds LEM Agent service.  3. Delete the /usr/local/contego/ContegoSPOP folder.  4. Remove any startup scripts, if any.

page 38

Install the LEM Agent on Mac OS X 10.7 and later See "LEM Agent pre-installation checklist: Prepare to deploy LEM Agents" on page 35 for Agent information and a pre-install checklist. This topic includes the following sections:

  • Installation notes for the Mac OS X installer

39

• Run the LEM Agent Installer on Mac OS X

39

• To configure the LEM Agent as a Mac OS X service and set it to start automatically 40 • To start the LEM Agent on Mac OS X manually

40

Installation notes for the Mac OS X installer  l The plist file used to start the version 5.3.1 Agent contains incorrect values, and does not work as expected. This is a known issue that will be fixed in a future release.  l A reboot is not required following installation.  l LEM Agents are installed in /Applications/TriGeoAgent/ folder by default. To run as a service and start automatically, the LEM Agent also uses the following folders:  l /System/Library/StartupItems/  l /Library/LaunchDaemons/  l Mac OS X 10.7 or later is required to install the Agent.  l Java Runtime Environment (JRE) 1.5 or later is required to install the Agent.

Run the LEM Agent Installer on Mac OS X To run the LEM Agent installer on Mac OS X:

 1. Extract the contents of the installer ZIP file to a local or network location.  2. Run setup.app, and then click Next to start the installation wizard.  3. Accept the End License Agreement if you agree, and then click Next.  4. Enter the hostname of your LEM Manager in the Manager Name field and click Next. Do not change the default port values. Use the fully-qualified domain name of the LEM Manager when you deploy LEM Agents on a different domain. For example, enter: LEMhostname.example.com  5. Confirm the Manager Communication settings, and click Next.

page 39

INSTALLATION GUIDE: LOG & EVENT MANAGER

 6. Confirm the settings on the Pre-Installation Summary, and click Install.  7. After the installer finishes, click Done to exit the installer. Ignore the error message that says some errors occurred during the install. Next steps:  l See " the LEM Agent connection" on page 46 to test that the Agent connected to the LEM Manager.

To configure the LEM Agent as a Mac OS X service and set it to start automatically  1. Copy /Applications/TrigeoAgent to /System/Library/StartupItems/  2. Modify the plist file packaged with the installed Agent by performing the following:  a. Navigate to /System/Library/StartupItems/TrigeoAgent/  b. Open com.trigeo.trigeoagent.plist in a text editor.  c. In the file, replace /Applications/TriGeoAgent/TriGeoAgent.app/Contents/MacOS/TriGeoAgent with: /System/Library/StartupItems/TrigeoAgent/SWLEMAgent.app/Contents/MacOS/ SWLEMAgent  d. Save the file here: /System/Library/LaunchDaemons/  3. Change the permissions on the plist file. This only needs to be completed if the plist file is moved with a non-root . chown root:wheel /System/Library/LaunchDaemons/com.trigeo/trigeoagent.plist  4. Restart the computer.  5. Run ps -ef | grep -i trigeo to that the Agent starts automatically after the computer restarts.

To start the LEM Agent on Mac OS X manually  1. Configure the LEM Agent as a service and set it to start automatically. See the previous section.  2. Open Terminal.  3. Enter launchctl load /Library/LaunchDaemons/com.trigeo.trigeoagent.plist The LEM Agent continues running on your computer unless you uninstall or manually stop it. It begins sending alerts to the LEM Manager immediately.

page 40

Run the LEM Remote Agent Installer non-interactively for large Windows deployments The Remote Agent Installer allows you to install the LEM Agent on multiple Windows computers without the need to step through an installation wizard. Once installed, the LEM Agent automatically starts and connects to the LEM Manager. This topic includes the following sections:

  • Installation notes for the Remote Agent Installer • Run the LEM Agent installer for Windows

41 42

See "LEM Agent pre-installation checklist: Prepare to deploy LEM Agents" on page 35 for Agent information and a pre-install checklist. To install the LEM Agent unattended on non-Windows systems, see "Run the LEM Local Agent Installer non-interactively for large Windows deployments" on page 43

Installation notes for the Remote Agent Installer  l The Remote Agent Installer is Windows-only.  l You will need a with privileges to write to Windows istrative shares such as C$:\ or D$:\  l LEM Agents are installed to the following folders:

Bitness Installation Folder 32-bit

C:\Windows\system32\ContegoSPOP

64-bit

C:\Windows\sysWOW64\contegoSPOP

 l If you are installing LEM Agents on the far end of a WAN link, copy the Remote Agent Installer executable to the end of the WAN link and run it there. This will avoid using your WAN bandwidth to copy LEM Agents multiple times.  l A reboot is not required

page 41

INSTALLATION GUIDE: LOG & EVENT MANAGER

Run the LEM Agent installer for Windows To run the LEM Agent installer:

 1. Extract the contents of the installer ZIP file to a local or network location.  2. Run setup.exe.  3. Click Next to start the installation wizard.  4. Accept the End License Agreement if you agree, and then click Next.  5. Enter the hostname of your LEM Manager in the Manager Name field, and then click Next. Do not change the default port values. Use the fully qualified domain name for your LEM Manager when you deploy LEM Agents on a different domain. For example, enter LEMhostname.example.com.

 6. Confirm the Manager Communication settings, and then click Next.  7. Specify whether or not you want to install USB-Defender with the LEM Agent, and then click Next. The installer will include USB-Defender by default. To omit this from the installation, clear the Install USB-Defender option box. SolarWinds recommends installing USB-Defender on every system. USB-Defender will never detach a USB device unless you have explicitly enabled a rule to do so. By default, USBDefender simply generates alerts for USB mass storage devices attached to your LEM Agents.

 8. Confirm the settings on the Pre-Installation Summary, and then click Install.  9. Once the installer finishes, it will start the LEM Agent service when you click Next.  10. Inspect the Agent Log for any errors, and then click Next.  11. Click Done to exit the installer. The LEM Agent continues running on your computer unless you uninstall or manually stop it. It begins sending alerts to your LEM Manager immediately.

Next steps:  l See " the LEM Agent connection" on page 46 to test that the Agent connected to the LEM Manager.

page 42

Run the LEM Local Agent Installer non-interactively for large Windows deployments The Local Agent Installer allows you to install the LEM Agent without the need to step through an installation wizard. This option is only available for Windows systems. This topic includes the following sections:

  • Installation notes

43

• Create a setup file for the Local Agent Installer

44

• Configure a custom installer.properties file

44

• Run the Local Agent Installer non-interactively

45

You can run the Local Agent Installer non-interactively using software distribution policies or local logon scripts. This method is an alternative to the Windows-only Remote Agent Installer in large deployment scenarios. This procedure only works with the local installer. Do not use the Remote Agent Installer for this task.

Installation notes See "LEM Agent pre-installation checklist: Prepare to deploy LEM Agents" on page 35 for Agent information and a pre-install checklist. There are three steps to using the Local Agent Installer to install the LEM Agent non-interactively. Each step is described in detail in the sections below.

 1. Create the setup.* installer file for the operating system running on the computer hosting the LEM Agent. The installer file extension is unique for each Windows operating system.  2. Configure a custom installer.properties file that contains your environmental variables.  3. Run the Local Agent Installer non-interactively. See "Run the LEM Remote Agent Installer non-interactively for large Windows deployments" on page 41 for more information about installing the SolarWinds LEM Agent.

page 43

INSTALLATION GUIDE: LOG & EVENT MANAGER

Create a setup file for the Local Agent Installer  1. the installer from the SolarWinds Customer Portal:  a. to the Customer Portal.  b. Navigate to the License Management page.  c. Locate LEM in the product list, and then click Choose .  d. the local Agent installer for Windows. Find the appropriate installer on the list. Be sure you the Local Agent Installer. You cannot use the Remote Agent Installer for this task.

 2. Extract the contents of the installer ZIP file to a local or network location.  3. Copy setup.* to a known location.

Configure a custom installer.properties file  1. Open a text editor and create a file with the following two lines, followed by a carriage return: MANAGER_IP= INSTALL_USB_DEFENDER= /* Remove this third line and replace it with a carriage return. The third line needs to be blank. */ Where:  l is the hostname or IP address of the LEM appliance.  l is 0 or 1. Specify 0 if USB defender should not be installed, or 1 if USB defender should be installed.  2. that a blank line with a carriage return follows the INSTALL_USB_DEFENDER entry. A blank line with a carriage return after the INSTALL_USB_DEFENDER entry is required for the file to work correctly. The contents of the file should look similar to this:

MANAGER_IP=swi-lem INSTALL_USB_DEFENDER=0  3. Save the file as installer.properties in the same folder as the setup.* file.

page 44

Run the Local Agent Installer non-interactively  1. that setup.* and installer.properties are located in the same folder. UNC paths should not be used during this installation.

 2. Run the command, setup -i silent using the active resource directory that matches the folder that contains the two installer files. The command immediately returns to the command prompt. Right-click the installer file and select Run as . The LEM Agent starts automatically and continues running until you uninstall or manually stop the Agent. It begins sending alerts to your LEM Manager immediately. The LEM Agent should also appear in Add/Remove Programs. Next steps:

 l See " the LEM Agent connection" on the next page to test that the Agent connected to the LEM Manager.

page 45

INSTALLATION GUIDE: LOG & EVENT MANAGER

the LEM Agent connection After you install the LEM Agent on your Agent nodes, that the Agent connected to the LEM Manager.

 1. Open the LEM console. See " to the LEM web console" or " to the LEM desktop console" in the LEM  Guide for steps.  2. Click Manage > Nodes.  3. In the Nodes grid, ensure that all connected nodes include a green status

indicator.

For help troubleshooting LEM Agents, see "Troubleshoot LEM Agents and network devices" in the LEM  Guide.

Next steps:  l "Configure LEM Agents after they are installed" in the LEM  Guide.  l If you have similar LEM Agents installed, see "Create connector profiles to manage and monitor LEM Agents" in the LEM  Guide.

page 46

Install the LEM 6.3.1 optional add-on applications In this section:

  • Install the LEM reports application • Install the LEM desktop console

page 47

48 52

INSTALLATION GUIDE: LOG & EVENT MANAGER

Install the LEM reports application This topic describes how to install the optional LEM reports application on either a separate server or on a workstation. The reports application allows you to produce over 200 standard and industry-specific reports. This topic includes the following sections:

  • Pick a suitable host for the reports application

48

• Install the LEM reports application

49

• Connect the LEM reports application to your LEM database

49

Pick a suitable host for the reports application You can install the LEM reports application on as many servers and workstations as you require. Install the LEM reports application on a system that runs overnight. This is important because the daily and weekly start time for these reports is 1:00 AM and 3:00 AM, respectively. It's also important that you install the reports application on a system that can access the LEM database. See "LEM reports application hardware and software requirements " on page 22 for additional requirements.

page 48

Install the LEM reports application The LEM reports application requires the free Crystal Reports runtime application. There are two ways to install the LEM reports application:

 l You can run the reports application installer included in the SolarWinds Log and Event Manager distribution package. The installer installs Crystal Reports and the LEM reports application together.  l You can Crystal Reports and the LEM reports application individually from the SolarWinds Customer Portal. You will need to install each application one at a time. This may be necessary if your Windows security settings prevent you from running the other installer.

Install the LEM reports application provided in the LEM distribution package This installer also installs the Crystal Reports Runtime.

 1. If necessary, copy the SolarWinds Log and Event Manager installation folder to a local drive and open the folder.  2. Right-click the file "Install Next - LEM Reporting Software.exe" and choose "Open." A dialog box that says "Do you want to allow this app to make changes to your device?" opens.  3. Click Yes to continue. The Welcome screen opens.  4. Click Next, and review the Requirements for Installation.  5. Click Next, and then click "Begin Install" to start the installation process. The installer installs the required applications.  6. Click Close when the Installation Complete dialog displays.

Install the LEM reports application files ed from the Customer Portal Complete these steps if you were not able to install the LEM reports application using the installer included in the SolarWinds Log and Event Manager distribution package. Before you begin: the LEM reports application and the Crystal Reports Runtime installers from the SolarWinds Customer Portal (https://customerportal.solarwinds.com).

 1. Run the Crystal Reports Runtime installer and complete the installation steps.  2. Run the LEM reports application installer and complete the installation steps.  3. When the installation is complete, click Close. The LEM reports application is installed on your system.

Connect the LEM reports application to your LEM database When you enter a LEM Manager IP address into the LEM reports application, you create a connection between the reports application and the LEM database server running on the LEM Manager VM. Before you begin: You will need the IP address of the LEM VM and your LEM console credentials.

page 49

INSTALLATION GUIDE: LOG & EVENT MANAGER

 1. Right-click the Reports application icon on your desktop and select Run as . To automatically run Reports as an :

 1. Right-click the Reports shortcut and select Properties.  2. Click Advanced and select the Run as option.

 3. Click OK.  4. Click OK in the Reports Properties window.  2. Click Yes in the antivirus dialog box to continue.  3. Click OK in the information box to create a list containing at least one Manager.

 4. Enter the hostname or IP address of your LEM appliance in the Manager Name field. Whenever you see Manager in reference to LEM, it usually refers to the IP address or hostname of your virtual appliance.

 5. Enter the name and used to to the LEM console. You can audit s accessing the reporting server running on the LEM VM. Only s with , auditor, or reports roles can run reports on the LEM database.

 6. (Optional) Select the Use TLS connection check box to use the transport layer security protocol for a secure connection.

page 50

 7. Click Test Connection to the connection between the LEM database server and the LEM reports application. The reports application pings the LEM database and verifies the connection. If the ping is successful, Ping Successful displays in the dialog box.

 8. Click

to add the IP address to your LEM Manager list, and then click Yes to confirm.

 9. Click Close. The reports application is connected to your LEM database and displays on your screen.

page 51

INSTALLATION GUIDE: LOG & EVENT MANAGER

Install the LEM desktop console The optional LEM desktop console lets you manage and monitor LEM without a web browser. The desktop console provides the same functionality as the LEM web console, but as a Windows-only native app. This topic includes the following sections:

  • Install Adobe Air Runtime for Windows

52

• Install the LEM desktop console

52

• Configure the LEM desktop console after you install it

53

• Resolve the Hostname

53

Install Adobe Air Runtime for Windows Install the Adobe Air Runtime before you install the LEM desktop console. The desktop console requires that you install the free Adobe AIR Runtime for Windows on your computer.

 1. Adobe Air Runtime for Windows from the SolarWinds Customer Portal (https://customerportal.solarwinds.com),or from the Adobe AIR website: https://get.adobe.com/air/  2. Extract the contents of the ZIP file and double-click the installer.  3. Follow the instructions to complete the installation.

Install the LEM desktop console  1. the standalone console installer from the SolarWinds Customer Portal (https://customerportal.solarwinds.com).  2. Extract the contents of the ZIP file and double-click the LEM console installer.  3. Click Install.  4. Select your installation preferences.  5. Click Continue to begin the installation process. The LEM desktop console is now installed on your system.

page 52

Configure the LEM desktop console after you install it  1. If you did not instruct the console to open after the installation, open the desktop console.  2. Accept the End License Agreement if you agree, and click OK.  3. Enter the IP address or hostname of the LEM VM, and then click Connect. The computer running the LEM console must be able resolve the hostname of the LEM VM using either DNS, or a manual entry in the Windows hosts file. See "Resolve the Hostname" below for more information.

 4. Create a new . The first time the LEM console connects to the LEM VM, it prompts you to change your . The must be between 6 and 40 characters, and contain at least one capital letter and one number.  5. If you agree, enter your email address to participate in the SolarWinds Improvement Program. Otherwise, clear the check box.  6. Click Save. The LEM desktop console is now configured on your system.

See also:  l "Troubleshoot the LEM desktop console" in the LEM  Guide

Resolve the Hostname The system hosting the LEM desktop software must resolve the hostname of the LEM VM using DNS or a manual entry in the hosts file. Otherwise, you cannot connect or you may have an unreliable connection. Configure forward and reverse DNS entries (a HOST and PTR record) for the LEM VM on your DNS server. When you create the DNS entries, use the default hostname or the hostname you specified when you installed the VM. If you cannot configure DNS directly on your DNS server, configure a hosts file on the computer by editing the Windows\system32\drivers\etc\hosts file in a text editor and adding a line with the LEM virtual machine IP address and host name, separated by a space or tab character.

page 53