1. Home
  2. Security Information and Event Management (SIEM) Software
  3. SolarWinds Security Event Manager Reviews

SolarWinds Security Event Manager Reviews

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow noopener noreferrer'>Customer Verified: Read more.</a>
66 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 8.2 out of 100

Do you work for this company? Manage this listing

Show Filters 

Overall Rating

Reviewer's Company Size

Last Updated

By Topic

Industry

Department

Experience

Job Type

Role

Show All Filters

Reviews (1-18 of 18)

Adam Morrison | TrustRadius Reviewer
November 16, 2019

These Events will "Blow" You Away!

Adam Morrison
Score 8 out of 10
Vetted Review
Verified User
Review Source
SolarWinds Security Event Manager is being used by our networking and security team on a daily basis. Often times changes to accounts or to your Microsoft Active directory will be logged, but not alerted. This can lead to a false sense of the current state of your accounts and can make a team "blind" to what is happening inside systems. SolarWinds SEM allows teams to receive emails based on pre defined parameters.
  • SolarWinds easily provides the much needed visibily into changes in an Active Directory (AD) environment. Email alerting can be configured to alert a team if an account is locked out, disabled by another users, or if users and/or computers accounts are created.
  • SolarWinds allowed a searchable audit feature. Microsoft Windows can be configured to log many different parts of a system, but search those logs can be difficult. SEM allows you to search for specific users or events.
  • All SolarWinds product suffer from slow response times in management portals. SolarWinds SEM is no exception. While it is much preferred over a "thick client" there is much room for improvement in speed.
  • If you use the email alert features with SolarWinds make sure to prepare you staff and team for the large amount of emails they could receive. Make sure to reduce the number of alerts so your team does not ignore the alerts.
When an account is created in active directory your teams can be notified. You can also be notified when computer objects are created in your enviroment. This can be helpful to spot unknown devices that may try to bind to your AD for authentication. Or if accounts are deleted in mass you can react quickly.
Read Adam Morrison's full review
Swetal Jariwala | TrustRadius Reviewer
January 15, 2020

Many reasons to use SolarWind's Security Event Manager as your SIEM!

Swetal Jariwala
Score 7 out of 10
Vetted Review
Verified User
Review Source
It is being used, at this time, only by my department. We use it to collect logs from all our network devices, servers, and other devices we use to support our services. It is useful for us to have all of our logs in a single place and searchable.
  • SEM normalizes logs very well. It is simple to be able to compare fields in logs from say a Cisco router and a Windows server, especially timestamps.
  • SEM has great flexibility in customizing its various aspects, especially its correlation rules and reports.
  • SEM doesn't support out-of-the-box several device manufacturers that are used in my environment. For example, Peplink and Netonix.
  • I have to purchase a separate log parser tool rather than having it included in SEM.
SEM is great in my environment for monitoring Windows Event Logs to view any changes in Active Directory such as adding users to administrators and domain admins groups. Also for auditing configuration changes on Cisco devices, it is very useful. I find it not so useful for logs from the VMware NSX platform. For these logs, I use VMware's own vRealize Log Insight. It would be great if I could consolidate everything onto SEM and have a single place to collect and analyze all logs.
Read Swetal Jariwala's full review
Anonymous | TrustRadius Reviewer
December 28, 2019

An affordable SIEM that doesn’t need a rocket science degree to operate.

Verified User
Score 8 out of 10
Vetted Review
Verified User
Review Source
We are using the Security Event Manager to keep track of a number of things.

Configuration changes for our Core network And campus devices which include nexus and Cisco iOS routers, switches and firewalls. We use it as a way to audit admin login failures. Our Device Syslog is sent to it. We use it to keep analyze network traffic when troubleshooting.
  • It does a great job of notifying us when accounts have been locked out. We can then find out the device on the network where the login attempt occurred.
  • Searching for incidents is now a lot faster with the implementation of the HTML 5 interface.
  • Some aspects have not been fully integrated into HTML 5. Those are still a bit slow to access.
  • Need an easier way to upgrade the software. SSH to the console and running the commands to connect to the TFTP server is archaic. Needs an “update” button.
It is well suited to monitor your Windows AD. You can get detailed login information and notifications like failures and lockouts. It also shows the IP address where it occurs so it makes locating the culprit a lot easier.

It does well with monitoring for suspicious activity. It can alert you if It sees a client is trying to circumvent DNS so they can go through proxy avoidance tactics.
Read this authenticated review
Anonymous | TrustRadius Reviewer
April 03, 2020

SolarWinds Security Event Manager Review

Verified User
Score 8 out of 10
Vetted Review
Verified User
Review Source
We use SolarWinds SEM to monitor all production systems Canada-wide. Often times when troubleshooting devices or applications from a administrative position or help desk it can be very time consuming to pull logs from each device and filter out what you're looking for. By using the SolarWinds SEM tool you can forward all relevant logs and filter out what you don't want to see, which reduces time spent resolving tickets and helps to better locate those pesky problems.
  • Log Filtering
  • Alerting
  • Monitoring
  • SEM does have some efficiency issues, other tools have been able to handle millions of logs per hour but SEM seems to get overloaded quickly.
  • The UI is slow to respond after the solution has been running for a while.
  • Some of the logic is fairly limited with the UI, maybe they could improve the usability of the UI.
SolarWinds SEM is great for alerting when applications are misbehaving, sometimes if an application gets stuck in a logic loop you will immediately know with SolarWinds SEM because you can see the logs generated on that application would have skyrocketed. It also provides useful information to really track down what computers are locking your account out (we all deal with this). SolarWinds SEM will only benefit you if it can see the logs on the device or forward them to SolarWinds SEM.
Read this authenticated review
Anonymous | TrustRadius Reviewer
March 03, 2020

SolarWinds Security Event Manager Review

Verified User
Score 8 out of 10
Vetted Review
Verified User
Review Source
SolarWinds Security Event Manager is utilized by the Information Technology department. Individuals on multiple IT teams have email alerts set up to notify them about events that require action. Additionally, the Security Event Manager is also utilized when there is a need to look at the logs to identify the root cause of a problem. For example, user account lockouts at a time the user wasn't in the office. It addresses multiple business problems by letting us know when something requires our attention.
  • Easy to utilize--the rules are straightforward and pre-configured. You just have to customize them to fit your environment.
  • Great customer service, which is incredibly useful when you want help with better utilizing the SEM.
  • Easy and clear filters when looking for specific information without your environment.
  • The SEM can be rather slow--an increase in CPU and RAM appeared to fix this problem fairly easily though.
  • The SEM has lately required reboots for us fairly often. This is something we are currently working with support to resolve.
  • The SEM could release additional graphic options to help better display data to management.
The SolarWinds Security Event Manager is great for people who want to be able to either view logs or set up emails for certain actionable events. However, it would be less helpful in a situation where you want your SEM to be taking action on specific items. There are some actions that can be taken by the SEM, but they constitute a rather short list in comparison to other SEM tools.
Read this authenticated review
Anonymous | TrustRadius Reviewer
October 09, 2019

SolarWinds LEM: Useful and Low Cost SIEM Solution for SMBs

Verified User
Score 7 out of 10
Vetted Review
Verified User
Review Source
We initially started using SolarWinds Security Event Manager(previously Log and Event Manager) to meet a security compliance requirement. Once I spent some time with it, I realized that I could use it for alerting on specific events and activities that our users were interested in. For instance, we used the File Integrity Module on our HR file share to alert the HR manager when files were added or deleted, and then we sent a weekly report to that department with all read/write activity. We also used it to monitor AD changes, and the email alerts were really useful in producing historical information about what changes had been made recently.
  • Compared to other SIEMs, it's relatively easy to get up and running. The virtual appliance is easy to maintain.
  • Support was top notch. The support team really knows their stuff when you run into an issue.
  • The email alert system is easy to use and attach to a fired rule.
  • Compared to other SIEMs, there are features that are missing. Machine learning, automatic event correlation, ability to correlate multiple sources together.
  • The UI is clunky, and the *New* event log analyzer page felt really disjointed from the rest of the product.
  • In my experience, the dashboards were almost unusable. They persisted across login per device, and even then they sometimes would reset and go back to the ''Getting Started'' look.
Smaller companies just getting started with looking at security products would like the product. Also, maybe smaller companies without dedicated security staff that just need something for some bare minimum requirements. It does some of the easy stuff pretty well, and there's no massive learning curve.

Bigger companies or companies with dedicated security staff will likely look at other options. This seems like an entirely mid-market only purchase. If you want to be able to correlate events from multiple sources, not just agent-based windows logs, you'll likely need to look elsewhere. While you can also forward syslog to the appliance, you can't enrich any data or use sources like NIDS/HIDS logs. This product will not give you a true single pane of glass like some offerings.
Read this authenticated review
Anonymous | TrustRadius Reviewer
January 31, 2020

SolarWinds Security Event Manager: A "log" above everyone else

Verified User
Score 8 out of 10
Vetted Review
Verified User
Review Source
SolarWinds Security Event Manager is a log and event manager that we implemented to replace our Cisco MARS appliance. This system is used by our security team to monitor and log events throughout the entire organization. From an alerting point of view, SolarWinds Security Event Manager makes our monitoring simpler and more refined. By allowing us to create and set email alerts on important and critical events, SolarWinds Security Event Manager allows a hands-off approach, so that we don't have to review hundreds of lines of alerts to get the critical information, saving us time and effort.
  • Allows log collecting from almost any source of data, using multiple types of authentication and collection (i.e. SNMP, WMI, etc.)
  • Allows customization of dashboards per user, so that you can quickly find the information relevant to your position.
  • The dashboard and reports use javascript, which can be slow to load.
  • To get it up and running was fast, however, to correctly configure proper alerts, you have to spend a ton of time.
SolarWinds Security Event Manager is well-suited for small- to mid-sized organizations that cannot afford a large Information Technology team or department. SolarWinds Security Event Manager has robust reporting and logging capabilities, but significant time must be spent up front to ensure proper configuration. Once configured, however, the power of SolarWinds Security Event Manager stands above Cisco from an alerting perspective and can assist with investigating any security issue in your environment.
Read this authenticated review
Anonymous | TrustRadius Reviewer
November 15, 2019

SolarWinds SEM Review

Verified User
Score 1 out of 10
Vetted Review
Verified User
Review Source
We are mostly using it to track logs from our Windows Server. We do also have some networking equipment sending syslog to it as well. Primarily we use it to help track down password lockouts. Its terrible UI doesn't allow for much more than that. It would be nice if there were some nice looking always on dashboard type screens we could use.
  • I honestly don't have too many good things to say about it. It was cheap compared to other products like Splunk and that's why we bought it.
  • Even though this is like 90X cheaper than other products like Splunk, etc. - It's still overpriced because it's terrible.
  • Flash, Java, Really? Who still uses this? Also, why is this not integrated with Orion and useable from the same Solarwinds dashboard as all our other Solarwinds products?
I'd give it a 0 if that was an option. Sometimes, on the rare occasion that the SSO isn't broken, we can actually log in to this and click around for 30 minutes and finally find some logs that point us in the right direction for tracking down what's locking out an AD account. Other than that, it's useless.
Read this authenticated review
Anonymous | TrustRadius Reviewer
October 14, 2019

SolarWinds SEM is the next-gen log correlation solution

Verified User
Score 8 out of 10
Vetted Review
Verified User
Review Source
Our organization chose to invest in SolarWinds Security Event Manager because we needed a centralized log management and correlation solution that can be quickly and seamlessly integrated into our global infrastructure. It is very easy to provision by simply installing additional modules onto the Solarwinds server and pointing all of the network/systems devices to it. Having log data in one central location has a huge benefit. For example, troubleshooting an issue on a network can now be done by multiple teams where everyone with access to SEM can search the log repository. The live filtering and historical search capabilities make it easy to get the necessary evidence and the time stamp of what the issue is and when it started. The built-in templates are also helpful in analyzing and targeting specific log data.
  • Advanced search capabilities across all log data, powered by a quick engine to minimize the delay.
  • Built-in or customized templates.
  • Alerting capabilities.
  • More advanced log correlation mechanisms with better filtering capabilities.
SEM is well suited for all size networks, from small to large. It can be used by network engineers or by security engineers as the tool can address multiple issues.
Read this authenticated review
Anonymous | TrustRadius Reviewer
December 09, 2019

Solarwinds working for you again!

Verified User
Score 9 out of 10
Vetted Review
Verified User
Review Source
It is being used across our Presort division. It allows us to monitor daily issues and hiccups so that we can address them from anywhere in the country. With it, I'm able to track my local facility while still traveling to the other facilities in the country. It is a lifesaver when I need to be flexible and have the ability to travel or even stay home.
  • Centralized log collection and normalization.
  • Automated threat detection and response.
  • Integrated compliance reporting tools.
  • Auto report sending alerting.
The initial install is the first step and shows you some compliance issues that you may not even be aware of.
Read this authenticated review
Roger Mialkowski | TrustRadius Reviewer
February 04, 2019

If you have SIEM requirements then SolarWinds LEM will come to the rescue!

Roger Mialkowski
Score 8 out of 10
Vetted Review
Verified User
Review Source
As an organization with many types of hardware/software, we needed something to gather logging output using industry standards. We already use SolarWinds for network monitoring so SolarWinds Log & Event Manager (LEM) seemed to fit the bill. We had a vendor assist with the initial installation and configuration. Then it was just a matter of the various teams (Network/MS Server/VM/Unix) to configure their nodes to point to LEM so the data collection could commence.
  • SolarWinds LEM has not bogged down with the amount of logging data we throw at it. This is comforting because we can rest assure that we can continue to add new nodes to it.
  • The SolarWinds LEM platform is very stable. The main part is the collector appliance and the second part is the reporting server which you can generate either custom or canned reports for regulatory compliance certification.
  • When configuring the collectors, you are able to customize the gathering of data to make sure you are getting exactly what you need.
  • While the initial setup was straightforward, customizations to reports can be a little daunting. Luckily SolarWinds has videos available on steps to proceed and their tech support reps are very helpful too.
  • The frequency of version updates is few and far between. This may be a good thing and should be expected since it is a set it and forget it kind of virtual appliance.
  • It would be helpful if SolarWinds LEM had Wizards built-in that could assist in adding new types of devices. At times, I've had to go with trial and error until SolarWinds LEM would actually start collecting data from a particular one-off node.
SolarWinds Log & Event Manager is very well suited in a heterogeneous enterprise setting (multiple locations/campuses) where you would have various brands/manufacturers of devices represented. While it doesn't require a full-time admin, it does take a little time to add/update/remove nodes in, configure data collection settings, and generate custom reports. Because of this, it may not be a perfect fit for a small to medium-sized business due to the initial investment of time and cost.
Read Roger Mialkowski's full review
Jim Trucano-Harp | TrustRadius Reviewer
February 28, 2019

LEM, your one stop shop for Security Event and Incident Management!

Jim Trucano-Harp
Score 9 out of 10
Vetted Review
Reseller
Review Source
As a Network Monitoring Engineer and instructor, I see many Government and Military IT Organizations choose LEM as their primary Security Event and Incident Manager(SEIM) across all of their networks. LEM allows them to have a consolidated, normalized view of both their server and network environments. Having a consolidated view provides SolarWinds customers with the ability to correlate multiple security events across disparate systems and greatly reduces the amount of time and effort to detect and respond to potential security intrusions.
  • One of the most valuable features of SolarWinds LEM is its ability to normalize logs from differing systems into one common format. LEM normalization saves time and effort in doing forensic analysis by letting security personnel see the "whole picture" of their network in one place.
  • LEM's Active Response capability makes it easy to watch a security event happen in real time and to take immediate action. For example, LEM can very efficiently allow security personnel to logoff suspect users or even restart important Windows Server processes in real time, before further intrusion can happen.
  • LEM has a lot of out of the box features that allow for the quick implementation of security policy across many industries. LEM can provide immediate compliance monitoring and management for standards such as PICA, HIPAA and DISA-STIG.
  • The number one challenge for SolarWinds customers I see is LEM's reporting software. LEM Reporter, a standalone Windows Application, is not as intuitive as customers would like and they report some instability in the application itself. Customers tend to use LEM's search scheduling as a more effective way to report on security events.
  • Performance has been an issue based on LEM's use of a Flash interface. This has been a limitation for a long time. However, with the transition of the LEM interface from Flash to HTML5, customers are reporting much better performance starting in LEM 6.5
  • Every one of my customers makes some comment about LEM's very high learning curve. LEM is not very intuitive, requiring a lot of rote learning through repetition. Many LEM customers request some type of training to help them learn to use it.
LEM is best deployed in networks requiring high-speed aggregation of log messages across disparate platforms to a single logging system. In an environment where immediate response to security events and incidents is needed, LEM performs very well. From tracking suspicious user login events in real time to detaching suspect USB devices from workstations, LEM provides the ability to respond quickly.
Read Jim Trucano-Harp's full review
Scott Reese | TrustRadius Reviewer
January 15, 2019

SolarWinds Log & Event Manager fills gaps in Windows/AD monitoring

Scott Reese
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use LEM for two main purposes. First, to replace an obsolete Cisco MARS appliance that captured a couple of days' worth of packets from our firewalls for forensic purposes. Second, to provide notification to staff of AD events such as account lockouts and administrator logins. Users are strictly within the infrastructure team of the IT department.
  • Able to ingest full Syslog output from three enterprise firewalls.
  • Able to detect and alert on specific Active Directory events.
  • The interface for creating alerts is onerous. It is necessary to dig out the exact event ID of anything you want to alert on.
  • Early versions required a separate server to host a FastBit database, but that requirement has been eliminated with the latest release; SQL is now required.
Filtering, detection, and notification of Windows and AD events is LEM's strong point, though it's tricky to build the filters. It's not necessarily designed for forensic firewall packet capture but it can be used for that purpose.
Read Scott Reese's full review
Anonymous | TrustRadius Reviewer
March 14, 2019

SolarWinds Log & Event Manager: Exactly as Advertised

Verified User
Score 10 out of 10
Vetted Review
Verified User
Review Source
SolarWinds Log & Event Manager is used by our company's IT department to monitor events on domain controllers in locations across the globe. The primary use is for account events, such as lockouts, disablement, and enablement to both user and computer accounts. It is a more proactive way to give attention to user account management. While not an originally intended use, the node health section also lets us know if a domain controller is not acting properly.
  • Monitors account lockouts and reports them with detail so that it is easier to solve this with end users.
  • Monitors and reports account disablement with detail to whoever disabled an account, for audit and accountability.
  • Also, monitors and reports account enablement with detail to whoever enabled an account, again for audit and accountability.
  • Flash-based UI can lag, HTML5 would be preferred
  • Availability for custom widgets, but you need a bit of training to get things done right unless you have time for trial and error.
  • It only knows what it knows for account lockouts. If a source machine isn't available in the Event Viewer ID that triggers the alert, it does not have any extra tools to help it determine the issue.
Great for email alerts of account actions, such as lockout, enablement, and disablement. We engaged in a separate solution to track account creation. Other solutions are needed for the in-depth tracking of account lockouts if it doesn't involve a definite source machine on the network.
Read this authenticated review
Joseph Crook | TrustRadius Reviewer
March 01, 2018

Solarwinds - great product with a few small flaws.

Joseph Crook
Score 7 out of 10
Vetted Review
Verified User
Review Source
SolarWinds has been implemented across our network as a systems management platform for server, applications and high value workstations. I assisted it's implementation with the systems that I administer across the region. It allows us to track the health of critical services and to quickly identify and address problems as they occur.
  • We use the client on register systems as event forwarders and log collection.
  • It enables us to verify the access security to high value workstations and register systems.
  • It provides a repository storage for log files so that they do not solely exist on workstations.
  • It helps us ensure PCI standards are being maintained and track security risk issues as well as system health.
  • Within the scope of my role I have noticed that the client can be problematic during system startup - some of the register systems we use are older and have lower resolution screens. When the client loads it pops up on screen but completely out of scale (to clarify, it may open a window that is 14x14 inches on a screen that only displays 10x10 inches. This is more frustration than a functional problem.
  • Automated rollout would be useful but it is outside of my scope in my job to even know if it already has automated install capability.
  • The GUI itself is a little clunky and there is somewhat of a learning curve - training is provided to clients however a friendlier interface would be helpful.
For medium to large scale business that incorporate high-value resources and need a central log repository I think SolarWinds is fantastic. It may be overkill for smaller businesses however.
Read Joseph Crook's full review
Anonymous | TrustRadius Reviewer
November 07, 2017

SolarWinds LEM, it'll get the job done if you're willing to get your hands dirty.

Verified User
Score 6 out of 10
Vetted Review
Verified User
Review Source
We are currently using Solarwinds LEM to pull logs from about 150 servers. We have also worked to get logs pulled from some barracuda load balancers and also a barracuda message archiver. We have alerting set on account lockouts and some other security events. LEM has helped notify us of account attacks and has also been valuable to reviewing both application and security logging when we need to cross reference servers or look at historical data.
  • LEM's console interface works well to narrow down all the logs into a view able format.
  • You can customize alerting triggers off of any event conditions.
  • the logging agent is relatively small and easy to deploy.
  • In order to navigate the console smoothly and set alerting in place, you need to go through their training.
  • All your configuration is done by hand. There are no built in analytics or alerting to help you.
  • I've found the reporting, real time and otherwise, to be slow and unruly. There are some updates and work a rounds that we have applied to help optimize the process, but if you try to pull to many logs, or over too long a period of time it will often time out.
  • The logging and reporting is dependent on the server automatically determining the type of server and logs it is getting. If it doesn't properly tag the logs, then they are essentially gone, lost, unsearchable. There is no good way to manually tell the server to classify the logs, which makes the process either difficult or impossible at times.
It will get your logs collected and sortable. If you are mostly doing Windows servers or workstations, then it can be a good solution. You will have to be willing to learn the software and manually create all the alerting and reporting, but once you have it set up the way you want, it should work. If you are looking at a log collection solution that has any of its own smarts and analytics, you'll want to look elsewhere. If you want out of the box reporting and alerting, look elsewhere.
Read this authenticated review
Anonymous | TrustRadius Reviewer
March 21, 2017

LEM pulls event data from across our network

Verified User
Score 9 out of 10
Vetted Review
Verified User
Review Source
Our IT department uses SolarWinds Log & Event Manager (LEM) to monitor events across our network. LEM consolidates security alerts from our firewalls as well as OS event alerts from servers. Application generated errors are passed on to our development team.
  • LEM is able to pull from a variety of different information sources without requiring a lot of configuration changes to get the data flowing.
  • LEM assists in limiting the amount of data required for the business need without requiring a full dump (ie SNMP from all sources).
  • LEM does require tweaking in order to get each data source configured. The event data comes into LEM easily, but the kind of data needs to be identified or custom classifications set up to organize the resulting alerts meaningfully.
LEM is valuable for pulling from many sources and consolidating resulting events into reports and alerts. LEM is not well suited to users not used to working with and parsing raw information.
Read this authenticated review
Anonymous | TrustRadius Reviewer
February 16, 2016

LEMme tell you about Solarwinds LEM!

Verified User
Score 9 out of 10
Vetted Review
Verified User
Review Source
We use Solarwinds Log and Event Manager (LEM) as our SIEM to correlate all of our various log data coming from servers, network equipment and security appliances to create meaningful alerts and, in some cases, automatically take action. LEM gives important insight for our IT staff into the activity the occurs on our network. It can be used for troubleshooting communication issues, quickly identifying policies that are blocking legitimate traffic, or to identify anomalies in network traffic that need to be investigated. It also sends email notifications when certain events are detected, allowing us to have eyes on even when we are away.
  • Incredibly easy to set up. It was deployed and had log sources pointed to it and performing basic correlations within a day.
  • Auto-response. The automated responses that are available after deploying the agent give you incredible control to respond to events on your network.
  • User-friendly interface. Some SIEMs can be daunting to learn how to use and get acclimated to, but LEM has an intuitive layout and is very easy to pick up and use.
  • No custom parser. Inevitably, there will be a product on your network that Solarwinds LEM won't know how to parse. Other SIEM solutions I've used leverage custom parsers for this reason. LEM does not have support for creating custom parsers, so unknown log formats remain unparsed.
  • Sometimes too basic. LEM is an excellent tool for performing basic correlations in a small to mid-size environment. If you try to get too advanced with the correlations you are trying to perform, you may get frustrated with the lack of functionality due to the way that LEM parses data.
SolarWinds Log & Event Manager (LEM) is a SIEM that is very well suited for environments where you have a small team managing your technology and need a powerful tool that is easy to set up and requires little maintenance and care to continue doing it's job. In the time that we have had LEM deployed, it has been very solid and has required very little intervention to resolve issues. It comes pre-packaged with some great correlations to get up and running right out of the box as soon as log sources are pointed at it. If you need a SIEM and either don't have the expertise in house, or don't want to spend the resources for professional services, this may be a good fit. There are only a handful of situations where we have run into LEM's limitations when trying to setup functionality or correlations. Otherwise, it is an excellent SIEM that offers some great features.
Read this authenticated review

SolarWinds Security Event Manager Scorecard Summary

Likelihood to Recommend (66)
8.2
Support Rating (10)
6.7

Feature Scorecard Summary

Centralized event and log data collection (18)
9.1
Correlation (15)
8.6
Event and log normalization (18)
8.5
Deployment flexibility (18)
8.4
Integration with Identity and Access Management Tools (13)
8.3
Custom dashboards and views (17)
5.5
Host and network-based intrusion detection (4)
8.8

About SolarWinds Security Event Manager

SolarWinds Security Event Manager (previously know as Log & Event Manager) is a powerful and award-winning SIEM. It is an on-prem deployed tool that collects, consolidates, and analyzes logs and events from firewalls, IDS/IPS devices and applications, switches, routers, servers, operating system logs, and other applications.

The main applications are threat detection, automated incident analysis and response, and compliance reporting for IT infrastructure.
Categories:  Security Information and Event Management (SIEM)

SolarWinds Security Event Manager Features

Security Information and Event Management (SIEM) Features
Has featureCentralized event and log data collection
Has featureCorrelation
Has featureEvent and log normalization
Has featureDeployment flexibility
Has featureIntegration with Identity and Access Management Tools
Has featureCustom dashboards and views
Does not have featureHost and network-based intrusion detection

SolarWinds Security Event Manager Screenshots

SolarWinds Security Event Manager Video

Security Event Manager - Overview

SolarWinds Security Event Manager Downloadables

SolarWinds Security Event Manager Competitors

Pricing

  • Has featureFree Trial Available?Yes
  • Does not have featureFree or Freemium Version Available?No
  • Does not have featurePremium Consulting/Integration Services Available?No
  • Entry-level set up fee?No

SolarWinds Security Event Manager Support Options

 Free VersionPaid Version
Phone
Email
Forum/Community
FAQ/Knowledgebase
Video Tutorials / Webinar

SolarWinds Security Event Manager Technical Details

Deployment Types:On-premise
Operating Systems: Windows
Mobile Application:No