Get the latest news about SolarWinds Security Event Manager (SEM)
Hello all! Our organization has currently decided to go ahead and set up SEM in order to increase our log visibility and take advantage of the what the solution offers. Please do bear with me as I am very much so entry-level in the security field and have limited experience in this realm. However, our small IT Department…
Hi all, as the subject says I'm struggling to figure out how to get the SMB widget to only display SMB events for a certain group of servers From the Live Events windows I can add the SMB filter and it works fine but gives me all the SMB events for all of my servers whereas I only want it to target a selection I've tried…
We have USB defender setup to block USB devices in our environment. Recently, in the last couple of months laptop dock's NIC cards are being registered as USB devices and blocked by USB defender. Causing the end users to lose internet access. I have been adding the USB devices to the "Authorized USB Drives" list to deal…
Hello everyone, i'm in search of assisstance or ressources for SEM/FIM audit covering hardening and configuration review (Checklists, reports, healthchecks..). Any help would be greatlyappreciated. Thank you
When I login into the SEM via SSH under cmc. and then under manger the ping command gives me a "invalid command" error. Is that a special format to use?
Hi Is it possible to ingest into Solarwinds SEM the records of a user-custom Oracle Database table/view ? In Splunk and Graylog I can do this by Pushing from Oracle and uploading to SIEM via a TCP Input (listener) respectively in XML and JSON format. In Splunk I can also do this by Pulling from Splunk with Splunk App DB…
Is it possible to have SEM parse latest IIS log and have logon events shown on a dashboard? Thank you!
Hello! I'm new to the community and I'm learning about SEM, I've seen that Solarwinds offers something called Privileged Account Monitoring Tool "PAM" I'm interested in learning how to configure that functionality in the SEM, however I can't find the necessary and complete documentation to help me do it. Could someone help…
I'm trying to limit our network team to only view events from network logs. Is there a way to do this that doesn't involve creating local users?
Hello All, I am trying to make an IP Shun Rule for SW SEM, but am needing some advice/help. I am thinking rule is true when: NetworkAttackAlerts occured, Actions: Block IP Network Attack Alerts.Source Machine and send email to our IT group about the incident. I just started learning in SEM so any help would be greatly…
It looks like you're new here. Sign in or register to get started.