Now that SEM 2019.4 has shipped, we are already working hard on the next release. You can now perform most of the common SEM tasks within our HTM5 interface, including log filtering, searching, visualization, export and correlation rules but we're by no means done yet. There is still valuable functionality within the Flash console which are working hard to migrate to the new UI. Here's what we're working on, in no particular order:
- Refine Fields: Summarise search results based on fields such as event name, IP address, hostname and username.
- Histogram: Visualize log volume, search results and refine time frames via an interactive chart.
- Scheduled Search: Save, load and schedule your most commonly used searches.
- Connector Profiles: Maintain SEM agents that share a common connector configuration within the HTML5 UI.
- Office 365 Events: Support for Office 365 audit logs from sources including Azure Active Directory, Exchange Online and Sharepoint Online.
- OS Upgrade: Update SEM's underlying OS is up to date to ensure it's as secure and performant as possible.
I hope you’ll be happy with the direction we are going, especially with our HTML5 migration. We are actively looking for existing customers to give feedback. If you are interested, we’d love to hear from you!
Be sure to let us know here, and in the Security Event Manager Feature Requests forum if there are features you're really keen on. This list doesn't enumerate a lot of the features we're looking into for long term development and further releases, but we continually use Thwack as our biggest source of feedback.