Get the latest news about SolarWinds Security Event Manager (SEM)
Hello All, I am trying to make an IP Shun Rule for SW SEM, but am needing some advice/help. I am thinking rule is true when: NetworkAttackAlerts occured, Actions: Block IP Network Attack Alerts.Source Machine and send email to our IT group about the incident. I just started learning in SEM so any help would be greatly…
Hello, Looking to get a filter created which will fall over into a rule that will detect any attempted logon to one of our adm accounts from an IP outside of the UK? From my own thoughts this would involve me gaining a CSV list of UK IP addresses adding them to a user defined group *uk IP* and creating the rule to trigger…
I'm curious if anyone has setup a cold site backup for SEM as part of a COOP. Is it possible to back up and redeploy the SEM in the event of loss of the current deployment site? HA is not available for SEM that I'm aware of and I don't want to purchase an additional license to standup a backup deployment. Thanks for any…
I've enabled collection of SMBv1 events on a few domain controllers that are still using it. How do I have the collector agent pull those logs in? They're located here: Microsoft-Windows-SMBServer\Audit
After installing Manager Ping OK but the port 9001 on the LEM appliance could not be opened. I installed the self signed certificate using the knowledge base instruction. I am getting the same error. Reports Tool - Manager ping OK but the port 9001 on the LEM appliance could not be opened for SEM 2022.x (solarwinds.com)…
In the release notes for 2023.4.0, one of the items under "Fixes" shows "You can now download a SEM Agent to a system running the macOS operating system." When I go to the "Local Agent Installer" download dropdown, I see installers for AIX, HPUX, Linux, Solaris, and Windows, but nothing for MacOS. I was pretty sure I saw…
1. It says the upgrade path is Run the SEM Upgrade ISO with version 2022.4 2. Run the SEM Upgrade ISO with version 2022.4.1 3. Run the SEM Upgrade ISO with version 2023.2 4. Run the SEM Upgrade ISO with version 2023.2.1 This step isn't listed (got this from support yesterday) Then you can go to 2023.4 Bill
The LEM/SEM interface had a feature where one could great a filter in "Live Events' and then end it over to "Historic Events" aka nDepth for historic analysis. This feature is no longer available since the Flash to HTML5 migration. It has not been migrated as of 2023.2. I opened a ticket on this issue which as closed. I…
After upgrading to SEM from LEM, I am still learning the differences between the old and new consoles (UI). In the new SEM Console, I don't see any way to import filters other people have made (or export for that matter) as you could in LEM. How to team members share their filters?
Anyone have any inside info on when SEM will fully support IPv6. I was told and read it wasn't supported but no one is able to give a date. How in the world it's not supported is beyond me. We have less than a year for it to be supported and then we have to find another option.
It looks like you're new here. Sign in or register to get started.