Get the latest news about SolarWinds Security Event Manager (SEM)
Hi all, I have configured the LEM to send me an e-mail notification when certain events occur but it doesn't work. Please help me in how to solve such problem
I have made several unsuccessful attempts to scheduled a report , in the L.E.M report console, to run and export to a directory while the user is not logged into their device. The report does run and get exported to the directory while the user is logged into their device, but when the user is not logged in the process…
I will soon be installing LEM at my customer site. Previously I did a compare between Splunk, LEM and Oracle Vault. I installed all three products and ran them in our test environment. I picked LEM because the servers farms are not that big and we don't have time to build Splunk dashboards. Plus LEM is priced right for…
Hello everyone. I attempted to see if there is any pre-existing documentation listing minimum resource requirements needed to setup/build a SQL server, however, all I can find right now is information regarding LEM client/agent recommendations and SQL DB best practices. We're currently using LEM v:6.3.1. Thanks in advance…
From what I've read online, it's a normal event that returns Group Membership Information. It appears in the logs between events 4624 (An account was successfully logged on) and 4634 (An account was logged off). By being tagged as MachineLogonFailure, if I filter on that event there are tons of results that don't appear to…
Hello everyone, I have an alert that tells me when an account is locked out. It works very nicely. Every once and a while it alerts me that my domain\administrator account is being locked out, but when I check that account it never is. Has anyone seen this behavior? Any ideas would be welcome! Thanks!
Hi All, As part of LEM 6.3.1, we added SNMP monitoring of the LEM VM from Orion. SNMP monitoring allows Orion users to monitor key metrics of the LEM VM including RAM, CPU & Volume statistics. Monitoring the '/var' volume is particularly useful as the log data is stored on this volume. You can view the steps involved in…
We recently just deployed LEM into our environment and I am having issues with setting up a rule/filter. I am unsure if this should be a rule initially before filtering or vise versa. Nevertheless, I am working on a close network so no traffic internally can get outside and vise versa. I want to create a filter or rule…
Our team has been working on some rules to mitigate threats from removable media. We have had good success with file monitoring, read/writes, and actively responding to executable attempts from flash drives and other removable media. Our point of contention arises when we work to meet another requirement of providing our…
I have a file share where each user has their own folder with their username that only they can access. I have file auditing (delete,read,write) turned on for the folders and files on that file share. The folders have the following naming convention Z:\Users\(username) . I would like to create a rule that sends me an alert…
It looks like you're new here. Sign in or register to get started.