Get the latest news about SolarWinds Security Event Manager (SEM)
I'm trying to set up the Samba connector, but the default log file it wants to use is /var/log/messages. We have Samba audit logging turned on, which writes a more detailed log to /var/log/samba/log.audit. Can SEM ingest this log yet? What connector should I use?
It is my pleasure to announce that Security Event Manager (SEM) 2020.2 is now available in your customer portal and you can download and upgrade your production servers, while retaining your complete configuration and history. What's New This release continued the focus on moving functionality from to old GUI to HTML5.…
I sure did! I'm on 2020.2.1 right now. It's running now ok. I had an error towards end of the install that said this during the install: Upgrading Flow Database POSTGRES UPGRADE FAILED. NETFLOW WILL NOT WORK. PLEASE CONTACT SUPPORT. This was in all RED CAPS. I do have a case open. I'm not using any netflow from SEM...…
Good morning all, Currently I am able to export logs from SEPM 14 to SEM 2019 but the Client Security Logs are nowhere to be found. These are the IPS events. Confirmed they dump to file correctly from the same logging area inside SEPM. I am using the SEP11 connector with log normalization enabled.. which cuts out the…
How can I create a rule that triggers on "Access Denied" or "Permission Denied" attempts on unauthorized access attempts on files in Red Hat Linux? We are using a Red Hat Identity Manager environment. Also, how would I set up an event filter to see those attempts?
I am having an issue where I am getting a prompt from SEM web gui to provide my credentials. I provide credentials (we use both tokens and passwords). It does not fail unless I close the prompt. LDAP works fine. I have a CA that I signed the ssl Certificate with. The SEM name is sem.domain (This is an offline domain). The…
I am attempting to configure AD integration for LEM (6.3.1) and for the life of me, I cannot get it to function correctly. I contacted tech support and they sent me this article. When I get to the section on adding an LDAP connector, I receive the error below. My first thought was permissions/password issues, but the new…
Hello All, Could you please suggest me best tool/module in solarwinds by which i can track devices are compromised in my infra ? I am not sure if Solarwinds SEM can fullfil the requirement of monitoring and check compliance of both network/security & hosting devices. Any help appreciated. Thanks, Alankar
I have tried searching the existing questions and discussions and have not really found a complete answer. I have found in LEM the existing item under groups called "XSS and SQL Injection Vectors". (For some reason it is listed under User Defined Group. I have created a rule template called "Template: SQL Injection…
Does anyone know how to configure MS forefront to log to the SEM?
It looks like you're new here. Sign in or register to get started.