Get the latest news about SolarWinds Security Event Manager (SEM)
We have LEM hosted on a fairly fast SAN, but I find nDepth searches often take longer than the max 20min timeout window. Can anyone share their experience with LEM? There's about one more year left on our maintenance, and I'm starting to look for another product. -thanks!
Hi, Is it possible to monitor audit of Oracle 12c Database? I tried with connector for "Oracle Auditor - Database" with no luck. I found some documentation that say that LEM support Oracle 9-10 and 11 but I don't know if the doc is just outdated or not. Oracle 12c is out since many year so is there any plan to support it?…
Quick question: How do I find when someone uses username-password instead of using CAC authentication while logging on? Thanks Steve
New to LEM... we enabled a bunch of default rules. Every 15 minutes or so, incidents are created from events automatically happening on the manager. The rules that are firing to create the incidents are "Authentication Traffic but No Agent" and "Authentication Attempt - Default Account". The event info is always 'pam user…
Hi everyone...not sure if this is the correct part of the forum to post, so please excuse me if it is not. We recently upgraded LEM from 6.1 to 6.3.1 HF6 last Friday (10/27)...towards the end of the day, the end customer Management team advised that multiple used reported that their USB devices stopped working. Seems that…
I've recently installed the LEM product on a Hyper-V host running Windows Server 2016. After importing the VM, connecting it to a network, and launching it, I'm now at the initial login page. "Admin" and a password are already populated as described in the quick start guide, but when I click Connect, it just sits…
I am needing to create both Monitor filters and Rules that check if certain activity is happening after hours. I tried using the Time of Day Sets to do this, but when I add one of these sets to the Correlation it adds today's date to the time of day. How do I use a Time of Day set without specifying the date. In other…
Hi, I'm currently deploying LEM and we have a new SQL Server 2016 on which we will want to do some DB log collecting. When selecting the Profiler version in the MSSQL Auditor tool (latest version), MSSQL 2014 is the latest version available. Will Auditor not function at all with MSSQL 2016 ? Or can I just select the last…
In nDepth, I need to search for complete strings, including spaces, periods, hypens, etc. Here is an example: If I search for DstIP: 12.34.56.789 I get results for DstIP and 12.34.56.789 in the same event, but not as a complete string. It could be DstIP some text 12.34.56.789, or 12.34.56.789 some text or numbers DstIP.…
Hi everyone...Solar-n00b here, and I am new to this forum (and to LEM in general). I've recently joined the team at work, and they've placed me on a task to assist in upgrading their current LEM from 6.1 to 6.3.1 HF6...I'm assisting and not leading, but would like to be as prepared as possible to understand fully what is…
It looks like you're new here. Sign in or register to get started.