Get the latest news about SolarWinds Security Event Manager (SEM)
Hi Forum, I'm new to SolarWinds SEM, particularly the Linux Connector and logs selected. I'm not sure if anyone can assist me in translating the event titles that are displaced on the Event Details tab. The output is slightly different from Windows, and I cannot find the destination machine and source machine on failed…
I have certain logs that I would like to keep on a node that I don't want to keep in SEM. For example, I would like SEM to monitor the System log in Windows Server. I would like SEM to ignore anything marked "Information" and log everything else. Is there a way to do this? Everything I have found indicates I should instead…
Hi, In order to remove the license on SolarWinds, i need to execute the command on the server before they are going to terminate. Is there any way to remove the node from the Linux agent by using API call?
We have an OU in Windows Active Directory specifically for disabled user objects, with sub-OUs for different departments. For example, the base OU is OU=Disabled Users,DC=domain,DC=com, with child OUs of OU=Department,OU=Disabled Users,DC=domain,DC=com. Is there a way to alert on a user object in the base or child OUs when…
Wanting to know if this would be possible to grab it from our websites log file using a filter (going by user agents possibly), or if there is a way to create a custom filter using my own parse scrip
Hello, everyone ! I need to configure a scheduled search in SEM regarding FTP server logins ( any activities) on a weekly basic . I was trying different combinations based on CerberusFTP historical events, but the alerts don’t seem to pick it up . Please, advise . Thank you .
Our current network has some 200 - 300 devices on it, about 80 of them are Windows machines & as such are configured that way in the nodes page, but there are also a handful of non-agent devices; PoE switches, firewalls, printers, scanners -- all spread out over 4 different physical locations. All the windows machines have…
I have a fairly large network, and I am being told that SEM cannot handle all the data and such. Is there a limit to the amount of information that SEM can withstand? I want to ensure that I am getting all the audit events I require, but it sounds like I am not. Thanks! -Mark
I am trying to set up a filter to differentiate between User Logons coming from an actual user and those coming from a machine or an application. For example, I don't want to see logon events coming from a SolarWinds Orion polling engine, but I do want to see logins from any actual physical user. It looks like the…
Hello all. New to the forums here. I have been trying to research through the forums, and through Youtube on anyway possible way to archive the event data that SEM receives. Audit events are to be kept for 5 years, and SEM does not do that. So how exactly do you get your weekly audits saved off and archived? This is to…
It looks like you're new here. Sign in or register to get started.