Documentation forSecurity Event Manager

Configure SEM agents after the installation

This section documents SEM agent configuration tasks.

After installation, the SEM agent captures log information from sources such as Windows Event Logs, database logs, and local antivirus logs. Additionally, the SEM agent allows SEM to take specific actions that you can define as rules.

View the SEM Agents

  1. On the SEM console, navigate to Configure > Nodes.
  2. Under Refine Results, expand the Type group, and then select the Agent check box.

About the SEM Agent for Windows connectors

The SEM agent for Windows includes several preconfigured connectors that collect and display data from these systems immediately after you install the SEM Agent. By default, the SEM Agent for Windows includes the following preconfigured connectors:

  • Windows Security Log (for the host OS version)
  • Windows Active Response
  • Windows Application Log
  • Windows System Log

For broader coverage on your Windows computers, configure specific connectors to obtain your targeted data.