Get the latest news about SolarWinds Security Event Manager (SEM)
Hello community, I am starting to learn SEM's basics and am finding my way through. However for my organization I need to implement a rule (or response action) to remove an user from an user-defined group, 3 months after that user was created (and has been active) I can't seem to make this work, does anyone know a way…
I've got a run to send an email for EventType = UserEnable. We get around 120 of these a day, so it acts as a decent flag as to whether email alerts are working. What's happening is around once a week SEM stops sending emails at all until I restart the manager via a PuTTY session. Once I do this all is well again. We're on…
Hi, I wonder if there is an easy way to create filters and share them with every user in the SEM web interface. Or is export/import the only way?
We're using SolarWinds SEM product ver. 2022.2.2 - How do I increase the session timeout for the web interface? I'm getting kicked out quite frequently.
I am confused by the Solaris SEM agent install documentation; SEM Agent v2022.2 is supported on Solaris 10 onwards according to the requirements/release notes. The Java dependency is either Java 11 or Java 16. The last Official Java available for Solaris 10 is Java 8. So Solar winds agent 2022.2 can only be supported on…
SEM agent has been installed on a non-global zone (Java dependencies are satisfied). BSM cannot be activated on a Solaris non-global zone. Auditing/syslog is all configured and working fine. Machines are listed and the Connector has been configured in the Solar winds console but no events appear. Is this because Solar…
SolarWinds Security Filters Good Evening and Happy Sunday. I'm working with SEM and have basic setup from what I can tell. I have the following connectors deployed: Windows System, Windows Security, Windows Application, and Windows Active Response. Its prob also important to note that i don't have any rules setup yet but I…
Hello, I am looking at creating this filter for domain admin login/authentication failures. the filter uses the failedauthentication.destinationaccount which points to my directory service group for builtin domain admins. it also uses the userlogonfailure.destinationaccount which also points to the same builtin domain…
Hi there community, I got a strange problem that we cant solve: We got a user defined group Called "Legal Addresses" with a bunch of IP addresses. We have two rules, one for successfull logins to a switch made from an adress not in the "Legal addresses" list. If a successfull connection is made from an illegal address(not…
Dear All , I am new to solarwinds-sem, I had configured the Microsoft365 connector and I am getting many logon failure events with the reason:deviceauthenticationfailed , note that my organization has a hybrid environment. Has anyone else faced this ? Any ideas?
It looks like you're new here. Sign in or register to get started.