Get the latest news about SolarWinds Security Event Manager (SEM)
Are you able to clear events you have already viewed within the dashboard to gain better instant visibility? As it stands now, events are clogging up dashboard widgets with data that we already viewed therefore new events cannot pop up on the dash.
I put "sending" in quotes, because the agents on about 20 domain controllers are all still running. At first boot up, all of the Windows domain controllers suddenly begin sending events to SEM again, and all seems well. However, every few days, I notice that the "node health" pane on the dashboard shows that the "Last…
Hi everyone, I am experiencing an issue where SEM continuously crashes regularly. Our SEM instance is currently using 12 cores, 40GB of ram. We have around 700 endpoint devices reporting through the SEM client. It has plenty of system resources. Any suggestions to remedy this problem?
What is Infer alert, and how does it work? Where does the alert go?
Hi Everyone! May i ask on how to Add Junifer firewall as a Log Sources? We having probelem on Adding this device Can you give us the Steps or Advise best practice for us to apply on our Client. Thanks!
Hi team, We have some logs coming in from Stormshield and I want to create Rules off of the ones that were generated by specific firewall rules. I would like to recover a specific word instead of the entire content. For example: we have a block list of IP addresses that attempt to access over ssh, the firewall rule block…
I have a rule that alerts me when we have a failed login on our firewall. I would like to have it list the public IP address that attempted to login. Palo Alto keeps this information, so I should be able to find a rule ID for this, but I cant seem to find it anywhere. Any help would be appreciated! Host: is my devices IP…
We would like to forward sensitive logs from another SaaS Application to SEM. I came across an article from four years ago that mentioned plans for implementing encrypted syslog data support in SEM. However, I am unable to find any recent updates on this matter. Considering the advancements and evolving security…
When using SEM for compliance it would make sense to come up with a standard set of filters and alerts you can use across your entire infrastucture by copying between instances. Have others done this and do others have many instances of SEM they manage? I'm curious what kinds of additonal alerts and filters you've added…
Hello, we need to have a way to report all server last reboot/uptime back to us and are wondering if this can be done through SEM. i see other SW products are able to do it but have not seen anything for SEM yet. Thanks
It looks like you're new here. Sign in or register to get started.