cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

Recently Added SEM Connectors - Updated August 2019

Recently added connectors are:

August 2019

  • Atlassian Bitbucket
  • Atlassian JIRA
  • AuthLite
  • Extreme Networks VSP Switches
  • Fujitsu Eternus Storage
  • Fujitsu iRMC
  • Gemalto SafeNet Luna
  • Grandstream Gateway
  • Guidewire Software
  • HP 3PAR StoreServ
  • Juniper Pulse Gateway
  • Microsoft Exchange Message Tracking
  • Microsoft IIS Configuration Log
  • Microsoft SQL Server Audit
  • Microsoft Windows Application/Security/System via Kiwi Syslog
  • Microsoft Windows Backup
  • Microsoft Windows Firewall w/Advanced Security
  • Oracle Acme Packet
  • Quest Defender
  • Silver Peak WAN
  • SolarWinds Mail Assure
  • SolarWinds SFTP/SCP Server

October 2018

  • Blue Eye Video Management
  • Cisco Firesight
  • Debian 8.8 DPKG Logs
  • Endian UTM
  • Fujitsu Blade Servers
  • Imprivata
  • Microsoft Lync/Skype for Business
  • Microsoft Network Policy Server
  • Microsoft Offline Files
  • Microsoft Windows Remote Management
  • Microsoft Terminal Services Local Session Manager
  • Microsoft Windows Server NetLogon
  • Pure Storage Purity
  • SecureAuth
  • SmartFile Secure File Sharing
  • Sophos Central Cloud Endpoint Protection
  • Squadra secRMM
  • VMware vCenter 6.0+ VPXD Logs

July 2018

  • AppWall Web Application Firewall
  • EMC Unity
  • Microsoft IIS Windows Event Log
  • Microsoft Network Profile - Operational
  • Microsoft Windows Group Policy - Operational
  • NGINX Error Log
  • OnBase Enterprise Information Platform
  • Pulse Secure
  • Trend Micro Deep Discovery Inspector
  • Windows Defender - Health Center
  • Windows Defender - Operational
  • April 2018

  • Array Networks APV Series
  • Darktrace
  • Microsoft Advanced Threat Analytics
  • Oracle Unified Auditing System (12c or greater)
  • Quest Rapid Recovery
  • Radware AppWall
  • Verint Systems

February 2018

  • Azure Multi-Factor Authentication Server
  • Checkpoint 2200
  • Cisco Integrated Services Router
  • Citrix XenMobile
  • Distil Networks
  • FortiClient
  • Hitachi JP1
  • IceWrap Mail Server
  • Microsoft Exchange High Availability Log
  • Microsoft Data Protection Manager
  • Microsoft Terminal Services Gateway
  • Microsoft Terminal Servers Remote Connection Manager
  • Microsoft Windows DNS Server - Analytical
  • Oracle WebLogic 12c
  • Shibboleth Identity Provider
  • Silver Peak WAN Accelerator
  • Sophos XG Firewall
  • Veeam Endpoint Backup
  • VMware Horizon 7
  • Webtitan

November 2017

  • Accellion Secure File Sharing Manager
  • Dell N Series Switches
  • Hyper-V Hypervisor - Operational
  • Hyper-V Integration - Admin
  • Hyper-V SynthNic - Admin
  • Hyper-V VMMS - Admin
  • Hyper-V VMMS - Networking
  • Hyper-V VMMS - Operational
  • Hyper-V Worker - Admin
  • OPSWAT Metadefender
  • Pleasant Password Server
  • Sentinel IPS
  • Sysinternals Sysmon
  • September 2017

  • Aruba Airwave
  • NGINX Error Log
  • Nimble SAN
  • Varonis File Monitoring

August 2017

  • Aerohive Switches & Routers
  • Bromium vSentry
  • Cisco Unified Communications Manager (Call Manager)
  • Clavister Firewalls
  • CrowdStrike Falcon
  • Entrust Identity Guard
  • IBM DataPower Appliances
  • IBM IPS XGS 3100
  • Infoblox NIOS
  • MalwareBytes
  • Meru Wireless Controllers
  • MetaSwitch Universal Media Gateway
  • Microsoft Exchange Message Tracking
  • Microsoft Enhanced Mitigation Experience Toolkit (EMET)
  • Microsoft Powershell 5.0
  • MySQL Windows Error Log
  • Palo Alto Traps
  • SecurEnvoy Secure Access
  • Shubbery TACACS+ Daemon
  • Survalent ADMS
  • Symantec Secure Web Gateway
  • Trend Micro Control Manager
  • Tripp Lite UPS
  • Ubiquiti UniFi Wireless Access Point
  • Windows DNS Analytical Logs
  • Windows Server Backup
  • Windows Terminal Services
  • Zywall Firewalls
RETURN TO FULL LIST
Comments

Thank you for the Varonis File Monitoring connector.

Thanks, just need to get these connectors added.  Just dropped into a network utilizing old dell N series switches and I want to get them monitored in LEM.

How can I get additional connectors added?

You can raise a Technical Support ticket in order to request an additional connector. Your Support Engineer will ask you a number of questions on the logs you wish to support and will also request a log sample. We can then assess the feasibility of building a connector.

How am I supposed to know how each of the connectors are supposed to work?  Some have some information about them but many just have generic text explanation?  The ones of primary concern to me right now are even the linux 64 bit agent and Solaris agent ones.  My current machines may not be logging the way the agent expects... how do I know how to log correctly on the OS for agent to work?

There should definitely be a connector or a listener which can log the activities from web browsers.

It should report basic information:

  • Event time
  • Hostname
  • Account
  • URL
  • Protocol
  • Browser version
  • Page size
  • Time on site (between site open and close)

I'd like to try the VMware vCenter 6.0+ VPXD Logs connector, but I do not see it under the Appliance's connectors.  It's only available on Agent Nodes.

Does this mean it was only developped for a vCenter Server installation on a Windows Server with a LEM Agent installed ?  Because if you are running it as a virtual appliance, you should be able to add it as a Syslog node when you forward the logs to LEM...

Thanks for the update and the connectors!

Any plans to add juniper srx support?

What is the difference betweenSolarWinds LEM MSSQL Auditor and Microsoft SQL Server Audit?

Is SolarWinds LEM MSSQL Auditor obsolete now?  If so, is there a KB saying how to deploy Microsoft SQL Server Audit?

Thank You

Steve

The SQL Auditor requires SQL Profiler to monitor traces and pump that data into SEM. Microsoft have issued a deprecation notice for SQL Auditor and it is now in maintenance mode. Our SQL Auditor is still fully supported, but we want to give customers some flexibility when monitoring SQL audit events.

The new SQL Server Audit connector doesn't have any reliance on SQL Profiler traces, it monitors SQL Audit events from the Windows Application or Security logs. I found this article quite useful when configuring SQL Audit to send events to the Windows Security log.

Hi jhynds on this comment:

     Our SQL Auditor is still fully supported, but we want to give customers some flexibility when monitoring SQL audit events

The SolarWinds MSSQL Auditor does not support SQL Server 2016. This was a big issue that came up earlier.

If you could add support for SQL Server 2016 in SolarWinds MSSQL Auditor, it would benefit us much better.

While Extended events are also recommended by Microsoft, SQL Traces still work in SQL 2016 and getting logs through MSSQL Auditor was much more efficient than through SQL Extended events, due to several reasons:

  • SQL Extended events and audit objects do add a considerable load to DB instances
  • The logs written to Windows logs are more difficult to parse and SolarWinds has quite some way to make them more readable in SEM
  • The SQL logs that were received through MSSQL Auditor used to be structured in a very effective way and through the Profiler you could add/remove other log fields and also add DB-based exclusions based on your patterns. Under Extended Events this is not as easy.

Have you tried the new MS SQL Audit connector? I know you were previously using the MSSQL Application Log connector, but we've made some improvements to the parsing and released the MS SQL Audit connector. Would love to know if you find an improvement on the parsing with our newer connector.

Yes I installed the new connectors and then enabled the new SQL Audit connector (SQLAudit.xml connector file) in few of our DB nodes.

All the events under the new connector (Tool Alias) are coming as UnmatchedData from the InternalNewToolData event.

2019-09-03_130956.png

I also opened a support ticket #00380287 to look on this.

Edit: to add to this, since the issue from screenshot is a problem, I had to install a previous set of connectors so that MSSQL events are again logged into SEM through the MSSQL Application Log connector (mssqlapplicationlog.xml connector file)

Version history
Revision #:
3 of 3
Last update:
‎03-04-2020 11:03 AM
Updated by: