Get the latest news about SolarWinds Security Event Manager (SEM)
I am using LEM in a process control environment. Firewall deny means something is wrong, so i have a simply set of alerts from each firewall to send an email on deny. We had a probelm with an application that was creating 6-10 deny / second, I end up with 17000 emails. Is there an easy way to add a delay, so i would get…
I've been trying to figure out an issue with the IIS Logging agent. I want to have my logs in local time, so I select IIS Format mode instead of W3C in IIS Logging config. Solarwinds doesn't have a agent for that, they allow have an agent for W3C, so I select the Advanced Logging agent which will let you select the log…
I have a rule created to send out an email when an port scan is detected. The rule itself works but I'm having an issue when I'm testing it where it fires off tons of the same alerts. I have the "Set time when a rule won't trigger" enabled (see attached) but I must not be understanding how it works.
I am trying to add a Aruba 7010 version 8.3.0.6-FIPS I used the following Aruba website to get the logging server set up : https://www.arubanetworks.com/techdocs/Instant_83_WebHelp/Content/Instant_UG/Log_servers_monitoring/Syslog_Server.htm Then I went into SEM and added the Nodes=>Manager Connectors and added Aruba, Aruba…
Hi Everyone, We are trying to connect Kaspersky Security Center 12 to the SEM. Even the support team is still tring to get this connector working. Anybody had sucess with Kaspersky Security Center 12 Integration with SEM?
Looking to pull logs from a windows NPS server. I sort of have it working as its pulling some NPS logs but they don't have the needed data. I'm looking to pull the Mac address of devices that are attempting to Authenticate with old credentials. The only Log im getting right now gives the IP of the Wireless controller which…
Our Primary Domain Controller (PDC) shows many, many UserLogonFailure Events (4776) with the text: "user name is correct but the password is wrong" and also "Error Code: 0xc000006a Error: user name is correct but the password is wrong". The AuthPackage is: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 I suspect somehow this is our…
I'm in charge of our SEM at work and was told that I need a certification for it. I checked the SCP program and it shows that there's an exam for it but in the PSI site there's none. Am I missing something here?
Hi, I am new here to the THWACK community. I am looking for a document to guide me how to "best' configure the my SEM. Any information will be highly appreciated.
Is it possible to have multiple firewalls across separate isolated networks all send log data to an Agent installed on a Virtual Windows Server which has been configured to connect to each of the separated networks via multiple nics? I.e. the following: I would like to be able to have Cisco Firewall 1 on Network 1 send its…
It looks like you're new here. Sign in or register to get started.