We’ve simplified the menu bar so you can access Live Events and Historical Events directly.
Saved and Scheduled Searches
When you build a search query in Historical Events, you can now save them and then reload them in the future. These searches are not shareable, but if you need to share the search results with others, you can schedule the results to be emailed out to other users (csv format).
Once you've created a search query, you can save it by clicking the icon next to Search and selecting Save query as new:
From the same menu, you can browse and load previous saved search queries, and we've included some OOTB queries as well.
And you can schedule the queries as well
Configure LDAP connections in a dedicate page - you no longer need to use an active connector. When sending alerts or scheduled searches, you can use LDAP users along with SEM users.
To configure your LDAP server, go to your setting icon in the upper right, and then choose LDAP Configuration.
Click Create configuration, and you'll start the LDAP wizard. In the first step, enter your connectivity and credentials, and choose your encryption and if you want to use LDAP for authentication. In the second step, what's really cool is you can map SEM roles to your groups in LDAP:
And in the third step, you can save and setup LDAP connectivity. After its configured, you'll be able to select LDAP wherever you're selecting users, like in scheduled searches or setting up alerts from rules.
Directory Service Groups
You can now import your directory server groups from your LDAP servers and use them in rules and filters to match specific users or computers. See the details in the SEM 2020.4 New Features document.
New Connector for Microsoft CASB Service
We've added a connector for the Microsoft Cloud App Security CASB service, read how to send these events to SEM.
To see all the features of this release in detail, check our the SEM 2020.4 New Features document.
How to Upgrade
With this release, we have completed migration of major features to the HTML5 interface and will be pivoting to new features in the future.
If you don't see the features you've been waiting for, check out the What We're Working on for SEM post for a list of features our dedicated team of event nerds and code jockeys are already researching. If you don't see everything you've been wishing for, add it to the Server Event Manager (SEM) Feature Requests.