• Forward Multiple SEMs to One Location

    We have 2 SEM installs in our environment because of network constraints and latency. A 500 and a 100.   Is there any way to get the SEM 100 to send it's events to the SEM 500 so that we can build an overall da...
    Profile Photo
    last modified by nstanley
  • thwack Store

    I have purchased a few things on the thwack store, but did not approve for shipment yet. I want to cancel these items and purchase other one, but i dont see anything where i can cancel this.
    Profile Photo
    last modified by brahiem99
  • Start script for the Linux (SEM) agent on v7 of Oracle Linux (systemd based)

    I am looking at the Linux agent installation documentation (below) and it applies to v6 of Linux (configuring a script in /etc/init.d). Installed SEM version = 2019.4   Install the SEM Agent on Linux and Unix ...
    Profile Photo
    last modified by rvincent
  • SEM\LEM not showing all events

    Why does LEM nDepth only show 20 events, console show 80k and Cisco show 31k For the past day I've been struggling with why the events leaving my Cisco switches haven't all shown on LEM. At first I thought it was the...
    Profile Photo
    last modified by wdecatur
  • How to get Windows 10 system with a Docker Container sending logs to the SEM?

    We have a couple of Windows 10 workstations that are running Docker containers. The agents installs successfully on the base Windows systems and picks up the correct OS, IP address and License type (Workstation). The ...
    Profile Photo
    last modified by jlecian
  • Finding PowerShell activity with LEM

    How can you use LEM (nDepth?) to locate servers or desktops that have initiated a powershell instance/script?
    Profile Photo
    last modified by todd.mclaughlin
  • Question about licensing and stuff for jhynds and everyone really...

    We're using LEM/SEM on some of our networks right now.  We're wanting to standardize on LEM/SEM but the licensing is maybe an issue.  I have many isolated enclave that are small.  It doesn't make sense ...
    Profile Photo
    last modified by ecklerwr1
  • Non-Business Hours Filter Not Actually Filtering

    I am trying to configure a filter to identify logon events that occur outside of business hours. I followed the below article on configuring Time of Day Sets, but LEM is capturing all of the login events and ignoring ...
    Profile Photo
    last modified by techguru
  • Separate database of Network and System Logs

    We have SEM environment in our organization and seems like firewall logs consume a lot of disk space   Is there a way to separate the database of network logs(firewalls) and windows logs? or maybe limit the numb...
    Profile Photo
    last modified by pampswh
  • Connector Discovery Failed

    I'm trying to add a syslog node (Synology NAS) and receiving this error.     I rebooted the SEM host and tried to add the node again, and got the same message.   Any ideas? Has anyone else had iss...
    Profile Photo
    last modified by cetoth_wvuchsc
  • SolarWinds Resellers/Pricing Quotes?

    Hi All, My Company is looking for an SIEM in order to help us meet NIST 800-171 logging and monitor requirements, as well as general cyber security. We are interested in a few SolarWinds products and have requested a...
    Profile Photo
    last modified by brianlyp
  • LEM/SEM  Exchange Message Transfer Logs

    I am pretty new to SEM/LEM.  I Created the message tracking log connector and it is green indicating a active connector.   I see nothing in SEM as far as exchange message tracking logs. ?  When I searc...
    Profile Photo
    last modified by jjashley
  • Cisco ISR 4331 router Node showing MPLS routing IP

    I added a new ISR 4331 router it connects through an MPLS. So, it is showing the MPLS IP instead of the internal IP address. I was able to configure other routers when I first installed the SEM to use the internal IP....
    Profile Photo
    last modified by jnreston79
  • Loss of Events - Java Interface

    About one time per week, the LEM Java interface stops collecting or showing recent events.  I am normally working in nDepth and find I am unable to pull any events from the last 10 minutes.  After a bit of r...
    Profile Photo
    last modified by tstark@logixhealth.com
  • "EncryptQueue is full" and Java out of memory errors

    Just wondering if anyone is experiencing the same issues I am currently facing. Currently running SEM 2019.4 and am facing issues with 100% cpu utilization and an unresponsive SEM console. If I open the watchlog, I se...
    Profile Photo
    last modified by bpham
  • SEM Syslog Forwarding Over TLS

    Log forwarding is something we haven't currently enabled in SEM. We have an ask as to whether we can forward syslog events over TLS to another system. The forwarding part is pretty straightforward, but can SEM forward...
    Profile Photo
    last modified by chucksimalchik
  • New file to pull into SEM, set up rules.

    I have a log file for HP Content Manager that I need to pull into SEM and create rules for it. At least that is the thinking here.   I put in a request for a connector, that was three months ago so I've got time...
    Profile Photo
    last modified by jgrobinette050
  • Non-Agent Nodes

    First - I'm having issues with my Netbotz not showing up as a "node" in the SEM console.   I can see the logs in "local0", so I know they're reaching the SEM appliance. I've configured the APC InfraStruXure con...
    Profile Photo
    last modified by cetoth_wvuchsc
  • UserLogon / UserLogoff spam

    I have been making an effort to get our LEM/SEM logs in order so we can start shaping and alerting the information it is giving us.  One problem I have run into is we are getting a huge number of UserLogon and Us...
    Profile Photo
    last modified by jnink
  • Unmatched WindowsSecurity Data ($Revision: #104 $)

    I am getting a boat load of these alerts, "Unmatched WindowsSecurity Data ($Revision: #104 $)"  under LEM Internal Events.  I am running version 6.6.  Is there anyway to match this data to clear it from...
    Profile Photo
    last modified by imaxdork