Configure an agent in SEM
For non-network devices, you can install the SEM agent on workstations and servers to collect and normalize log data before it is sent to SEM. The SEM Agent also collects security data from each device (such as Windows event logs, database logs, and local antivirus logs) and transmits this data to SEM. The SEM Agent has a small footprint on the device and prevents log tampering during data collection and transmission.
The SEM Agent provides the following benefits:
- Captures events in real-time
- Encrypts and compresses the data for efficient and secure transmission to SEM
- Buffers the events locally if you lose network connectivity to SEM
SEM provides access to the most frequently installed agents. See Additional SEM downloads for in the SolarWinds Customer Portal for a comprehensive list of agents.
The following example describes how to install a Windows agent on a workstation.
- Review the SEM agent pre-installation checklist.
- Log in to the SEM Console, and then click Manage > Nodes.
- Click Add Node.
- On the Add Node wizard, click the Agent Node option button.
- Follow the on-screen instructions to install an agent.
- Place the agent installation file (local installer or remote installer) on the local hard drive.
- Right-click the installation file, and then select Run as administrator.
- In the Manager Host field, enter the SEM IP address.
- After you install the agent, click Go To Manage > Nodes on the Add Node wizard.
- Verify that the node and the status is Connected.
To verify that SEM is receiving agent data, click the Nodes tab in the SEM Events Console, and then select the Agent and Connected check boxes under Refine Results.