Get the latest news about SolarWinds Security Event Manager (SEM)
Trying to figure out how to ignore/filter/drop all events from a specific IP address. We have daily penetration testing that throws a lot of events that I don't care to see. Any ideas?
Do you use SEM (Security Event Manager)? Looking for a quick way to earn some THWACK points? You've come to the right place! Let us know what improvements you'd like to see in SEM's future releases with this <5 minute survey: https://survey.alchemer.com/s3/6512357/SEM-Features-Survey *500 THWACK points will be awarded…
Hi there, I read the following page and thought about creating a rule that would auto populate and auto remove elements in my User-defined Group called "Windows Nodes" https://documentation.solarwinds.com/en/success_center/sem/content/admin_guide/9-sem_response_actions/sem-autopopulate-user-defined-groups.htm I am very…
hey good afternoon, I am researching a SIEM solution. i want to know if i can collect logs using api call at Solarwinds siem? my saas application is not one of the supported applications.
Can anyone help me with rules for the below events on SEM Simultaneous Logins Malware Detection on systems – with the view to take action at a later point in time (remove system from the network). New Application Installation on systems Traffic by Destination Port SEM Log storage Server Status Torrent Traffic .
Is there anyway to copy filters between users? I did a search and found an old post from 9 years ago, but that didn't seem to work anymore. Thanks!
Dear Team, what is smartstart and how they work with a customer of their SEM implementationa ?
I have agents on 4 domain controllers. Sometimes the rule fires once and only 1 email is sent but sometimes it fires twice so we receive 2 emails. In the User Account Lockout rule I have the "Set time when a rule won't trigger actions after rule was true" checked and set for 30 seconds. When the rule fires twice they are…
New to working with FIM. Trying to setup an inclusion to watch for ALL files. In the With mask field, I have tried * and *.* and neither gets any results.
By the defense/detection in "layers" approach, over the years I have used LEM/SEM + FIM to attempt ransomware activity detection. My previous rules detected file creations with file extensions of known ransomware. It was very tedious to create the rules for each extension, and to maintain the group that held them with each…
It looks like you're new here. Sign in or register to get started.