nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

Community
- Command Central
- MVP Program
- Monthly Mission
- Blogs
- Groups
- Events
- Media Vault
Products
- Observability
- Network Management
- Application Management
- IT Security
- IT Service Management
- System Management
- Database Management
Content Exchange
- SolarWinds Platform
- Server & Application Monitor
- Database Performance Analyzer
- Server Configuration Monitor
- Network Performance Monitor
- Network Configuration Manager
- SQL Sentry
- Web Help Desk
Free Tools & Trials
Store

Security Event Manager (SEM)

Security Event Manager (SEM) Feature Requests
Newsroom
Get the latest news about SolarWinds Security Event Manager (SEM)

Recent Discussions

Agents on nodes arent connected
Hello, I'm having issues where my SEM agents on my nodes aren't connecting to the manager. Any troubleshooting tips? I see the service is stopped but when i run it it automatically stops again when I refresh the services.
SEM cannot see nodes after UMID changed
I reverted to an old checkpoint of a VM in Hyper V ad the UMID changed for my SEM manager. Now the nodes aren't connected. I still get logs from the devices just as InternalUnknownAgents. I also noticed that the Agents aren't running automatically in my endpoints services.. I start the service then when I refresh its off.…
SEM Dashboard-Segregate servers of one type (OS)
We have SEM setup for lot of servers, say about 300 servers/hosts. I want to create a new dashboard in which I want to have only few selected servers/hosts, say ten (10) servers/hosts of only one application. I want to have a separate dashboard for Linux servers. Is it possible? Any documentation?
SEM fine tuning of event for Oracle Database auditing
Need quick help to capture auditable database actions of delete and update from Oracle Database into SEM events. We are able to capture create, alter, drop. Have configured "Oracle Auditor - Syslog" SEM connector and OS level auditing in Oracle Database.
Request: Exported JSON bundle for default Windows/AD rules?
Hi guys, I'm setting up SEM from scratch and importing default rule templates one by one is driving me crazy. Does anyone have an exported .json file of the basic Windows / AD monitoring rules they can share?
Extended Logons?
Has anyone figured out a way to filter for extended logons?
One "node" uses 2 universal licenses.
I have 2 Windows Server VMs that are part of our VoIP system. For some reason, they both end up being listed twice as a node and using 2 universal licenses. For example: vm9 phoneserver1.mylocaldomain.local Those are one and the same server. Yes, there are 2 separate DNS entries.
RULES AND AUTOMATION RESPONSE
Hello who has managed to come up with rules to detect GPO changes rules to detect priviledge escallation att rules to detect and alert when lateral movement is initiated rules for detecting suspicious network suspicious network traffic during non office hours kindly share.
Save SEM configs
How exactly can I save my SEM config files so I can import those configs on another SEM VM?
Tracking Windows Advanced Auditing in SEM
Can someone run me through the basics on how to create a dashboard and widgets for specific event ID's that are tied to Windows Advanced Auditing categories and subcategories. I want to create a widget for identifying Credential Validation failures, event IDs 4776 and 4777. Thank you!