Get the latest news about SolarWinds Security Event Manager (SEM)
is anybody know why SEM assuming picture below as Node? when I try to look inside the node, there is nothing information, I also dont know, how can it appear as node?
We are trying to capture checkpoint FW allow/deny firewall traffic logs on LEM. I have successfully added the node & configured the connector Checkpoint 600 Appliances (auth.log) However when i create a filter under Monitor , it shows EventInfo as "Unmatched auth UUid data , but under ExtraneousInfo it shows the correct…
Hello, I'm currently running SEM 6.7.1, and under the LEM Internal Events tab I'm receiving about 1000 events a minute. All the events are pretty much the same and have the same basic layout as follows: NAME: InternalWarning EVENT INFO: 2:The system cannot find the file specified. DETECTION IP: Mostly user computers, but…
In SEM, I've set up various Connector Profiles based on the monitoring needs of each group. However, I'm needing a better way to maintain this list without manually adding/removing nodes one at a time. Is there a way to add nodes to a Connector Profile from a text file (or CSV)? Or is there an even more automated method…
I was wondering if anyone ran into this same issue and if it is a bug. I am attempting to make a connector profile. For the most part works fine. However, I want to add FIM File and Folder, along with FIM Registry as two additional connectors to my custom connector profile. However, it will let me pick PCI, Windows,…
We are currently standing up a CentOS VM that will run as a Virtru Gateway. I recently added the SEM Agent to this device and it checked into our Manager with the Docker Container IP (172.x.x.x) instead of the VM's IP (192.x.x.x), which is causing it to fail to connect. Does anyone have any experience with how to get…
Hi All, My Company is looking for an SIEM in order to help us meet NIST 800-171 logging and monitor requirements, as well as general cyber security. We are interested in a few SolarWinds products and have requested a quote from the SolarWinds site itself, but have not gotten any response. Does any one know if there is a…
Hello I'm new to SEM and I start seeing some users activity in my user logons dashboard usere 1: "-" user 2: "NT AUTHORITY\ANONYMOUS LOGON" anyone knows where is that comes from. thanks
To quote the "What are we working on now" thread for LEM from 2011: "SolarWinds Orion Platform Product Integration: Escalating Events from LEM to Orion via SNMP Traps Since we're in the business of what makes sense to customers, we're also adding the ability to go the other direction and share events from LEM upstream to…
Hi guys, We are looking to use LEM to implement USB blocking. I understand how to create a whitelist, uploading the PID's of the stick etc. My question is this: Lets just say we have a whitelist with a tonne of PID's in it. A user needs to have a new device whitelisted and I upload a text file containing only the PID of…
It looks like you're new here. Sign in or register to get started.