Get the latest news about SolarWinds Security Event Manager (SEM)
Has anyone successfully done log collection from cisco umbrella on LEM?
I am trying to configure the rule Policy View/Change so that it will send an email alert only if the rule is fired out of business hours, not during business hours. I have correctly put the time in business hours group. Default rule has for correlations PolicyModify.InsertionIP does not equal to PolicyModify.DetectionIP I…
Is LEM the same as the "NEW Log Manager for Orion", drewmanchester? 5/23 Live Webinar (NA): Putting Your Logs Where They Belong with Log Manager for Orion
I am curious if it's possible to use LEM to create state based events out of logs which generally are not state based. As an example... I want to a log that comes in to trigger an alert. I want that alert to continue to send out alert emails every 30 minutes until the alert is re-armed. I want a different defined log to…
I noticed that email were not being received from LEM. I went to the email server admin and he has been STIGing the exchange server. He said he enable TLS on all connections according to the STIG. I tried to enable TLS on my connector, but it is not working. I get a 5002 error and info saying could not convert the socket…
At the moment, i'm sending syslog messages to LEM from my ASR9010. via the folloiwng statment: logging 10.1.99.138 vrf Mgmt-Intf severity notifications port default Those who SSH into the router generate a notification, as well as any configuration changes. However, that's about it. Has anyone deployed a connector and…
Hi, We've finally got around to looking at implementing USB Defender but only require it in a file audit capacity. So we don't need whitelist or UDLP items, there's GPO in place and AD secgroups to control USB access. I have one development Windows 7 citrix VDI desktop accessed via a Wyse terminal and I can see…
Is there a way for local LEM users with "Guest" or "Auditor" user role to change their password in LEM? Don't see anything in documentation as to how to do it, and testing it, the user with that role doesn't appear to have the ability to edit his user to change password. Is there a mechanism for a user to do this?
Hello fellow thwackians. Does anyone know why at the beginning of every day that the Health monitoring of every port on switches basically refreshes? Just more curious than it is a problem.
Hi all, I want to know how to add HP device to log and event manager? I think i need to configure connector but i did not see connector discovery in connector lists. Thanks.
It looks like you're new here. Sign in or register to get started.