Get the latest news about SolarWinds Security Event Manager (SEM)
Currently supported Anti-Virus connectors are: AMaViS AVG 7.5 Network AVG DataCenter 7.5 AVG DataCenter 8.0 Bromium vSentry ClamAV Command Antivirus for Windows Command for Exchange Server CrowdStrike Falcon Cylance Next Generation Anti-Virus eEye Blink Professional Endpoint Protection ESET NOD32 Syslog ESET Remote…
Hi, I am looking for some advice regarding the malware detecting capabilities of SEM. I am trying to test out how well it can detect some different malicious programs that may makes their way onto end devices such as Trojans, RATs or Worms. I have an environment set up locally with multiple Windows 10 end devices and a…
Do you have millions of SecurityCenter Errors in your SEM for many hosts? ProviderSID SecurityCenter 17? SourceAccount Unable to resolve username. If you do I found out what's causing them... it's 3rd party security products like SEP. I use SEP and have these many many events in SEM... too many. Event ID 17 is Security…
We recently upgraded our SEM appliance from LEM 6.6.0 to SEM 6.7.0. After the upgrade, the appliance went through all of the client nodes (we only use this on windows servers) and upgraded their agents to 6.7.0 as well. After this, we noticed that some of our servers were running with very high memory & the process was…
Is anybody else is having issues with responding by killing a process? I was able to successfully send popup messages on the process starting but I try to kill the process as the response and it does nothing regardless of it being in a rule or manually from the Monitor page.
Hi Guys I was wondering if the was anyway to customize the title of the popup message that users get from LEM. At the moment it just says "Information", would be great if I could change this to have the company name or logo for example. Any reponse would be greatly appreciated. Airwolfr
Hi I am trying to create an acction to popup a message in a workstation after a new user have been created or deleted i see the rule is working but the popup message is not coming , please could you help me ?
I have two Snort connectors setup in SEM. One that handles the WAN interface of our pfSense box and one that handles the LAN interface. I want to create a Rule that will trigger an alert when Snort detects a network scan on the LAN interface ONLY. How would I do this?
I'm attempting to create a rule that will send an email alert when a user deletes a large amount of file within a small window of time. What do I need to add to my rule so that it only triggers when the deletes are done by the same user? Right now i could have multiple users delete multiple files in the time frame and it…
Hello, I am new at solarwinds. As far as i know if i install agent in a machine then all application, system and security related log will be forwarded to SEM by default. There are some application log which i want to fetch from a windows machine. From event viewer i am viewing those application logs but solarwinds are not…
It looks like you're new here. Sign in or register to get started.