Get the latest news about SolarWinds Security Event Manager (SEM)
The Lem does not appear to recognize special characters within an event data field; an underscore for example. I am using nDepth to search the Windows UserLogon.DestinationAccount field for account names which (in my AD environment) can contain an underscore "_" character. It appears the LEM does not recognize an…
I do not see a connector for OWL Cyber Defense Data Diode. What is the process to get this added to have a connector in the future ?
Hello All, I'm running 2021.2.1 and trying to configure directory service groups. I'm following the 2021.2.1 admin guide and on page 210 the guide has steps to accomplish this as shown in Figure 1. My issue is that I don't have the "Configure" menu option available on my UI, see Figure 2. What gives? I should add that I'm…
Here is how the subject event looks in SolarWinds Event Manager: Event Type: UserLogonFailure <our-domain-name>" DetectionIP: <Our-Exchange-hostname>.<our-domain-name> ToolAlias: Windows Security ProviderSID: Microsoft-Windows-Security-Auditing 4625 LogonProcess: NtLmSsp InsertionTime: 2021-06-21 07:44:25 Manager: sem…
We are setting up the Solaris 10 Basic Security Module (BSM) to log via syslog according to the following procedure: support.solarwinds.com/.../LEM-integration-with-Solaris-10-using-BSM however the file /var/adm/auditlog remains blank after executing all the steps of the procedure. Does anyone know of any process or…
Hello! The SEM product team is working on a new set of design mockups: Searching through raw event logs. We have some designs sketched out, and are looking for a couple people to take a look at give feedback - starting this week until June 18th. If you're interested, send me an email/PM and we can figure out a good time…
We have some logs coming in from Panorama and I want to create Incidents/Rules off of the ones that were generated by specific firewall rules. For example: We have an IP blocklist and if any machine attempts to hit those addresses the Block Malicious IP - OUT firewall rule drops the traffic. These logs are being fed into…
I am going to create accounts and the accounts should have privilege to add their nodes, but if there will be multiple account with the right to add their nodes should not see the information of other accounts.
I am using LEM in a process control environment. Firewall deny means something is wrong, so i have a simply set of alerts from each firewall to send an email on deny. We had a probelm with an application that was creating 6-10 deny / second, I end up with 17000 emails. Is there an easy way to add a delay, so i would get…
I've been trying to figure out an issue with the IIS Logging agent. I want to have my logs in local time, so I select IIS Format mode instead of W3C in IIS Logging config. Solarwinds doesn't have a agent for that, they allow have an agent for W3C, so I select the Advanced Logging agent which will let you select the log…
It looks like you're new here. Sign in or register to get started.