Documentation forSecurity Event Manager

Available SEM widgets

The following table describes the customizable widgets that ship with the SEM Console.

Widget Description
Active Directory Group Changes by Group Displays a donut chart of group changes by group name.
Active Directory Group Changes by Type Displays a donut chart of group changes by event type.
Active Directory Group Changes by User Displays a pie chart of group changes by user source account.
Active Directory User Changes by Type Displays a donut chart of user account changes by event type.
All Events - Last 12 Hours Displays a time series view of all events occurring in the last 12 hours.
All Events - Last 24 Hours Displays a time series view of all events occurring in the last 24 hours.
All Events by Connector Name Displays a pie chart of all events by connector name via the ToolAlias log property.
All Events by Event Type Displays a donut chart of the number of all event types.
Blocked Web Traffic by Source Machine Displays a donut chart of the top sources of blocked web traffic.
Events Per Second - Last Hour Displays the total count of events per second for the past hour.
File Audit Failures by User Displays a donut chart of the file audit failure events by user.
Firewall Events by Type Displays a donut chart of the top firewall events by event type.
Grouped events by IP Displays a donut chart of group events by detection IP.
HIPAA Events by Type Displays a pie chart of top HIPAA events by event type.
Incidents by Rule Name Displays a pie chart of incidents by inference rule.
Interactive Logons by User Displays a vertical bar chart of user logons by destination account.
Log Database Used Storage Percent Displays the logs/data used percentage (KPI widget) with an 80 percent warning threshold and a 90 percent critical threshold.
Logon Failures - Last 24 Hours Displays a time series chart of failed logons for the past 24 hours.
Logon Failures by Reason Displays a pie chart of failed logons by failure reason.
Logon Failures by Source Machine Displays a pie chart of failed logons by destination machine.
Logon Failures by User Displays a horizontal bar chart of failed logons by destination account.
Node Health Displays a table of the latest events from monitored network nodes.
PCI Events by Type Displays a donut chart of the top PCI events by event type.
Rules Fired by Rule Name Displays a pie chart of rule activity by inference rule.
Scheduled query severity per tag  
Scheduled query severity per tag  
Threat Events by Type Displays a pie chart of threat events by event type.
Traffic by Destination Port Displays a vertical bar chart of all network traffic by destination port.
Traffic by Source Port Displays a vertical bar chart of all network traffic by source port.
User Account Changes by Destination Account Displays a horizontal bar chart of all user account changes by destination account.
User Account Changes by Source Account Displays a horizontal bar chart of all user account changes by source account.
User Logon by Source Machine Displays a donut chart of all user logons by source machine.
User Logon by User Displays a donut chart of user logons by destination account.
Virus Attacks by Machine Displays a pie chart of virus attacks by source machine.
Virus Attacks by Virus Name Displays a pie chart of virus attacks by virus name.