Documentation forSecurity Event Manager

Live Events view

See About the event types for descriptions of all events and their corresponding alerts.

The SEM console provides instant access to live event monitoring and filtering, as well as historical record data for in-depth analysis and troubleshooting. Within the console view, you can quickly switch between real-time event streaming and historical log views based on user-defined date and time parameters.

The Live Events screen displays all live event data that is passing through a particular SEM Manager instance. Use this screen to view real-time events as they occur in your deployment.

Live Events screen

Log in to the SEM console and click Live Events in the toolbar. The following example displays the event results for a selected event (highlighted in blue).

The Live Events view consists of three panes: 

Filters

The Filters pane displays the filters you can apply to the event messages. Click the Hide Pane icon to collapse this pane. Click the Show Pane icon to expand it.

For more information, see:

Events

The Events pane displays the events that exist for your selected filter. The title bar displays the name of the filter currently selected in the Filters pane. Enter an event name in the Search field and then click the magnifying glass icon to locate a specific event in the center column.

The following example shows all events in list view. Click Switch to table view to display all events in a table.

Live mode

Within the Live Events screen, you can switch between real-time event streaming and historical log views based on user-defined date and time parameters.

Drag the switch to the right to collect all live events. The Events meter displays the number of the events that match the selected filter display as they occur.

Drag the switch to the left to freeze the live events feed. The Events meter displays the number of undisplayed event messages.

Export

Click Export to export a list of collected events to a Microsoft Excel file.

Events meter

The events meter displays the number of all captured events. Click to review the base limit setting of all loaded results.

The base limit lists the maximum number of collected events that display in the center column. See Set live and historical event limits for details on how to change the base limit.

Event Details

The Event Details pane displays information about the highlighted event in the Events table.

When you click an event, the event details display in the right column. Enter a keyword in the Search field to filter and view specific event data.

See Filter and export event logs for more information.