Get the latest news about SolarWinds Security Event Manager (SEM)
All, I thought I bring this up to the community. We just installed license version of LEM after having trialed it for about a week. The first thing that jumped out at us is the product appears to have a major problem with IE, and intermittent problem with Chrome, and it seems to work correctly with Firefox. Further to that…
In SEM you can configure and LDAP/LDAPS connection but is there a way to configure an SSL connection to an AD server without having to setup or add an LDAP server? Just looking for a way to connect SEM to AD without sending login information, etc in plain text.
We are trying to get our AppLocker logs into LEM. I found this article that states we need to Modify the AppLocker log file paths on the host machines. This of course would be quite fun for a large network. Does anyone have a script or easier method to do this? Collect AppLocker events in LEM - SolarWinds Worldwide, LLC.…
Can the VMware hardware version be upgraded on the virtual appliance? If so, to what version? We are currently running SEM 2019.4 but looking to upgrade to 2020.2.1 soon. Current appliance is on version 8. I see in the 2020.2 release notes fixed issues section, VMware hardware version 11 is mentioned.
With reduced staff, I have not had the time for training on Solarwinds SEM. Last night, our external IPS detected an outbound request that it flagged a malware and blocked it. We would like to figure out where it came from internally. our firewall (cisco ASA) logs to to the SEM. How do i find this in the SEM console?
We have a Nessus scanner that runs credentialed scans every week on all workstations. When these scans run a handful of Windows servers reboot unexpectedly. We believe we have tracked the issue to the SEM File Integrity Monitor connector running. We opened a case with MSFT and they pointed to a driver, Swfsfltrv2.sys which…
Hi All, We have 4 oracle DB PRD servers and 1 UAT. We followed the below steps (the linux part) to config the audit logs. https://support.solarwinds.com/SuccessCenter/s/article/Integrate-the-Oracle-Database-with-SolarWinds-LEM?language=en_US All 5 servers have the same settings. We have touch the local6.log in /var/log in…
For some reason I get an awful lot of ChangeDomainMember events stating: Computer account "DOMAIN\PCNAME$" changed "-". The insertion IP is from one or the other of our DCs. Any ideas what causes this? Is it something I can just eliminate out in the filter?
I'm trying to set up the Samba connector, but the default log file it wants to use is /var/log/messages. We have Samba audit logging turned on, which writes a more detailed log to /var/log/samba/log.audit. Can SEM ingest this log yet? What connector should I use?
It is my pleasure to announce that Security Event Manager (SEM) 2020.2 is now available in your customer portal and you can download and upgrade your production servers, while retaining your complete configuration and history. What's New This release continued the focus on moving functionality from to old GUI to HTML5.…
It looks like you're new here. Sign in or register to get started.