Documentation forSecurity Event Manager

SEM rules: Automate how SEM responds to events

Rules monitor event traffic and automatically respond to security events in real time, whether you are monitoring the console or not. When an event (or a series of events) meets a rule condition, the rule prompts the SEM Manager to act. A response action can be discreet (for example, sending a notification to select users by email), or active (for example, blocking an IP address or stopping a process). Learn more about SEM rules here.

See About SEM response actions for information about response actions.