At the moment, the Event Details panel on the Live Events page is quite basic: it’s fixed to the right side, cannot be resized, and offers no fullscreen option. For larger or more complex events this makes it difficult to review all the information, especially when JSON payloads are involved. The current layout (bold label…
My feature request is for LEM to start accepting Secure TLS Syslog traffic, which operates on port TCP 6514. LEM not being able to accept this traffic specifically prevents us from receiving audit logs from Cisco Firepower Management Console nodes. Thanks, LMK
Hi SolarWinds SEM Product Team, I’d like to request support for the Sigma rule format in Security Event Manager (SEM). This could begin with a conversion script to translate Sigma YAML into SEM’s JSON format and ideally evolve into native Sigma rule import support through the SEM UI or API. Why this matters: Sigma has…
Hello, we found that, after enabling the Microsoft 365 Connector in SEM, we obtained a lot of new nodes for the different logs of M365, and some of those are not useful to monitor for us and just consume a node license. We think that the connector should be modified to permit the collection of just some of the logs that…
It's been a couple of years since there was any mention of a shared dashboard inside of SEM. Simply put, we want to be able to share the dashboard that pops up when you first log in to the web interface between multiple users. We have decided as a team that a certain layout will help us the most, and we do not want to have…
Currently, Juniper Mist Access Point (AP) will be sending all logs/statistics to Juniper Mist Marvis (AP Cloud Controller), however the logs and statistics can only be kept for 7 days. Juniper Mist Cloud Controller does not have the option to send syglog to external SIEM or SEM. Having an API call to get AP logs and…
The standard widgets supplied with the SEM dashboard are not fit for purpose. Many are limited to 10,000 events and give no indication of what timescale they cover. We are seeing over 1,200 EPS. So these widgets might max out in less than 10 seconds! The figures shown in the widgets are meaningless without some additional…
Currently, widgets cannot be customized to display custom time frames. If it is possible to display custom time frames, it is much clearer how many new events have occurred and what action needs to be taken.
Here is a link to the documentation that explains where the logs are kept and how to read them. https://enterprise.arcgis.com/en/server/latest/administer/windows/work-with-server-logs.htm
Cisco Duo is a common MFA application. SEM can ingest several other vendors' logs, but apparently not Duo (Verified with support on 5/17/24). I would like to see a connector developed for these logs. Duo has the format documented at Understanding Duo Authentication Proxy SIEM Logging.
It looks like you're new here. Sign in or register to get started.