SEM Events Console
The SEM Events Console is presented in HTML5 format, which means no requirement for Adobe Flash or other third-party media players. This update also results in a more robust console that can run on any computer operating system as well as most web browsers. As SolarWinds continues to transition existing SEM legacy functionality from Adobe Flash to HTML5, the following features are currently available in the HTML5 SEM Events Console.
Access the SEM Dashboard (formerly SEM Ops Center) to highlight and summarize trends and suspicious activity through a series of interactive widgets. You can create, edit, and arrange widgets to display log data in a variety of tables and graphs based on filters within your Events viewer. Upon initial login, the SEM Dashboard appears by default.
The SEM Events viewer provides instant access to live event monitoring and filtering as well as historical record archives for in-depth analysis and troubleshooting. Within the console view, you can quickly switch between real-time event streaming and historical log views based on user-defined date and time parameters. In addition to live and historical keyword search options, all established SEM Monitor filters are accessible in the SEM Events Console Filters pane.
Through the HTML5-based node management feature, you can add agent nodes, configure connectors and connector profiles, and then monitor activity in the SEM Events Console. Upon node and connector configuration, click the Events tab to view your network activity, and then create and apply filters to tailor your log feed to view event logs vital to maintaining the health of your network environment.
Rules monitor event traffic and automatically respond to security events in real time, whether you are monitoring the console or not. When an event (or a series of events) meets a rule condition, the rule prompts the SEM manager to act. A response action can be discreet (for example, sending a notification to select users by email), or active (for example, blocking an IP address or stopping a process).
User-defined groups and email templates
From the Groups tab, create user-defined groups to organize related elements for use with rules and filters. Groups can contain elements such as events, IP addresses, computer names, and user accounts. After a group is defined, it can be referenced from multiple rules and filters.
You can use email templates to customize your email notifications when triggered as responses in your custom rules. An email template includes static and dynamic text (or parameters). The static text lets you customize the message body of the email. The dynamic text is filled in from the original event that caused the rule to fire.