Skip to main content
TrustRadius
SolarWinds Security Event Manager (SEM)

SolarWinds Security Event Manager (SEM)

Overview

What is SolarWinds Security Event Manager (SEM)?

SolarWinds LEM is security information and event management (SIEM) software.

Read more

Learn from top reviewers

Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is SolarWinds Security Event Manager (SEM)?

SolarWinds LEM is security information and event management (SIEM) software.

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visithttps://www.solarwinds.com/products/pri…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

44 people also want pricing

Alternatives Pricing

What is Trellix Helix?

Trellix Helix (formerly FireEye Helix) is a SIEM solution providing a non-malware threat detection solution.

Return to navigation

Features

Security Information and Event Management (SIEM)

Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools

8.9
Avg 7.8
Return to navigation

Product Details

What is SolarWinds Security Event Manager (SEM)?

SolarWinds Security Event Manager (previously know as Log & Event Manager) is presented by the vendor as a powerful and award-winning SIEM. It is an on-prem deployed tool that collects, consolidates, and analyzes logs and events from firewalls, IDS/IPS devices and applications, switches, routers, servers, operating system logs, and other applications.

The main applications are threat detection, automated incident analysis and response, and compliance reporting for IT infrastructure.

SolarWinds Security Event Manager (SEM) Features

Security Information and Event Management (SIEM) Features

  • Supported: Centralized event and log data collection
  • Supported: Correlation
  • Supported: Event and log normalization/management
  • Supported: Deployment flexibility
  • Supported: Integration with Identity and Access Management Tools
  • Supported: Custom dashboards and workspaces

SolarWinds Security Event Manager (SEM) Screenshots

Screenshot of Screenshot of Screenshot of Screenshot of

SolarWinds Security Event Manager (SEM) Video

Security Event Manager - Overview

SolarWinds Security Event Manager (SEM) Technical Details

Deployment TypesOn-premise
Operating SystemsWindows
Mobile ApplicationNo

SolarWinds Security Event Manager (SEM) Downloadables

Frequently Asked Questions

SolarWinds LEM is security information and event management (SIEM) software.

Splunk Enterprise Security (ES), LogRhythm NextGen SIEM Platform, and ManageEngine EventLog Analyzer are common alternatives for SolarWinds Security Event Manager (SEM).

Reviewers rate Deployment flexibility and Host and network-based intrusion detection highest, with a score of 10.

The most common users of SolarWinds Security Event Manager (SEM) are from Mid-sized Companies (51-1,000 employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews From Top Reviewers

(1-5 of 40)

Log Police - The Best at Logging Events and Collection

Rating: 10 out of 10
January 28, 2022
Vetted Review
Verified User
SolarWinds Security Event Manager (SEM)
8 years of experience
At the university I work we use SolarWinds Security Event Manager. It is used to collect logs from firewalls, routers, switches, wireless controllers, NPS servers, and Domain Controllers. We then use this data to analyze and generate required reports on any incidents. Having all the info in one location makes analyzing events far simpler.
  • Customizable event filters
  • Awesome user interface
  • Easy to configure connectors
Cons
  • Needs better integration with SolarWinds NPM. This is the only Solarwinds product we use that isn't integrated.
  • It needs a more lightweight client.
Solarwinds SEM is great for generating reports for investigation purposes. Once you set up the connectors you can walk away and the product runs without needing maintenance. It was however pretty difficult to create the reports and alerts when now starting out and it can be very intimidating for new users.

SolarWinds LEM, it'll get the job done if you're willing to get your hands dirty.

Rating: 6 out of 10
November 07, 2017
Vetted Review
Verified User
SolarWinds Security Event Manager (SEM)
5 years of experience
We are currently using Solarwinds LEM to pull logs from about 150 servers. We have also worked to get logs pulled from some barracuda load balancers and also a barracuda message archiver. We have alerting set on account lockouts and some other security events. LEM has helped notify us of account attacks and has also been valuable to reviewing both application and security logging when we need to cross reference servers or look at historical data.
  • LEM's console interface works well to narrow down all the logs into a view able format.
  • You can customize alerting triggers off of any event conditions.
  • the logging agent is relatively small and easy to deploy.
Cons
  • In order to navigate the console smoothly and set alerting in place, you need to go through their training.
  • All your configuration is done by hand. There are no built in analytics or alerting to help you.
  • I've found the reporting, real time and otherwise, to be slow and unruly. There are some updates and work a rounds that we have applied to help optimize the process, but if you try to pull to many logs, or over too long a period of time it will often time out.
  • The logging and reporting is dependent on the server automatically determining the type of server and logs it is getting. If it doesn't properly tag the logs, then they are essentially gone, lost, unsearchable. There is no good way to manually tell the server to classify the logs, which makes the process either difficult or impossible at times.
It will get your logs collected and sortable. If you are mostly doing Windows servers or workstations, then it can be a good solution. You will have to be willing to learn the software and manually create all the alerting and reporting, but once you have it set up the way you want, it should work. If you are looking at a log collection solution that has any of its own smarts and analytics, you'll want to look elsewhere. If you want out of the box reporting and alerting, look elsewhere.

SolarWinds Log & Event Manager: Exactly as Advertised

Rating: 10 out of 10
March 15, 2019
Vetted Review
Verified User
SolarWinds Security Event Manager (SEM)
2 years of experience
SolarWinds Log & Event Manager is used by our company's IT department to monitor events on domain controllers in locations across the globe. The primary use is for account events, such as lockouts, disablement, and enablement to both user and computer accounts. It is a more proactive way to give attention to user account management. While not an originally intended use, the node health section also lets us know if a domain controller is not acting properly.
  • Monitors account lockouts and reports them with detail so that it is easier to solve this with end users.
  • Monitors and reports account disablement with detail to whoever disabled an account, for audit and accountability.
  • Also, monitors and reports account enablement with detail to whoever enabled an account, again for audit and accountability.
Cons
  • Flash-based UI can lag, HTML5 would be preferred
  • Availability for custom widgets, but you need a bit of training to get things done right unless you have time for trial and error.
  • It only knows what it knows for account lockouts. If a source machine isn't available in the Event Viewer ID that triggers the alert, it does not have any extra tools to help it determine the issue.
Great for email alerts of account actions, such as lockout, enablement, and disablement. We engaged in a separate solution to track account creation. Other solutions are needed for the in-depth tracking of account lockouts if it doesn't involve a definite source machine on the network.

SolarWinds SEM is the next-gen log correlation solution

Rating: 8 out of 10
July 21, 2020
Vetted Review
Verified User
SolarWinds Security Event Manager (SEM)
1 year of experience
Our organization chose to invest in SolarWinds Security Event Manager because we needed a centralized log management and correlation solution that can be quickly and seamlessly integrated into our global infrastructure. It is very easy to provision by simply installing additional modules onto the Solarwinds server and pointing all of the network/systems devices to it. Having log data in one central location has a huge benefit. For example, troubleshooting an issue on a network can now be done by multiple teams where everyone with access to SEM can search the log repository. The live filtering and historical search capabilities make it easy to get the necessary evidence and the time stamp of what the issue is and when it started. The built-in templates are also helpful in analyzing and targeting specific log data.
  • Advanced search capabilities across all log data, powered by a quick engine to minimize the delay.
  • Built-in or customized templates.
  • Alerting capabilities.
Cons
  • More advanced log correlation mechanisms with better filtering capabilities.
SEM is well suited for all size networks, from small to large. It can be used by network engineers or by security engineers as the tool can address multiple issues.

SolarWinds Security Event Manager: A "log" above everyone else

Rating: 8 out of 10
January 31, 2020
Vetted Review
Verified User
SolarWinds Security Event Manager (SEM)
3 years of experience
SolarWinds Security Event Manager is a log and event manager that we implemented to replace our Cisco MARS appliance. This system is used by our security team to monitor and log events throughout the entire organization. From an alerting point of view, SolarWinds Security Event Manager makes our monitoring simpler and more refined. By allowing us to create and set email alerts on important and critical events, SolarWinds Security Event Manager allows a hands-off approach, so that we don't have to review hundreds of lines of alerts to get the critical information, saving us time and effort.
  • Allows log collecting from almost any source of data, using multiple types of authentication and collection (i.e. SNMP, WMI, etc.)
  • Allows customization of dashboards per user, so that you can quickly find the information relevant to your position.
Cons
  • The dashboard and reports use javascript, which can be slow to load.
  • To get it up and running was fast, however, to correctly configure proper alerts, you have to spend a ton of time.
SolarWinds Security Event Manager is well-suited for small- to mid-sized organizations that cannot afford a large Information Technology team or department. SolarWinds Security Event Manager has robust reporting and logging capabilities, but significant time must be spent up front to ensure proper configuration. Once configured, however, the power of SolarWinds Security Event Manager stands above Cisco from an alerting perspective and can assist with investigating any security issue in your environment.
Return to navigation