Get the latest news about SolarWinds Security Event Manager (SEM)
I have a rule created to send out an email when an port scan is detected. The rule itself works but I'm having an issue when I'm testing it where it fires off tons of the same alerts. I have the "Set time when a rule won't trigger" enabled (see attached) but I must not be understanding how it works.
I am trying to add a Aruba 7010 version 8.3.0.6-FIPS I used the following Aruba website to get the logging server set up : https://www.arubanetworks.com/techdocs/Instant_83_WebHelp/Content/Instant_UG/Log_servers_monitoring/Syslog_Server.htm Then I went into SEM and added the Nodes=>Manager Connectors and added Aruba, Aruba…
Hi Everyone, We are trying to connect Kaspersky Security Center 12 to the SEM. Even the support team is still tring to get this connector working. Anybody had sucess with Kaspersky Security Center 12 Integration with SEM?
Looking to pull logs from a windows NPS server. I sort of have it working as its pulling some NPS logs but they don't have the needed data. I'm looking to pull the Mac address of devices that are attempting to Authenticate with old credentials. The only Log im getting right now gives the IP of the Wireless controller which…
Our Primary Domain Controller (PDC) shows many, many UserLogonFailure Events (4776) with the text: "user name is correct but the password is wrong" and also "Error Code: 0xc000006a Error: user name is correct but the password is wrong". The AuthPackage is: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 I suspect somehow this is our…
I'm in charge of our SEM at work and was told that I need a certification for it. I checked the SCP program and it shows that there's an exam for it but in the PSI site there's none. Am I missing something here?
Hi, I am new here to the THWACK community. I am looking for a document to guide me how to "best' configure the my SEM. Any information will be highly appreciated.
Is it possible to have multiple firewalls across separate isolated networks all send log data to an Agent installed on a Virtual Windows Server which has been configured to connect to each of the separated networks via multiple nics? I.e. the following: I would like to be able to have Cisco Firewall 1 on Network 1 send its…
Hi! There was a article talking about: https://support.solarwinds.com/SuccessCenter/s/article/LEM-Top-PCI-Events-filter-conditions?language=en_US&r=38&ui-knowledge-components-aura-actions.KnowledgeArticleVersionCreateDraftFromOnlineAction.createDraftFromOnlineArticle=1 But this article do not work with 2020.4 SEM. Any one…
I am working on an alert to send to our help desk when users have a specific application crash on a Windows workstation. I have created the event monitor to alert on the crash and that is working as expected. The part I am having trouble with is returning the current active user. I have asset inventory enabled on these…
It looks like you're new here. Sign in or register to get started.