Get the latest news about SolarWinds Security Event Manager (SEM)
We have beeen using the LEM web and client console successfully for some time, but I would now like to explore the Report tool as well. Its installed on my machine, however, it insists on being run as an administrator. Per my org's policy, those that do auditing cannot have and admin account. From the LEM user's guide:…
Hello, We have purchased LEM and are experiencing some success with the web console and the client console for real time monitoring. However, I'd love to start using the Report tool to supplement our audit process. Tool is installed on my machine, but insists on be run as an administrator. Per my org's policy, those that…
I have look through the troubleshoot guide and gathered information based on it Our RHEL servers are currently connected to the LEM as shown in the LEM console, have verified that no firewall is between these devices as all the ports are opened, Started the connector for Linux such as PAM and OpenSHH. In the LEM Internal…
Hi all, I am pretty new to SIEM and have only staged a few SolarWind LEM in my lab. I have also went through the available reporting templates in Report Application Console. May I know what are the keys things/recommended daily reports for the reporting application in LEM? (At least 3) As far as i know: 1)…
Hello, Are there any parameters or correlations that can be used to created a LEM rule to alert for any and all logs for a specific IP coming in and out? I have a file server I need to monitor, but I cannot create any rule that is generic enough to cache different types of data. Is there anything that can be recommended?…
Hello, I have taken over the LEM appliance and am the new administrator for the tool. From my understanding, the LEM appliance should house all of the logs up to a certain date. Our organization has allegedly configured a 365 day retention period. When I do an nDepth search for all logs (no filters), I can only pull back…
I need to create a report of 200 network devices extracting all those with "East" in the hostname. How do I do that? I searched for "east" under managed nodes but I need to make an exportable table so that someone else can use it.
I'm rolling out lem agent to 700 devices, so been testing with first 2 , the agent installs, but the USB defender doesn't install, I un ticked and re ticked, even tried installing twice and with same problem if i do a local install on a machine the usb defender installs fine
Is it possible that LEM can read the "Windows Applications and Service Logs" or at least one of the specific Logs called "TerminalServices-LocalSessionsManager" for remote desktop sessions. I see that for connectors it only reads the Application, Security and System logs, or do all of Windows logs get sent when you setup…
Is there a way to easily determine which LEM Rules a recipient is assigned to? I looked through the reports tool and saw some reports that might have been what I was looking for (Rule Subscriptions by user, among other "Rule" reports) but they weren't what I needed. Can the rules be exported somehow to just search for the…
It looks like you're new here. Sign in or register to get started.