Documentation forSecurity Event Manager

Configure SEM agents after they are installed

This section documents SEM agent configuration tasks.

After installation, the SEM agent captures log information from sources such as Windows Event Logs, database logs, and local antivirus logs. Additionally, the SEM agent allows SEM to take specific actions that you can define as rules. You can trigger actions manually from the SEM Flash console using the Explore > Respond menu.

View the SEM Agents monitored by each SEM manager

SEM console

  1. On the SEM console, click the Nodes tab.
  2. Under Refine Results, expand the Type group, and then select the Agent check box.

SEM legacy Flash console

  1. Open the SEM legacy Flash console. See Log in to the SEM web console for steps.

  2. On the SEM menu bar, navigate to Manage > Nodes.

    The Nodes view displays the SEM Agents monitored by each of your SEM Managers.

About the SEM Agent for Windows connectors

The SEM agent for Windows includes several preconfigured connectors that collect and display data from these systems immediately after you install the SEM Agent. By default, the SEM Agent for Windows includes the following preconfigured connectors:

  • Windows Security Log (for the host OS version)
  • Windows Active Response
  • Windows Application Log
  • Windows System Log

For broader coverage on your Windows computers, configure specific connectors to obtain your targeted data.