Get the latest news about SolarWinds Security Event Manager (SEM)
I need to enable FIPS on our SEM Instance; I did some basic checks and assume its not installed: dpkg -l | grep fips, cat /proc/sys/crypto/fips_enabled (This is how you can check on RHEL). I did some searches for info about Debian and FIPS and that proved sparse and I either missed or found nothing in THWACK. If FIPS can…
Hi, I am just starting on my journey of implementing SEM and having some difficulties with setting up rules and alerting. I have configured our firewall to send logs to it and one of the events is : * Event TypeNetworkAttack * EventInfoIPS Prevention Alert: WEB-ATTACKS Malformed HTTP Host Header 2 * DetectionIPXXXX *…
High-level guide addressing some of NIST's requirements and how LEM (and other SW products) can assist.
Hi. The base install of SEM is in place (maybe 2-3 machines deployed). We hired a contractor (40 hours) to complete deploy for our small network (200 Windows PCs, 20 Servers - no routers/switches/firewalls). We have a Vuln Scanner and Symantec AV. Focusing on NIST 800-53 standard monitoring requirements Any critical…
Hi, I have downloadd the trial of Solarwinds SEM and have it up and running but struggling with the SQL auditing. I have configured the SQL auditing OK and it is passing data to the SEM (it is using the MS SQL connector). However, the server is in SEM and I can see the auditing events sometimes but what I want to do is…
Following are the steps I used to connect our Cisco FirePower Management Center 6.4.0.9 on VMWare to our Solarwinds LEM/SEM 2020.2.1. I'm sharing since others have posted helpful info for me to use. Paying it forward. 1. Choose FMC > Policies> Access Control> Access Control Policy> ACLPolicy-Internet (our Policy name)>…
New to SEM and trying to figure out what I am missing adding a new node. Using version 6.4. I ran the local agent installer on a Windows 2012r2 server, it completed, and the node is showing as connected in the console. But the only connector that seems to be running is "Windows Active Response". All of the other Windows…
I am currently running Security Event Manager, version 2020.2. I need to store five to seven years of raw logs (not normalized). I found in the SEM 2020.2 Administrators Guide that "A separate nDepth appliance provides additional capacity to store and retrieve raw log messages. If long-term storage of original log messages…
Hi all, I found that some servers with Last event > 7 days. Look like the lem agent suddenly not collecting event log from the windows server. Any log file should I check? How to perform troubleshooting? Thanks.
Hello, how can i read all commands sent by a syslog asa? I can only watch: writing configuration. Can you help me? Thanks
It looks like you're new here. Sign in or register to get started.