Documentation forSecurity Event Manager

Node management

Through the HTML5-based node management feature, you can add agent nodes, configure connectors, and then monitor activity. Upon node and connector configuration, click the Events tab to view your network activity, and then create and apply filters to tailor your log feed to view event logs vital to maintaining the health of your network environment.

  • Agents: An agent is a software application installed on the device that collects and normalizes log data before it is sent to the SEM Manager.
  • Non-Agent devices: These are devices that send log data directly to the SEM Manager for normalization and processing, such as firewalls, switches, and routers.

On the Nodes tab, you can view a list of both agent and non-agent nodes, and select multiple nodes to conduct bulk operations, such as deleting nodes, upgrading agent nodes, and starting File Integrity Monitoring (FIM) on agent nodes.

Select one or more items in the Refine Results pane to organize your nodes view, or use the Nodes toolbar to search for nodes, or organize nodes by Name, IP address, OS type, or version.