Skip to main content
TrustRadius
SolarWinds Security Event Manager (SEM)

SolarWinds Security Event Manager (SEM)

Overview

What is SolarWinds Security Event Manager (SEM)?

SolarWinds LEM is security information and event management (SIEM) software.

Read more

Learn from top reviewers

Ideal SolarWinds Security Event Manager For Small/Medium Companies At Easy-To-Get Pricing

Rating: 8 out of 10
December 17, 2024
IncentivizedVetted ReviewVerified User
SolarWinds Security Event Manager checks a few different boxes: 1. Consolidated events from a huge variety of log sources. 2. A good presentation layer for #1. 3. Applies to m...
Continue reading
Verified user
Director
SolarWinds Security Event Manager (SEM)5 years of experience

Set-and-Forget with as needed functionality

Rating: 7 out of 10
March 30, 2022
IncentivizedVetted ReviewVerified User
We use SEM on a daily basis in our environment as per our built-out rules. We are notified of certain security events as they happen. Aside from that, we access SEM to run que...
Continue reading
Kendal Goodrich
Engineer - Information Technology
System Engineer II
South Central Regional Medical Center
SolarWinds Security Event Manager (SEM)5 years of experience

SEM: great software if you're already invested in SolarWinds

Rating: 8 out of 10
December 11, 2020
IncentivizedVetted ReviewVerified User
SolarWinds SEM is currently being used to aggregate all our event logs for our secure on-premises systems into one place for auditing and security purposes. It allows for easi...
Continue reading
Alex Giralias
Engineer - Information Technology
System Support Engineer
Capita Plc
SolarWinds Security Event Manager (SEM)1 year of experience

Solarwinds - great product with a few small flaws.

Rating: 7 out of 10
December 8, 2020
IncentivizedVetted ReviewVerified User
SolarWinds has been implemented across our network as a systems management platform for server, applications and high value workstations. I assisted it's implementation with t...
Continue reading
Joseph Crook
Analyst - Information Technology
Technology Specialist II
Portland Community College
SolarWinds Security Event Manager (SEM)1 year of experience

SolarWinds Security Event Manager Review

Rating: 8 out of 10
October 13, 2020
IncentivizedVetted ReviewVerified User
We have a deployment of SolarWinds SEM that monitors our Windows and Linux servers currently for login attempts across the whole organization. This allows us to see any possib...
Continue reading
Brandon Demko
Employee - Information Technology
Systems Administrator
SEKISUI SPI
SolarWinds Security Event Manager (SEM)1 year of experience
Log in with LinkedIn to see content from your network
Return to navigation

Pricing

View all pricing
SolarWinds Security Event Manager (SEM)

SolarWinds Security Event Manager (SEM)

N/A
Unavailable

What is SolarWinds Security Event Manager (SEM)?

SolarWinds LEM is security information and event management (SIEM) software.

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visithttps://www.solarwinds.com/products/pri…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

44 people also want pricing

Alternatives Pricing

Trellix Helix

Trellix Helix

Free
What is Trellix Helix?

Trellix Helix (formerly FireEye Helix) is a SIEM solution providing a non-malware threat detection solution.

Return to navigation

Features

Security Information and Event Management (SIEM)

Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools

8.9
Avg 7.8
Return to navigation

Product Details

What is SolarWinds Security Event Manager (SEM)?

SolarWinds Security Event Manager (previously know as Log & Event Manager) is presented by the vendor as a powerful and award-winning SIEM. It is an on-prem deployed tool that collects, consolidates, and analyzes logs and events from firewalls, IDS/IPS devices and applications, switches, routers, servers, operating system logs, and other applications.

The main applications are threat detection, automated incident analysis and response, and compliance reporting for IT infrastructure.

SolarWinds Security Event Manager (SEM) Features

Security Information and Event Management (SIEM) Features

  • Supported: Centralized event and log data collection
  • Supported: Correlation
  • Supported: Event and log normalization/management
  • Supported: Deployment flexibility
  • Supported: Integration with Identity and Access Management Tools
  • Supported: Custom dashboards and workspaces

SolarWinds Security Event Manager (SEM) Screenshots

Screenshot of Screenshot of Screenshot of Screenshot of

SolarWinds Security Event Manager (SEM) Video

Security Event Manager - Overview

SolarWinds Security Event Manager (SEM) Competitors

SolarWinds Security Event Manager (SEM) Technical Details

Deployment TypesOn-premise
Operating SystemsWindows
Mobile ApplicationNo

SolarWinds Security Event Manager (SEM) Downloadables

Frequently Asked Questions

SolarWinds LEM is security information and event management (SIEM) software.

Splunk Enterprise Security (ES), LogRhythm NextGen SIEM Platform, and ManageEngine EventLog Analyzer are common alternatives for SolarWinds Security Event Manager (SEM).

Reviewers rate Deployment flexibility and Host and network-based intrusion detection highest, with a score of 10.

The most common users of SolarWinds Security Event Manager (SEM) are from Mid-sized Companies (51-1,000 employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews From Top Reviewers

View all reviews
(1-5 of 27)

The SolarWinds SEM: Cost effective centralized log management tool that helps your audit and security.

Rating: 8 out of 10
Incentivized
December 08, 2020
Verified User
Analyst in Information Technology
Information Technology & Services Company, 1001-5000 employees
Vetted Review
Verified User
SolarWinds Security Event Manager (SEM)
1 year of experience
Use Cases and Deployment Scope
The Solarwinds SEM is used for our client for 24/7 incident monitoring and reporting. The primary use is for account events, such as lockouts, disablement, and enablement to both user and computer accounts. It really works well in correlation and helps to stick with the audit and compliance. With a user-friendly web interface and automation modules, SolarWinds is an overall excellent cost-effective SIEM product if the intention is just to monitor for security incidents by manually created correlation rules.
Pros
  • Has a nice user-friendly interface. Some SIEM can be daunting to learn how to use and get acclimated to, but LEM has an intuitive layout and is very easy to pick up and use.
  • The logging agent in the source device is really simple to deploy and integrate.
  • Monitoring and reporting the account disablement with detail to whoever disabled an account for audit and compliance.
Cons
  • Some logs are not parsed well, happen to depend on the external log parser tool.
  • The update method needs to be made even simpler, auto update would be better.
  • The email alert features with SolarWinds will send a large number of emails if the number of alerts email. The duplication of email alerting needs to be reduced.
Likelihood to Recommend
The Solarwinds SEM will get your logs collected and analyzable, especially for Windows servers or workstations, it can be a good solution. Alerting and reporting need to be done manually, but once you have it set up the way you want, it will work solidly. If you are looking at a log collection solution that has any of its own smarts and analytics, Solarwind doesn't have such machine learning features, maybe in the future. If you want out of the box reporting and alerting, that won't happen. They need to create and fine-tune the rules more.

LEM, your one stop shop for Security Event and Incident Management!

Rating: 9 out of 10
Incentivized
February 28, 2019
JT
Jim Trucano-Harp
Network and Enterprise Monitoring Leader
ZENBonz-Enterprises (Information Technology and Services, 10,001+ employees)
Vetted Review
Reseller
SolarWinds Security Event Manager (SEM)
5 years of experience
View profile
Use Cases and Deployment Scope
As a Network Monitoring Engineer and instructor, I see many Government and Military IT Organizations choose LEM as their primary Security Event and Incident Manager(SEIM) across all of their networks. LEM allows them to have a consolidated, normalized view of both their server and network environments. Having a consolidated view provides SolarWinds customers with the ability to correlate multiple security events across disparate systems and greatly reduces the amount of time and effort to detect and respond to potential security intrusions.
Pros
  • One of the most valuable features of SolarWinds LEM is its ability to normalize logs from differing systems into one common format. LEM normalization saves time and effort in doing forensic analysis by letting security personnel see the "whole picture" of their network in one place.
  • LEM's Active Response capability makes it easy to watch a security event happen in real time and to take immediate action. For example, LEM can very efficiently allow security personnel to logoff suspect users or even restart important Windows Server processes in real time, before further intrusion can happen.
  • LEM has a lot of out of the box features that allow for the quick implementation of security policy across many industries. LEM can provide immediate compliance monitoring and management for standards such as PICA, HIPAA and DISA-STIG.
Cons
  • The number one challenge for SolarWinds customers I see is LEM's reporting software. LEM Reporter, a standalone Windows Application, is not as intuitive as customers would like and they report some instability in the application itself. Customers tend to use LEM's search scheduling as a more effective way to report on security events.
  • Performance has been an issue based on LEM's use of a Flash interface. This has been a limitation for a long time. However, with the transition of the LEM interface from Flash to HTML5, customers are reporting much better performance starting in LEM 6.5
  • Every one of my customers makes some comment about LEM's very high learning curve. LEM is not very intuitive, requiring a lot of rote learning through repetition. Many LEM customers request some type of training to help them learn to use it.
Likelihood to Recommend
LEM is best deployed in networks requiring high-speed aggregation of log messages across disparate platforms to a single logging system. In an environment where immediate response to security events and incidents is needed, LEM performs very well. From tracking suspicious user login events in real time to detaching suspect USB devices from workstations, LEM provides the ability to respond quickly.

Set-and-Forget with as needed functionality

Rating: 7 out of 10
Incentivized
March 30, 2022
KG
Kendal Goodrich
System Engineer II
South Central Regional Medical Center (Hospital & Health Care, 1001-5000 employees)
Vetted Review
Verified User
SolarWinds Security Event Manager (SEM)
5 years of experience
View profile
Use Cases and Deployment Scope
We use SEM on a daily basis in our environment as per our built-out rules. We are notified of certain security events as they happen. Aside from that, we access SEM to run queries on an as-needed basis. With this we have a monitor running in the background keeping an eye on the events we want to monitor.
Pros
  • Runs without issue
  • Logs extensive detail
Cons
  • The user interface to be more user friendly
  • The query builder is tedious to use
Likelihood to Recommend
We have had scenarios in the past where a user account gets locked out continuously. As it turned out they recently changed their password but were apparently logged in elsewhere under their old password. The problem came in trying to determine where they were logged in from. With LEM we were able to query for the lockout event to determine where the failed login attempts were coming from. Once known, the account was logged out of the machine and the lockout events quit occurring.

Solarwinds (SEM) experience

Rating: 1 out of 10
Incentivized
April 01, 2021
Verified User
Analyst in Information Technology
Health, Wellness and Fitness Company, 10,001+ employees
Vetted Review
Verified User
SolarWinds Security Event Manager (SEM)
8 years of experience
Use Cases and Deployment Scope
We are using Solarwinds (SEM) for event monitoring and responding to [an] event. This is used to monitor [events] across the business. We want to use the SEM to address so many problems but Solarwind's customer service has not been great as they don't even try to [put] themselves in customer's shoes. [They] allow customers to deal with issues themselves, providing little or no support to help customers.
Pros
  • It gives you [the] ability to see logs in one central location
  • Inbuilt rules and filters
Cons
  • How to build custom [rules] for individual purposes (e.g. rules for Admin users on critical systems, log on, log off, brute force, scanning)
  • Customer support should be timely and available
  • Videos to onboarding systems should be made ( e.g, websites, servers, wireless access point, active directories, firewalls, Domain controls, etc)
  • Hard to achieve unwanted logs
  • Updates for SEM users should be made available (New features and usability)
  • No user-friendly support
  • No health check of the SEM by Solarwinds
  • Support needs to improve
  • Videos to be sent to users on how to create custom rules to fit individual purposes
  • Training on each feature of the SEM tool should be made available in a specific location on SolarWinds website
  • Best practice videos and use cases should be made available
Likelihood to Recommend
The SEM tool [seems] very difficult to use due to lack of support from SolarWinds customer support. No up-to-date documentation on how to onboard, no videos on best practices, no use case videos[, and] bad customer service.

LEMme tell you about Solarwinds LEM!

Rating: 9 out of 10
Incentivized
February 16, 2016
Verified User
Engineer in Information Technology
Financial Services Company, 201-500 employees
Vetted Review
Verified User
SolarWinds Security Event Manager (SEM)
1 year of experience
Use Cases and Deployment Scope
We use Solarwinds Log and Event Manager (LEM) as our SIEM to correlate all of our various log data coming from servers, network equipment and security appliances to create meaningful alerts and, in some cases, automatically take action. LEM gives important insight for our IT staff into the activity the occurs on our network. It can be used for troubleshooting communication issues, quickly identifying policies that are blocking legitimate traffic, or to identify anomalies in network traffic that need to be investigated. It also sends email notifications when certain events are detected, allowing us to have eyes on even when we are away.
Pros
  • Incredibly easy to set up. It was deployed and had log sources pointed to it and performing basic correlations within a day.
  • Auto-response. The automated responses that are available after deploying the agent give you incredible control to respond to events on your network.
  • User-friendly interface. Some SIEMs can be daunting to learn how to use and get acclimated to, but LEM has an intuitive layout and is very easy to pick up and use.
Cons
  • No custom parser. Inevitably, there will be a product on your network that Solarwinds LEM won't know how to parse. Other SIEM solutions I've used leverage custom parsers for this reason. LEM does not have support for creating custom parsers, so unknown log formats remain unparsed.
  • Sometimes too basic. LEM is an excellent tool for performing basic correlations in a small to mid-size environment. If you try to get too advanced with the correlations you are trying to perform, you may get frustrated with the lack of functionality due to the way that LEM parses data.
Likelihood to Recommend
SolarWinds Log & Event Manager (LEM) is a SIEM that is very well suited for environments where you have a small team managing your technology and need a powerful tool that is easy to set up and requires little maintenance and care to continue doing it's job. In the time that we have had LEM deployed, it has been very solid and has required very little intervention to resolve issues. It comes pre-packaged with some great correlations to get up and running right out of the box as soon as log sources are pointed at it. If you need a SIEM and either don't have the expertise in house, or don't want to spend the resources for professional services, this may be a good fit. There are only a handful of situations where we have run into LEM's limitations when trying to setup functionality or correlations. Otherwise, it is an excellent SIEM that offers some great features.
Return to navigation