Get the latest news about SolarWinds Security Event Manager (SEM)
Hi, we use Windows 2016 Server in our environment and LEM 6.4. We have installed die LEMAgent an die Windows 2016 Server with die Windows Installer from LEM (local installation). There are 4 Connectors connected to the LEMAgent, but only 2 connectors I can start: (1) Windows Active Response --> RUN (2) Windows Security Log…
Hello, When I explore nDepth for 1 week or for 1 month, it does not finish as a process and notifies "Time Out" What's happening? Does anyone help me to solve this problem? Thanks
Hello, I am trying to have LEM displays logs from two devices that run Linux. The environment has a virtual machine runs pfSense as a router, and another virtual machine that runs Fedora as File Server. I want them to be Syslog Client, and send logs into LEM. @/*ip address of LEM server*/:514. When I go back into LEM,…
Hi all, I have an LEM server taking in logs from our domain controller and most of the built-in alerts are working correctly. The problem is when we make a change group memberships the alerts we receive are not resolving the username of the person changing the memberships. I have a recent example alert below (### indicates…
Hello, I am trying to create filters that help displaying RDP traffic information (Remote user logon and logoff), Workstation logon and logoff, administrative use, and SMB (when users access shared drives, folders, and files). Please advise! Thank you very much for your time and effort!
How can I get vCenter logs into LEM? I am running vCenter version 5.0 on a Windows host. If you are running vCenter Server Appliance 5.0 this might help you( virtuallyGhetto: Forwarding vCenter Server Logs to a Syslog Server ) This article explains how to configure esx hosts to syslog events into LEM ( SolarWinds Knowledge…
I am trying to find a rule template in Solarwinds LEM that would notify via email or otherwise if changes are made to the actual LEM appliance security. This is needed to respond to a NCUA audit finding. Is this possible? I have only found three rule templates for the LEM appliance itself under Devices --> Manager. None of…
I want to monitor Kaspersky security center 10 in SolarWinds LEM (Logs & Events Manager), Would you please guide me which connectors i need to configure for Kaspersky security center 10, which settings need to configure in connectors, and a requirement i need to configure to get Kaspersky security center10 complete logs in…
Hi All, I am trying to configure an alert that will trigger when a user in a DS group (AD) fails 3 attempts within 3 minutes from same detected IP. The DS-group is populating correctly with all the user accounts from our AD. But it is not triggering?
I'm sure at least some of the information below is already out here, but based upon my recent adventures getting our syslog devices into LEM, I thought it may be handy to have more information on a single page. The instructions that LEM links to for the configuration of Cisco syslog works fine for switches. For routers…
It looks like you're new here. Sign in or register to get started.