This 2 (half) day class covers all aspects of the Security Event Manager functionality by utilizing pre-installed SEM appliances.
Efficient network management is often reliant on pertinent information from several diverse sources such as syslogs, application log files and event logs. The key to successfully managing the network, is filtering and prioritizing this data so that the right people can access the right information at the right time and can take appropriate action in a timely manner. SolarWinds Security Event Manager is the tool best placed to achieve this.
Class Contents
Introduction
- SEM Concepts
- SEM Architecture
Installation
- System Requirements
- Licenses
- Installation Procedure
- Appliance Configuration
Connecting to the SEM Appliance
- The HTML based Web Console
- The legacy Flash based Web Console
- The SSL Command Line Interface
- The SEM Reports Utility
Node Management
- Adding Windows Agent Nodes
- Setting Logging Levels on Windows Servers
- Adding Syslog Nodes
Account Management
- Using the Directory Services Query Active Response Connector
- Adding and Editing User Accounts
- Account Limitations
Event Monitoring
- Monitor Overview
- Supplied Filters
- Creating Filters
- Sharing Filters
Event Analysis and nDepth
- nDepth Overview
- The Word cloud and Tree Maps
- Result Details
- The Search Builder or Modifying Search Parameters
- Using Monitor Filters
- Printing Results
- Saved Searches
- Scheduling Searches
Ops Centre Dashboards
- OPsCentre Overview
- Creating New Widgets
Rules
- Rules Overview
- The Filter Element
- Using Groups
- Creating and Populating Custom Defined Groups
- The Correlation Element
- The Active Response Element
- Configuring the email Active Response Connector and email Templates
Reporting
- Viewing the supplied reports
- Modifying Reports
- Report Scheduler
System Management
- Backups and Restores
- Data Storage Requirements
Instructor
Darryl Drinkwater
Darryl Drinkwater
Professional Services Operations Manager - EMEA
Bio
The whole of Darryl’s working career has been focused on the Management and Monitoring of IT Systems and networks, often within secured environments. He has been working with SolarWinds software for more than 20 years, and currently holds all 8 available SCP’s, as well as being a SolarWinds Channel Champion. Darryl has a background in training and development, with a post-graduate award from Cambridge University and a Fellowship from the Learning & Performance Institute. He has an evangelists zeal for implementing consistent, accurate and effective system monitoring following ITIL guidelines. A typical week for Darryl consists of 50% end-user training and 50% consultancy provision for clients of all sizes and across all industry sectors. Darryl is a frequent participant and invited speaker at trade shows and conferences.
