SolarWinds Security Event Manager (SEM)

We use SEM (formally LEM) to log changes that are made in our switching environment and who made them. SEM also logs all changes in our active directory environment. We log any and all account changes such as account renames, account deletions, account creations, and again who made those changes. SEM logs our servers, who logs into them, and any changes that are made to the server. We receive emails immediately when any of the above mention processes take place. It is nice to see these changes especially when it is evenings and weekends while we are not in the office. If changes are made while we are not working, we know to follow up with the person whose account made the changes to see if they are legit or not.

We use SEM to collect and analyze events from servers and routers. We can find the issues, like incorrect user logon and most port visit on router from SEM reports.

We use SEM on a daily basis in our environment as per our built-out rules. We are notified of certain security events as they happen. Aside from that, we access SEM to run queries on an as-needed basis. With this we have a monitor running in the background keeping an eye on the events we want to monitor.

I use SolarWinds Event Manager to provide visibility and insight into network activity/use. We use SEM to address regulatory needs such as knowledge f network events and monitoring of peripheral devices. SEM also tracks what devices are attached to the agency's network, making it possible to detect rogue devices that may pop up.

We use SEM as our primary logging solution for all network infrastructure devices (switches, routers, WLCs, etc). The software allows us to track changes, identify issues, and it helps us stay compliant with insurance requirements. Particularly useful is the ability to send e-mail notifications when a critical event has occurred.

SolarWinds Security Event Manager (SEM) is our dedicated syslog for network devices, providing a higher set of features, search capabilities and filters than the basic syslog section in the Network Performance Module (npm). The built-in dashboards and ability to look at events in various categories prove particularly useful in troubleshooting scenarios.

Main SIEM All feeds to this

We use it as an internal SIEM tool and we also train others how to use it.

We have a group of servers that reside in Microsoft Azure as well as on-premise. SEM allows us to centrally manage these servers for both security risks as well as general events that we may otherwise miss. With the SEM technology, we are able to spend more time where it is needed and rely on SEM to notify us of any potential issues or threats.

This tool is very beneficial for securing our network environment and systems from any defects in our companies. This tool is our main SIEM solution. We are using SEM as a log collection and event generated on our server farms (local and DMZ). And also we are using real-time monitoring for some specific events defined by our security team.

Utilize SEM for log aggregation purposes on network devices. The primary scope of your use case is to log, monitor, and investigate for technical problems.

The windows installer had issues installing remotely, so we ended up using PowerShell to script the install, with no real reason from Support. At this point, we are just looking for excessive logins for the external-facing server.

At the university I work we use SolarWinds Security Event Manager. It is used to collect logs from firewalls, routers, switches, wireless controllers, NPS servers, and Domain Controllers. We then use this data to analyze and generate required reports on any incidents. Having all the info in one location makes analyzing events far simpler.

I use SEM to Centralize log collection for my domain controllers, file servers, NPS servers, and Firewalls. Using SEM we are able to have all logs in one place and use that data to generate necessary reports. Products work great and once it was set up there was not any need to go back into the configuration.

SolarWinds Security Event Manager (SEM) was included in the short list of SIEM solutions for our SOC solution. SolarWinds Security Event Manager (SEM) dashboard was comprehensive and the UI was intuitive and easy to customize. The 'out-of-the-box setup was easy and hit the floor running with minimal configuration when paired with SolarWinds Network Performance Monitor or Server and Application Monitor.

We are using Solarwinds (SEM) for event monitoring and responding to [an] event. This is used to monitor [events] across the business. We want to use the SEM to address so many problems but Solarwind's customer service has not been great as they don't even try to [put] themselves in customer's shoes. [They] allow customers to deal with issues themselves, providing little or no support to help customers.

SolarWinds SEM is currently being used to aggregate all our event logs for our secure on-premises systems into one place for auditing and security purposes. It allows for easier review of security logs and allows for alerting to be created for certain events avoiding a regular manual review of these events.

SolarWinds Security Event Manager is utilized by the Information Technology department. Individuals on multiple IT teams have email alerts set up to notify them about events that require action. Additionally, the Security Event Manager is also utilized when there is a need to look at the logs to identify the root cause of a problem. For example, user account lockouts at a time the user wasn't in the office. It addresses multiple business problems by letting us know when something requires our attention.

We use SolarWinds security event manager to help provide insight to all of our logs across our organization. It provides a single pane of glass to this information. We’ve had great success and using the dashboards and some of the automated process is that we can put in place.

The Solarwinds SEM is used for our client for 24/7 incident monitoring and reporting. The primary use is for account events, such as lockouts, disablement, and enablement to both user and computer accounts. It really works well in correlation and helps to stick with the audit and compliance. With a user-friendly web interface and automation modules, SolarWinds is an overall excellent cost-effective SIEM product if the intention is just to monitor for security incidents by manually created correlation rules.

SolarWinds has been implemented across our network as a systems management platform for server, applications and high value workstations. I assisted it's implementation with the systems that I administer across the region. It allows us to track the health of critical services and to quickly identify and address problems as they occur.

We're using SEM on various networks that need to comply with 800-53 security controls under RMF. We have many security technical implementation guides me must follow with many requirements that need to be followed.

SolarWinds Security Event Manager is used to collect, review, and analyze system logs from servers, workstations, and network devices. Used by one department, it solves the problem of having to go through long log files trying to find and make sense of an event. It also helps with reporting for compliance purposes.

We use Solar Winds Security Event Manager (SEM) across our entire organization. It enables our company to monitor and manage events and provide reporting required for PCI and ISO compliance initiatives.

It is being used by the outsider IT company who does Level2 and Level3 support. We use it to audit network device logs with it (Palo Alto Firewalls and Juniper switches). Also we use it to audit Active Directory logons. It is easier to keep these logs in a single place.