Documentation forSecurity Event Manager

SEM Flash Console

The SEM Flash Console is a browser-based interface for monitoring your SEM appliance. The console is organized into functional areas called views. Views organize and present different information about the components that comprise the SEM system. The SEM Console provides the views listed below.

The SEM Console is a Flash-based interface with features that are currently transitioning to HTML5 format. The majority of this functionality can now be accomplished in the new HTML5-based SEM Events Console, but some tasks must still be accomplished here. For more information, review the feature comparison.

  • Ops Center: Provides a graphical representation of your log data. It includes several widgets that help you identify problem areas and show trends in your network. You can select additional widgets from the widget library or add custom widgets that reflect your log activity.
  • Monitor: Displays events in real time in your network. You can view the details of a specific event or focus on specific types of events. This view also includes several widgets to help you identify trends or anomalies that occur in your network.
  • Explore: Provides tools for investigating events and related details. Select nDepth to search or view event data or log messages. Select Utilities to view additional utilities.
  • Build: Create user components that process data on the SEM Manager. Select Groups to build and manage groups. Select Rules to build and manage policy rules. Select Users to add and manage console users.
  • Manage: Manages properties for appliances and nodes. Select Appliances to add and manage appliances. Select Nodes to manage agents, and to view syslog devices & agents.
  • Analyze: Provides an overview of the Reports feature that extracts and presents data from the database. You must install this feature separately.
Number Item Description
1 History Displays recent nDepth search results.
2 Saved Searches Displays saved nDepth search results.
3 List pane Displays categorized lists of events, event groups, event variables, and additional options you can use to create conditions for your filters.
4 Search bar Searches all event data or the original log messages that pass through SEM. Switch to select Drag & Drop or Text Search mode.
5 Respond Displays a list of corrective actions you can execute when an event occurs, such as shutting down a workstation or blocking an IP address.
6 Explore Displays several utilities you can use to research an event, including Whois, Traceroute, and NSlookup.
7 Time A drop-down list to select the time range for your search.
8 Play Executes the selected search.
9 Histogram

Displays the number of events or log messages reported within the selected search time range.

10 Dashboard

Displays the search results in all available widgets. You can change this view by clicking a widget in the nDepth toolbar.

The icon indicates you are exploring event data. The icon indicates you are exploring log messages.

11 nDepth Toolbar Organizes log data into categories to identify activity in your network. Click a selection to display the category below the histogram.