Get the latest news about SolarWinds Security Event Manager (SEM)
Hi Thwack users. I have inherited a SEM system recently with zero documentation. A User is reporting they are getting daily unwanted schedule search emails. My knowledge is SEM is pretty limited having only just inherited it, but the user and local admin don't have any schedules setup in any of their searches. From my…
Dear Community. I have a below requirement. Where we need to create rules for SQL related events as mention below on Solarwinds SEM . * Injection Attempt * Detection of large row deletion 3. Detect large data added 4. Unauthorize access Can anyone please help me. How we can create rules based on above criteria. Best…
All, Am new to Solarwinds LEM. Can someone please guide me on how to create an alert for all logins be it failed or successful from 1am to 6am. I am kind of list when trying to create. Thank You,
Hi! Previously the checkpoint sem connector was working correctly, after the checkpoint update the connector does not work.the connector configuration has already been done, however due to the update, the most viable and least obsolete option is to do it with checkpoint's LOG exporter. When reviewing the SEM CLI, the LOGs…
We have SEM Agents on all our Win10 laptops and when the user is on the network (either in the office or connected via VPN), the SEM server collects all the system, application & security events for each device. When the user disconnects from the network/VPN, and works offline, those logs continue to collect events, but…
Is there a document that explains what each SEM Rule Parameter does? For example, is there an explanation for what "network audit alerts.InferenceRule" parameter means? Another example is "Auth Audit Alerts.UniqueID", what is the UniqueID pulled from? Thank you
Hi, I am having trouble with configurating the SSO on our SEM. I am stuck with Generating a keytab file using ktpass. How do you generate one? We have no prior experience in generating such file.
In an evolving, complex, distributed, and dynamic IT environment, security observation is necessary to make everything in IT more secure. Currently, IT teams focus on continuous monitoring as it is the most effective way to manage an environment proactively. However, SecObs helps organizations better understand their…
I initially had a login failed error Error code: -2147189176. I found this article and did exactly what it asked me to do; https://support.solarwinds.com/SuccessCenter/s/article/LEM-Reports-Console-Error-Logon-failed-Error-code-2147189176?language=en_US When I re-tested this same scenario, it seemed to work but then I got…
Hi Guys, I have a SEM project commencing on Monday, 25th September, 2023 and the Application/Dev team wants some logs to be configured on the Security Event Manager for their alert and monitoring. Could you please share with me on the best way to have the following request below configured: 1. Health of the Server…
It looks like you're new here. Sign in or register to get started.