Get the latest news about SolarWinds Security Event Manager (SEM)
I recently realized that USB attachments were not being logged. I tested my system using a USB external hard drive and the attachment to my system never showed up in nDepth. Started digging into the logs and it appears that only Windows 7 systems and recently built Windows 10 systems are logging the attachments. We are…
A couple requirements that I solve a different way but it would nice if it was just a checkbox in SEM to make it easier to do. Storage of RAW logs: One requirement is to store logs in RAW log format. Since SEM normalizes the data and puts it into the database this won't solve this requirement. There is an additional…
I understand there is a Cylance Connector to be able take in data from Cylance by turning on the syslog option on the Cylance web portal. Unfortunately, due to how my organization is setup I cannot send the logs that way. Is it possible to pull in the Cylance logs from each individual windows client that has SEM installed…
I have been tryinng to get servers upgraded to 6.7.1 from 6.3 and have had some issues doing so. It appears that there is no way to remotely uninstall a 6.3 or 6.3.1 agent. I was trying to using the 6.4.1 agent remote installer to upgrade the 6.3 clients but that has not been working. I have been remoting into the machines…
Hello, We've been using a rule we made that would detach unauthorized USB from the computers, it then stopped working for some reason, we then tried to use the prebuilt template already available, the USB-Defender Events monitoring is still showing usb being attached but the rule still isnt working, any ideas?
What LEM connectors should I use for DNS/DHCP on a Windows 2012R2 domain controller?
Good Morning, I wonder if someone could be of assistance. I am looking at using LEM to be able to tie DHCP Lease Assignment to a specific user. It would be incredibly handy to be able to track which IP Address was assigned to which user, and device along with the specified time. I've looked through various options and…
Discussed some licensing options with Eren Terkes and others yesterday. I'm hoping we can find a way to start using SEM on all my networks isolated and CUI this year. Most of my small Information Systems are today using one off combinations of scripts and various tools (sometimes free or open source) to do logging and for…
We have 2 SEM installs in our environment because of network constraints and latency. A 500 and a 100. Is there any way to get the SEM 100 to send it's events to the SEM 500 so that we can build an overall dashboard and only check one place instead of logging into 2 websites?
Symantec Endpoint Encryption (SEE) event logs can be found on client machines under Windows logs > Application > Symantec Encryption (Event IDs 3000-3013, 3020-3023, 3040-3045, 3070, 3071, 3101-3104, 3151-3164, 3201-3203). Is there any way to view these logs in LEM/SEM?
It looks like you're new here. Sign in or register to get started.