Documentation forSecurity Event Manager

Get started with SolarWinds Security Event Manager

This guide is for SolarWinds customers who have purchased or want to evaluate SolarWinds Security Event Manager (SEM).

If you are interested in evaluating SolarWinds SEM, you can download the product, fully-functional for 30 days. After the evaluation period, you can convert your evaluation license to a production license by obtaining and applying a license key.

This guide will help familiarize you with the commonly used features of SEM so you can begin detecting suspicious activity, mitigate security threats, achieve auditable compliance, and maintain continuous security.

If you are a customer and need implementation help, search the SolarWinds Customer Success Center or contact our Support Team. See SolarWinds Customer Support for details on opening a support case.

If you are evaluating this product and need assistance, contact SolarWinds Sales.

Tasks to help you started with SEM

Complete the following tasks to get started with SEM:

Log in to the SEM Console

Log in to the console to perform your tasks.

Determine which logs to monitor in SEM

Decide which logs you want to monitor. If you monitor too many logs, working on the SEM Console can be overwhelming.

Configure the audit policy on your device to send events to SEM

Only events that you have designated to be sent to SEM are visible on the SEM Console.

Verify that events are being sent to SEM

Learn how to use the SEM Contego Management Console (CMC) to verify that syslog event data is being sent to SEM.

Configure an agent in SEM

Learn how to add your first Microsoft Windows computer to SEM.

Add a syslog device to SEM

Learn how to add a Cisco Adaptive Security Appliance (ASA) firewall to SEM.

Navigate the SEM Console

After SEM is receiving log data, use the SEM Console to search, view, and filter the data.

Next Up: Determine which logs to monitor