Navigate the SEM Console

The SEM Console is a browser-based interface for monitoring your SEM appliance. The console is organized into functional areas called views. Views organize and present different information about the components that comprise the SEM system. The SEM Console provides the following views:

  • Ops Center: Provides a graphical representation of your log data. It includes several widgets that help you identify problem areas and show trends in your network. You can select additional widgets from the widget library or add custom widgets that reflect your log activity.
  • Monitor: Displays events in real time in your network. You can view the details of a specific event or focus on specific types of events. This view also includes several widgets to help you identify trends or anomalies that occur in your network.
  • Explore: Provides tools for investigating events and related details. Select nDepth to search or view event data or log messages. Select Utilities to view additional utilities.
  • Build: Create user components that process data on the SEM Manager. Select Groups to build and manage groups. Select Rules to build and manage policy rules. Select Users to add and manage console users.
  • Manage: Manages properties for appliances and nodes. Select Appliances to add and manage appliances. Select Nodes to manage agents, and to view syslog devices & agents.
  • Analyze: Provides an overview of the Reports feature that extracts and presents data from the database. You must install this feature separately.

This section provides an overview of the most commonly used SEM Console views.

Explore the nDepth search view

nDepth is a search engine that locates all event data or the original log messages that pass through a particular manager.

Use nDepth to:

  • Search normalized event data or the original log messages.
  • Explore log messages that are stored on a separate nDepth appliance.
  • View, explore, and search significant event activity. nDepth summarizes event activity with simple visual tools that you can use to easily select and investigate areas of interest.
  • Use existing filter criteria from the Monitor view to create similar searches.
  • Create custom widgets for the nDepth Dashboard.
  • Conduct custom searches. You can also create complex searches with the Search Builder.
  • Export your findings to PDF or CSV format.
  • Use the Explore menu to investigate nDepth search results with other explorers.
  • Use the Respond menu to take action on any of your findings.

To display the nDepth view, navigate to Explore > nDepth.

Number Item Description
1 History Displays recent nDepth search results.
2 Saved Searches Displays saved nDepth search results.
3 List pane Displays categorized lists of events, event groups, event variables, and additional options you can use to create conditions for your filters.
4 Search bar Searches all event data or the original log messages that pass through SEM. Switch to select Drag & Drop or Text Search mode.
5 Respond Displays a list of corrective actions you can execute when an event occurs, such as shutting down a workstation or blocking an IP address.
6 Explore Displays several utilities you can use to research an event, including Whois, Traceroute, and NSlookup.
7 Time A drop-down list to select the time range for your search.
8 Play Executes the selected search.
9 Histogram

Displays the number of events or log messages reported within the selected search time range.

10 Dashboard

Displays the search results in all available widgets. You can change this view by clicking a widget in the nDepth toolbar.

The icon indicates you are exploring event data. The icon indicates you are exploring log messages.

11 nDepth Toolbar Organizes log data into categories to identify activity in your network. Click a selection to display the category below the histogram.

 

Previous: Add a syslog device to SEM Next up: Beyond Getting Started