SolarWinds Security Event Manager (SEM)

Score7.9 out of 10

121 Reviews and Ratings

Community insights

TrustRadius Insights for SolarWinds Security Event Manager (SEM) are summaries of user sentiment data from TrustRadius reviews and, when necessary, third party data sources.

Pros

Easy Configuration Process: Many users have expressed their positive experiences with the configuration process of SolarWinds, noting that it is easy and straightforward. This indicates that the product provides a user-friendly interface for making necessary adjustments, making it convenient for users to set up and customize according to their needs.

Excellent Customer Support: Several reviewers have praised the expertise and effectiveness of SolarWinds' customer support team in resolving issues. They have found the assistance provided by the support team to be valuable in addressing any concerns or difficulties they encountered while using the product.

Efficient Log Collection and Normalization: Users appreciate the centralized log collection and normalization feature offered by SolarWinds. This functionality streamlines the monitoring and analysis process by efficiently collecting logs from various sources and normalizing them into a consistent format. This allows for easier management and analysis of log data, saving users time and effort.

Reviews

46 Reviews

Ideal SolarWinds Security Event Manager For Small/Medium Companies At Easy-To-Get Pricing

Rating: 8 out of 10

Incentivized

December 17, 2024

Use Cases and Deployment Scope

SolarWinds Security Event Manager checks a few different boxes: 1. Consolidated events from a huge variety of log sources. 2. A good presentation layer for #1. 3. Applies to more than a few GRC obligations. 4. And does 1-3 at an incredibly reasonable price.

Pros

Integrations (around 800?) is great
Provides the single pane-of-glass
Is part of the SW ecosystem

Cons

CAPACITY - 2500 EPS needs to be higher
Allow resizing of charts (i.e. drag-and-drop)

Likelihood to Recommend

Optimal for SolarWinds Security Event Manager needs for smaller companies - it is a very cool product but has some limitations around EPS (which gets chewed up quickly if you're doing it the right way & adding servers/storage/FW & other network devices)... Also pricing model is GREAT (not consumption-based, which is the greatest grift the SIEM industry has created).

Verified User

Director in Information Technology (201-500 employees)

Vetted Review

5 years of experience

SolarWinds SEM helps system administrator analyze issues on network and server

Rating: 8 out of 10

April 19, 2022

Use Cases and Deployment Scope

We use SEM to collect and analyze events from servers and routers. We can find the issues, like incorrect user logon and most port visit on router from SEM reports.

Pros

quickly find top logon failure user, which is suspect of malware infection
easily find most visited port on the routers to find possible attack
SEM traffic type sort report is useful tool to control unnecessary network usage

Cons

wish SEM could update by itself

Likelihood to Recommend

SEM is a good software to collect all the events and be a platform to have a view of the whole network status, instead of connecting to each server, find a clue from thousands of events. SEM also keeps a history of events and save space on each server, avoiding server defective while free space is consumed by huge event log files.

Verified User

Administrator in Information Technology (51-200 employees)

Vetted Review

3 years of experience

Easy to install and easy to use

Rating: 10 out of 10

Incentivized

March 30, 2022

Use Cases and Deployment Scope

We use SEM (formally LEM) to log changes that are made in our switching environment and who made them. SEM also logs all changes in our active directory environment. We log any and all account changes such as account renames, account deletions, account creations, and again who made those changes. SEM logs our servers, who logs into them, and any changes that are made to the server. We receive emails immediately when any of the above mention processes take place. It is nice to see these changes especially when it is evenings and weekends while we are not in the office. If changes are made while we are not working, we know to follow up with the person whose account made the changes to see if they are legit or not.

Pros

Logging network account changes and who is making them
Collecting data. Lots of data.
Easy to use dashboard

Cons

Access control
Behavioral analytics

Likelihood to Recommend

SEM is well suited for smaller companies looking to log events and usage. We really use it a lot to see what network accounts are changed and who changed them and who is logging into what servers and when they are doing it. We watch these things for suspicious logins and suspicious activity on servers. SEM helps us to see what switches have had changes made to them and who made the change as well as the time/date.

Verified User

Engineer in Information Technology (1001-5000 employees)

Vetted Review

5 years of experience

Set-and-Forget with as needed functionality

Rating: 7 out of 10

Incentivized

March 30, 2022

Use Cases and Deployment Scope

We use SEM on a daily basis in our environment as per our built-out rules. We are notified of certain security events as they happen. Aside from that, we access SEM to run queries on an as-needed basis. With this we have a monitor running in the background keeping an eye on the events we want to monitor.

Pros

Runs without issue
Logs extensive detail

Cons

The user interface to be more user friendly
The query builder is tedious to use

Likelihood to Recommend

We have had scenarios in the past where a user account gets locked out continuously. As it turned out they recently changed their password but were apparently logged in elsewhere under their old password. The problem came in trying to determine where they were logged in from. With LEM we were able to query for the lockout event to determine where the failed login attempts were coming from. Once known, the account was logged out of the machine and the lockout events quit occurring.

Kendal Goodrich

System Engineer II in Information Technology at South Central Regional Medical Center (1001-5000 employees)

Vetted Review

5 years of experience

View profile

SEM - Powerful and Affordable

Rating: 9 out of 10

Incentivized

March 29, 2022

Use Cases and Deployment Scope

We use SEM as our primary logging solution for all network infrastructure devices (switches, routers, WLCs, etc). The software allows us to track changes, identify issues, and it helps us stay compliant with insurance requirements. Particularly useful is the ability to send e-mail notifications when a critical event has occurred.

Pros

Logging network devices and servers
Searching Historical Events
Notifications and custom rules

Cons

Sometimes get duplicate log entries for the same event
There is a moderate learning curve for setup and maintenance

Likelihood to Recommend

There are numerous SIEM solutions out there, all of which offer similar features. SEM does have a slight learning curve to get set up and working but is not unreasonable. For us, SolarWinds SEM strikes the perfect balance between cost and functionality. We re-evaluate our logging needs every year and SEM continues to meet the requirements of our business.

Verified User

Employee in Information Technology (501-1000 employees)

Vetted Review

3 years of experience

Security Event Manager (SEM) - An intuitive and inexpensive product if you need a reliable Syslog manager in a classical network deployment

Rating: 9 out of 10

March 28, 2022

Use Cases and Deployment Scope

SolarWinds Security Event Manager (SEM) is our dedicated syslog for network devices, providing a higher set of features, search capabilities and filters than the basic syslog section in the Network Performance Module (NPM). The built-in dashboards and ability to look at events in various categories prove particularly useful in troubleshooting scenarios.

Pros

Categorizing of events in different buckets: Security, IT Operations, Change Management, Authentication, Endpoint Monitoring, Compliance.
Intuitive configuration via Wizards, with meaningful examples and interactive help.
The ability to create rules and set up actions for select events, using predefined templates.

Cons

Better integration with NPM, rather than being a standalone product.

Likelihood to Recommend

SolarWinds Security Event Manager (SEM) would definitely prove itself as a valuable tool in any network administrator's portfolio, surpassing the syslog capabilities built into the SolarWinds Performance Manager. The ability to check both historical and live logs and have the events categorized, as well as the option to apply multiple filters to narrow down searches to the relevant information are of great use in troubleshooting scenarios or forensic tasks.

Verified User

Employee in Information Technology (5001-10,000 employees)

Vetted Review

1 year of experience

SEM provides easy, affordable SIEM appliance

Rating: 8 out of 10

March 28, 2022

Use Cases and Deployment Scope

Main SIEM All feeds to this

Pros

easy to configure
easy to update
pretty good support
easy to learn

Cons

more built in decoders for events
easier integration with endpoints that are not main stream
better cloud integrations

Likelihood to Recommend

SEM is scalable and would fit most installations. May need more than one if you have a large installation

Verified User

Professional in Information Technology (201-500 employees)

Vetted Review

8 years of experience

SolarWinds SEM is easy to setup and (mostly) manageable

Rating: 8 out of 10

March 28, 2022

Use Cases and Deployment Scope

We use it as an internal SIEM tool and we also train others how to use it.

Pros

Process Syslog/trap and event messages
Provides an easily understood dashboard
easily processes events from agent and non-agent devices

Cons

Reporting uses Crystal Reports which is very limited and not intuitive
Process for building custom filters needs more in-context help tools

Likelihood to Recommend

PCI and DISA STIG monitoring and compliance are a strong point for SEM. There are a fair number of out-of-the-box filters for both. Developing a monitoring approach which is entirely custom and not bound to a particular regulatory framework is cumbersome due to the limited assistance with filter and rule construction.

Verified User

Consultant in Information Technology (1-10 employees)

Vetted Review

2 years of experience

Superior Product, Easy to Implement and Very Reliable!

Rating: 10 out of 10

Incentivized

March 26, 2022

Use Cases and Deployment Scope

We have a group of servers that reside in Microsoft Azure as well as on-premise. SEM allows us to centrally manage these servers for both security risks as well as general events that we may otherwise miss. With the SEM technology, we are able to spend more time where it is needed and rely on SEM to notify us of any potential issues or threats.

Pros

Steady monitor of server activity.
Notifications for events logged which we have alerts set for.
Ease of use.

Cons

I believe it is currently doing everything it needs to for my needs.

Likelihood to Recommend

This is basically the same as last question.

Verified User

Engineer in Information Technology (11-50 employees)

Vetted Review

3 years of experience

Easy product for Security Information and Event Management (SIEM)

Rating: 8 out of 10

Incentivized

March 19, 2022

Use Cases and Deployment Scope

This tool is very beneficial for securing our network environment and systems from any defects in our companies. This tool is our main SIEM solution. We are using SEM as a log collection and event generated on our server farms (local and DMZ). And also we are using real-time monitoring for some specific events defined by our security team.

Pros

Log collection
User-friendly and Easy dashboards
Queries seeped (according to our size)
log data parsing is good. if you upgrade some systems, most likely SEM will recognize it

Cons

Agent installations are easy but there are some meaningless steps
Can be add an advanced reporting process or module

Likelihood to Recommend

Solar winds can be installed quickly in the production environment and can collect data. Log data collection is the first and most important step for cyber-security and forensic investigation. The tool gives the best services for monitoring our whole network environment with great features.

Verified User

Supervisor in Information Technology (201-500 employees)

Vetted Review

4 years of experience

Loading Reviews List....