Community
- Command Central
- MVP Program
- Monthly Mission
- Blogs
- Groups
- Events
- Media Vault
Products
- Observability
- Network Management
- Application Management
- IT Security
- IT Service Management
- System Management
- Database Management
Content Exchange
- SolarWinds Platform
- Server & Application Monitor
- Database Performance Analyzer
- Server Configuration Monitor
- Network Performance Monitor
- Network Configuration Manager
- SQL Sentry
- Web Help Desk
Free Tools & Trials
Store

Security Event Manager (SEM)

Security Event Manager (SEM) Feature Requests
Newsroom
Get the latest news about SolarWinds Security Event Manager (SEM)

Recent Discussions

How to delete the node by using API call?
Hi, In order to remove the license on SolarWinds, i need to execute the command on the server before they are going to terminate. Is there any way to remove the node from the Linux agent by using API call?
Alert on enabled user in a specific OU
We have an OU in Windows Active Directory specifically for disabled user objects, with sub-OUs for different departments. For example, the base OU is OU=Disabled Users,DC=domain,DC=com, with child OUs of OU=Department,OU=Disabled Users,DC=domain,DC=com. Is there a way to alert on a user object in the base or child OUs when…
Is it possible to create filter in SEM to track browser used to access site, from the IIS log file ?
Wanting to know if this would be possible to grab it from our websites log file using a filter (going by user agents possibly), or if there is a way to create a custom filter using my own parse scrip
FTP server activity monitoring scheduled search/alerts setup in SEM
Hello, everyone ! I need to configure a scheduled search in SEM regarding FTP server logins ( any activities) on a weekly basic . I was trying different combinations based on CerberusFTP historical events, but the alerts don’t seem to pick it up . Please, advise . Thank you .
Is there any way in SEM to keep tabs on non-Agent devices w/ rules, filters, alerts -etc, in ANY capacity? (things like printers, switches, etc)
Our current network has some 200 - 300 devices on it, about 80 of them are Windows machines & as such are configured that way in the nodes page, but there are also a handful of non-agent devices; PoE switches, firewalls, printers, scanners -- all spread out over 4 different physical locations. All the windows machines have…
Does SEM cap out
I have a fairly large network, and I am being told that SEM cannot handle all the data and such. Is there a limit to the amount of information that SEM can withstand? I want to ensure that I am getting all the audit events I require, but it sounds like I am not. Thanks! -Mark
Need to filter on an empty field
I am trying to set up a filter to differentiate between User Logons coming from an actual user and those coming from a machine or an application. For example, I don't want to see logon events coming from a SolarWinds Orion polling engine, but I do want to see logins from any actual physical user. It looks like the…
AUDIT EVENT ARCHIVING
Hello all. New to the forums here. I have been trying to research through the forums, and through Youtube on anyway possible way to archive the event data that SEM receives. Audit events are to be kept for 5 years, and SEM does not do that. So how exactly do you get your weekly audits saved off and archived? This is to…
Kernal module loads, unloads, and restarts.
I am looking to see if there are any event ids for Kernal module loads, unloads, and restarts in Solarwinds Security Event Manager? I am not sure if I am overlooking it, or if they are under another type of event id?
Solar winds SEM Agent
Hi I would like to understand on the SEM server agent polling and mechanism used by solar winds agent. Does it send data to SEM server periodically with a polling mechanism or whether the server pulls the data from the agent at certain intervals