Get the latest news about SolarWinds Security Event Manager (SEM)
I am getting 100,000 of the messages for a CAT 6880 The syslogs are going to the default facility of 7 and I have the both the CISCO PIX / IOS connector and CISCO NXOS connectors on and pointed to facility 7. Anyone know why the connector can't identify the events?
Hello, There are no MSSQL-related report templates in LEM Reports for tracking typical admin actions such as: DELETE, DROP, GRANT, schema changes etc... How can one build such custom reports ? Is it possible to download and import them into LEM Reports so it is easier to run customized reports ? Thanks.
We have LEM hosted on a fairly fast SAN, but I find nDepth searches often take longer than the max 20min timeout window. Can anyone share their experience with LEM? There's about one more year left on our maintenance, and I'm starting to look for another product. -thanks!
Hi, Is it possible to monitor audit of Oracle 12c Database? I tried with connector for "Oracle Auditor - Database" with no luck. I found some documentation that say that LEM support Oracle 9-10 and 11 but I don't know if the doc is just outdated or not. Oracle 12c is out since many year so is there any plan to support it?…
Quick question: How do I find when someone uses username-password instead of using CAC authentication while logging on? Thanks Steve
New to LEM... we enabled a bunch of default rules. Every 15 minutes or so, incidents are created from events automatically happening on the manager. The rules that are firing to create the incidents are "Authentication Traffic but No Agent" and "Authentication Attempt - Default Account". The event info is always 'pam user…
Hi everyone...not sure if this is the correct part of the forum to post, so please excuse me if it is not. We recently upgraded LEM from 6.1 to 6.3.1 HF6 last Friday (10/27)...towards the end of the day, the end customer Management team advised that multiple used reported that their USB devices stopped working. Seems that…
I've recently installed the LEM product on a Hyper-V host running Windows Server 2016. After importing the VM, connecting it to a network, and launching it, I'm now at the initial login page. "Admin" and a password are already populated as described in the quick start guide, but when I click Connect, it just sits…
I am needing to create both Monitor filters and Rules that check if certain activity is happening after hours. I tried using the Time of Day Sets to do this, but when I add one of these sets to the Correlation it adds today's date to the time of day. How do I use a Time of Day set without specifying the date. In other…
Hi, I'm currently deploying LEM and we have a new SQL Server 2016 on which we will want to do some DB log collecting. When selecting the Profiler version in the MSSQL Auditor tool (latest version), MSSQL 2014 is the latest version available. Will Auditor not function at all with MSSQL 2016 ? Or can I just select the last…
It looks like you're new here. Sign in or register to get started.