Get the latest news about SolarWinds Security Event Manager (SEM)
Hello, I'm constantly experiencing a problem with LEM. From time to time I can not log in to the WEB GUI, the first time this occurred I enabled https and the problem was solved momentarily. But now the same problem came back to haunt me. Could you help me LEM Version: 6.3.1 Hotfix 7
Can your set up a filter to alert when the database reaches a specific size? or when the span of days is exceeded? We have a requirement to keep logs for 90 day, and we are currently capable, but we don't know how to monitor besides doing the Crystal Report on a regular basis by running the Database Maintenance Report?…
I am getting lots of alarms from LEM and I don't know how to modify them. The alarms say: TriGeo Alert! the start type of the background intelligent transfer service service was changed from demand start to auto start. at 2019-02-06 10:59:20.0 Can someone please tell me where to find the source of the alarms? I tried…
My organization has LEM agents deployed on the domain controllers. I have created a logon rule for users within a certain subnet of the organization. (EX. UserLogon.SourceMachine=Source IP) Since the agent is on the DC, I can see the Logon from the source user, but I cannot see the process to which they are accessing after…
Is there a LEM connector in the works for Desktop Central?
Has anyone wrote a report that tracks when a node or agent last sent an alert? There is a dashboard widget for this but I'd like a report that we can scrub through every week or so to see where our problem devices are.
I am receiving massive amounts of denied TCP packets and Telnet requests from outside sources EX.Russia,Germany, Netherlands,Venezuela, and some US states. These alerts are coming from a custom filter I created: "TCPTrafficAudit.DestinationMachine=Internal IP". Apart from creating geo-blocks and restrictions on my…
Hello community, Can you please advise on how I am able to send a specific folder logs to Solarwinds LEM. I have an Ubuntu syslog server logs that need to send to LEM. The log folder generates a different .log entry for every unique host. For example below. /var/log/appliance_web 1.2.3.4.log 5.6.7.8.log The connectors only…
Odd question here. I've noticed that the EventInfo information, at least for the FileCreate and FileDelete events, is transformed to all lower-case letters in our email alerts. The EventInfo displaced on the screen is in mixed-cases, but the email alert is all lower. I've looked for some sort of formatting switch and can't…
Hi everyone, so I am establishing new rules in LEM and need some advice. I would like to monitor all access to certain servers. Firstly I wanted to ask what other information should I be monitoring other than logging? The other questions is my current rule layout. At the moment I have UserLogin AND rule and…
It looks like you're new here. Sign in or register to get started.