cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post
Level 8

Locate a specific outbound IP request

Jump to solution

With reduced staff, I have not had the time for training on Solarwinds SEM.  Last night, our external IPS detected an outbound request that it flagged a malware and blocked it.  We would like to figure out where it came from internally.  our firewall (cisco ASA) logs to to the SEM.  How do i find this in the SEM console?

1 Solution
Level 20

I'd search for events with info that matches the IPS and any parts of the event that was flagged to look for other related information.  The nDepth search is pretty powerful once you learn a little about how it works but even freefrom text just typed in with some names or IP's can find a LOT.

Bill

View solution in original post

2 Replies
Level 20

I'd search for events with info that matches the IPS and any parts of the event that was flagged to look for other related information.  The nDepth search is pretty powerful once you learn a little about how it works but even freefrom text just typed in with some names or IP's can find a LOT.

Bill

View solution in original post

Great!  Thanks for the info.

0 Kudos