What users are saying about
15 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.3 out of 101
42 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 7.9 out of 101

Add comparison

Likelihood to Recommend

AlienVault OSSIM

Small, medium or large, every company can benefit from this tool. Even if you decide to supplement your existing SIEM this is the way to go and chances are you might end up switching to this as your primary.
No photo available

SolarWinds Log & Event Manager

SolarWinds Log & Event Manager (LEM) is a SIEM that is very well suited for environments where you have a small team managing your technology and need a powerful tool that is easy to set up and requires little maintenance and care to continue doing it's job. In the time that we have had LEM deployed, it has been very solid and has required very little intervention to resolve issues. It comes pre-packaged with some great correlations to get up and running right out of the box as soon as log sources are pointed at it. If you need a SIEM and either don't have the expertise in house, or don't want to spend the resources for professional services, this may be a good fit. There are only a handful of situations where we have run into LEM's limitations when trying to setup functionality or correlations. Otherwise, it is an excellent SIEM that offers some great features.
No photo available

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault OSSIM
8.2
SolarWinds Log & Event Manager
7.2
Centralized event and log data collection
AlienVault OSSIM
8.4
SolarWinds Log & Event Manager
8.8
Correlation
AlienVault OSSIM
8.0
SolarWinds Log & Event Manager
8.9
Event and log normalization
AlienVault OSSIM
8.0
SolarWinds Log & Event Manager
8.3
Deployment flexibility
AlienVault OSSIM
8.7
SolarWinds Log & Event Manager
6.5
Integration with Identity and Access Management Tools
AlienVault OSSIM
7.5
SolarWinds Log & Event Manager
6.1
Custom dashboards and views
AlienVault OSSIM
8.0
SolarWinds Log & Event Manager
4.3
Host and network-based intrusion detection
AlienVault OSSIM
8.6
SolarWinds Log & Event Manager
7.2

Pros

  • Being a part of the Open Source community, open source tools are always a big plus for me.
  • Being a simple straightforward tool, it does a great job especially with the asset management piece built into it.
  • Straightforward
  • Open Threat Exchange(OTX) gives a straightforward live threat intel feed to work off.
No photo available
  • Incredibly easy to set up. It was deployed and had log sources pointed to it and performing basic correlations within a day.
  • Auto-response. The automated responses that are available after deploying the agent give you incredible control to respond to events on your network.
  • User-friendly interface. Some SIEMs can be daunting to learn how to use and get acclimated to, but LEM has an intuitive layout and is very easy to pick up and use.
No photo available

Cons

  • It's a free product! Yes, it doesn't have all the capabilities of the USM anywhere, but it does a great job. Can't really complain.
No photo available
  • No custom parser. Inevitably, there will be a product on your network that Solarwinds LEM won't know how to parse. Other SIEM solutions I've used leverage custom parsers for this reason. LEM does not have support for creating custom parsers, so unknown log formats remain unparsed.
  • Sometimes too basic. LEM is an excellent tool for performing basic correlations in a small to mid-size environment. If you try to get too advanced with the correlations you are trying to perform, you may get frustrated with the lack of functionality due to the way that LEM parses data.
No photo available

Usability

AlienVault OSSIM8.0
Based on 1 answer
AlienVault OSSIM is far easy to use and manage - provided you know what you're doing. As any SIEM application, there is some background knowledge required in order to take advantage of the product's functionalities, such as the log correlation and analysis. Other than that, the application is quite usable and robust.
Jose Quintero profile photo
No score
No answers yet
No answers on this topic

Alternatives Considered

AlienVault OSSIM has the upper ante in initial deployment price, being that it's open source. Also, with perhaps the exception of SolarWinds, it has a lower optimal requirements for onsite deployment, hence your OPEX won't be hit very hard by investing in new hardware to suit the appliance. The correlation engine is somewhat more robust that their counterparts in LogRhythm and SolarWinds, and the IDS (both NIDS and HIDS) are more reliable as well in terms of results. Finally, although Tenable SecurityCenter is more robust in dashboards, alerts and reports, it comes short in front of OSSIM in terms of real-time IDS and SIEM correlation.
Jose Quintero profile photo
We did not evaluate LEM against competitors because we have a significant investment in other SolarWinds products and wanted to leverage the infrastructure and interface as well as staff knowledge.
Scott Reese profile photo

Return on Investment

  • The only investment here is setting it up and I think seeing it's performance it's a fantastic tool and has a great positive ROI!
No photo available
  • This is a little outside of my level of involvement to answer adeptly. That being said I do know that it has been instrumental in allowing our organization to implement a central storage for log files and it's something we have wanted to implement for a long time.
Joseph Crook profile photo

Pricing Details

AlienVault OSSIM

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

SolarWinds Log & Event Manager

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details