Get the latest news about SolarWinds Security Event Manager (SEM)
I have seen a few requests for examples of using auditd on Linux in combination with SEM to create something similar (with some caveats) to the file integrity monitor that is available out-of-the-box for Windows nodes. Auditd is a very complex tool with many options for logging file access and process execution but if you…
A client is looking at a competitors SIEM and since he already owns SolarWinds, I'd like to get some quick answers if possible before we have a decision on this competitors product. 1. He already has a huge investment in NPM/NCM, with SolarWinds LEM this integration will provide: <?> 2. SolarWinds is a better SIEM for…
This might seem, little weird question. I am new to the lem software still, please help. I have been looking over all my Connector Profiles groups that are in LEM. I have notice that not all devices are set to a specific or general profile group. This made me look at devices that are not showing up in a profile group. When…
Good day everyone, I had idea to make sure that new windows servers that will be added to the LEM ports are open. Ports I am talking about is TCP 37890-37896 I was trying to use NMAP nmap -sT -p 37890-37896 10.x.x.x This is the output PORT STATE SERVICE 37890/tcp closed unknown 37891/tcp closed unknown 37892/tcp closed…
We are seeing hundreds of failed logins for users from the ToolAlias: Cisco ACS and AuthPackage: MSCHAPV2. Is there a way we can configure LEM to reduce these logs? I've contacted the users and they always tell me the same thing. "The only thing different about my account is that I've reset my password recently" I feel…
Is anyone familiar with creating a rule that fires when an individual has an account logged into two machines at the same time?
When I create a new case at website, I couldn't submit it.
I'm trying to set up AD logs with LEM. I downloaded the Remote Solarwinds Log & Event Manager Agent. My concern is that with my company we have hundreds of Windows servers. Is it necessary to use all of them? Can we feed these AD logs into LEM by only adding a few Windows servers? Would somebody please post a detailed…
I am curious how the LEM agent generates it's SID/UID? We are working with a client to develop a BC/DR solution and I am curious when the replica nodes comes online if it will check in as a new node or if it will appear as the same node?
Hi we have a configured DFSR which collects log4net app.logs from many servers to one server. And we need to analyse these logs. The problem that I met is when I create log4net connector on that server, in the "path" settings i have to put the exact path+filename of the log file. If the path contents only a folder path the…
It looks like you're new here. Sign in or register to get started.