Skip to main content
SolarWinds Security Event Manager (SEM)

SolarWinds Security Event Manager (SEM)


What is SolarWinds Security Event Manager (SEM)?

SolarWinds LEM is security information and event management (SIEM) software.

Read more
Recent Reviews

TrustRadius Insights

Easy Configuration Process: Many users have expressed their positive experiences with the configuration process of SolarWinds, noting that …
Continue reading
Read all reviews


Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Popular Features

View all 7 features
  • Centralized event and log data collection (17)
  • Deployment flexibility (17)
  • Event and log normalization/management (17)
  • Custom dashboards and workspaces (16)
Return to navigation


View all pricing

What is SolarWinds Security Event Manager (SEM)?

SolarWinds LEM is security information and event management (SIEM) software.

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visit…


  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

39 people also want pricing

Alternatives Pricing

What is Microsoft Sentinel?

Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.

What is Sumo Logic?

Sumo Logic is a log management offering from the San Francisco based company of the same name.

Return to navigation


Security Information and Event Management (SIEM)

Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools

Avg 7.8
Return to navigation

Product Details

What is SolarWinds Security Event Manager (SEM)?

SolarWinds Security Event Manager (previously know as Log & Event Manager) is presented by the vendor as a powerful and award-winning SIEM. It is an on-prem deployed tool that collects, consolidates, and analyzes logs and events from firewalls, IDS/IPS devices and applications, switches, routers, servers, operating system logs, and other applications.

The main applications are threat detection, automated incident analysis and response, and compliance reporting for IT infrastructure.

SolarWinds Security Event Manager (SEM) Features

Security Information and Event Management (SIEM) Features

  • Supported: Centralized event and log data collection
  • Supported: Correlation
  • Supported: Event and log normalization/management
  • Supported: Deployment flexibility
  • Supported: Integration with Identity and Access Management Tools
  • Supported: Custom dashboards and workspaces

SolarWinds Security Event Manager (SEM) Screenshots

Screenshot of Screenshot of Screenshot of Screenshot of

SolarWinds Security Event Manager (SEM) Video

Security Event Manager - Overview

SolarWinds Security Event Manager (SEM) Technical Details

Deployment TypesOn-premise
Operating SystemsWindows
Mobile ApplicationNo

SolarWinds Security Event Manager (SEM) Downloadables

Frequently Asked Questions

SolarWinds LEM is security information and event management (SIEM) software.

Splunk Enterprise Security (ES), LogRhythm NextGen SIEM Platform, and ManageEngine EventLog Analyzer are common alternatives for SolarWinds Security Event Manager (SEM).

Reviewers rate Host and network-based intrusion detection highest, with a score of 10.

The most common users of SolarWinds Security Event Manager (SEM) are from Mid-sized Companies (51-1,000 employees).
Return to navigation


View all alternatives
Return to navigation

Reviews and Ratings


Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

Easy Configuration Process: Many users have expressed their positive experiences with the configuration process of SolarWinds, noting that it is easy and straightforward. This indicates that the product provides a user-friendly interface for making necessary adjustments, making it convenient for users to set up and customize according to their needs.

Excellent Customer Support: Several reviewers have praised the expertise and effectiveness of SolarWinds' customer support team in resolving issues. They have found the assistance provided by the support team to be valuable in addressing any concerns or difficulties they encountered while using the product.

Efficient Log Collection and Normalization: Users appreciate the centralized log collection and normalization feature offered by SolarWinds. This functionality streamlines the monitoring and analysis process by efficiently collecting logs from various sources and normalizing them into a consistent format. This allows for easier management and analysis of log data, saving users time and effort.

Confusing User Interface: Users have expressed dissatisfaction with the confusing user interface of SolarWinds SEM, which has made tasks difficult to accomplish. Many reviewers have specifically mentioned that they struggled to navigate and understand the UI.

Limited Reporting Capabilities: Users have found the reporting capabilities of SEM to be limited and not intuitive. They have suggested the need for a better report generation tool that offers more flexibility and customization options.

Poor Integration with Other Products: Several users desired better integration between SEM and other products in the SolarWinds line, such as NPM. They mentioned difficulties in achieving seamless integration, which hindered their ability to effectively manage their network infrastructure.

Users have provided several recommendations based on their experiences with SolarWinds Security Event Manager. The three most common recommendations are:

  1. It is important to have a detailed plan before deploying the tool. This will help meet expectations and ensure effective usage.

  2. Users highly recommend SolarWinds Security Event Manager as a reliable security solution. It provides comprehensive log monitoring and is particularly useful for tracking equipment, communication lines, and backup programming.

  3. Before making a decision, users suggest evaluating whether SolarWinds Security Event Manager meets the specific requirements of your company. Consider factors such as company size, data protection needs, scalability, user intuitiveness, ease of installation, and cost-effectiveness.

It's worth noting that while some users find the software easy to use and understand, others mention concerns about its pricing and suggest exploring alternative options like PRTG or OpManager.

Attribute Ratings


(1-5 of 5)
Companies can't remove reviews or game the system. Here's why
Score 7 out of 10
Vetted Review
Verified User
SolarWinds Security Event Manager is utilized by the Information Technology department. Individuals on multiple IT teams have email alerts set up to notify them about events that require action. Additionally, the Security Event Manager is also utilized when there is a need to look at the logs to identify the root cause of a problem. For example, user account lockouts at a time the user wasn't in the office. It addresses multiple business problems by letting us know when something requires our attention.
  • Easy to utilize--the rules are straightforward and pre-configured. You just have to customize them to fit your environment.
  • Great customer service, which is incredibly useful when you want help with better utilizing the SEM.
  • Easy and clear filters when looking for specific information without your environment.
  • The SEM can be rather slow--an increase in CPU and RAM appeared to fix this problem fairly easily though.
  • The SEM has lately required reboots for us fairly often. This is something we are currently working with support to resolve.
  • The SEM could release additional graphic options to help better display data to management.
The SolarWinds Security Event Manager is great for people who want to be able to either view logs or set up emails for certain actionable events. However, it would be less helpful in a situation where you want your SEM to be taking action on specific items. There are some actions that can be taken by the SEM, but they constitute a rather short list in comparison to other SEM tools.
Security Information and Event Management (SIEM) (6)
Centralized event and log data collection
Event and log normalization/management
Deployment flexibility
Integration with Identity and Access Management Tools
Custom dashboards and workspaces
  • Able to keep our systems with a higher uptime, due to being able to resolve issues faster.
  • Able to be alerted on key issues, making us more proactive.
  • Able to research issues more easily in one central location.
I have additionally used Netwrix Auditor, which has some similarity with SolarWinds SEM. I use both hand in hand, but typically use the SEM first since it is easier to manage. With Netwrix custom searches are more complex than customer searches in the SEM. The SEM makes it easy to save custom filters, which makes future similar research very easy.
  • Price
  • Product Reputation
Our IT team has a few products with SolarWinds so the SEM was the first product considered. The brand reputation is the main factor that lead to purchasing the SolarWinds Security Event Manager. Additionally, the price is always a factor that is taken into close consideration at our company.
Information Security and Systems Team are the main users of the SEM. A few other teams get alerts from the SEM, but aren't in the SEM interface or familiar with the platform. Only a handful of employees actually handle the management and configuration of the SEM in our environment. But a good amount of our IT team has alerts set up for them.
Supporting the SEM has required working with the command line a little bit and being able to enter the back end of the SEM. Having a team member willing to do that, is essential when it comes to things like needing to reboot the SEM or upgrade it. However, most things are handled by one person and then escalated as needed.
  • Filters to check for issues (that you don't want email alerts for)
  • Email alerts for major issues that require user action
  • Automation of actions based on certain alerts
  • Checking for failing service accounts
  • Being able to review account logon failure reasons
  • Alerts that we didn't plan on putting in SEM
  • Research problems to find who caused a specific change
It is pretty likely that we will renew SEM when the time comes up. It is easy to use and maintain so there isn't much of a need to replace this product. It is also a pretty fair price for the capabilities provided by the SEM.
We have just regular support, which is enough to resolve issues. I turn to the SolarWinds Thwack community for a lot of things. There is lots of documentation and informative information there that can prevent even needing to open a support ticket. I always check documentation, Thwack, and then open a support ticket if those options didn't answer my questions.
I watched a SolarWinds webinar and months later the SolarWinds rep is still willing to help me out with any questions. Every once in the while, I will send him a quick question regarding configuration or a new feature of the product. He always replies fast and gives great detailed answers.
The support for SolarWinds SEM is pretty good. Most issues are easily resolved and the support team will work with you until the issue is fully resolved. Sometimes it takes a while to receive initial help, but once you get in contact with the support agent, it typically is a pretty decent process.
  • Search function
  • Setting up filters
  • Monitoring node status
  • Setting up alerts
  • Reducing alert noise
After learning best practices of the SEM it is fairly easy to use and manage. Just the initial configuration and revision process can take some time. After about a month of using the SEM, I was able to navigate through most aspects of it with no problems. It just takes some hands on practice to best utilize the SEM.
Score 8 out of 10
Vetted Review
It is being used by the outsider IT company who does Level2 and Level3 support. We use it to audit network device logs with it (Palo Alto Firewalls and Juniper switches). Also we use it to audit Active Directory logons. It is easier to keep these logs in a single place.
  • Customizable dashboards, where you can see everything you want.
  • Easy to set-up connectors.
  • Fully customizable event filters.
  • Unable to set up some legacy equipment (Zyxel switches).
  • Not an easy to product to learn from scratches.
A good product for a single pane of glass auditing various products.
Not a product you can set up properly in 1 hour and needs long hours of reading to get used to.
  • Unfortunately I can't really rate the financial perspective.
It is a bit hard to compare, since Cortex XDR is kind of a different starship, with endpoint protection and such, and not really great for auditing Windows Event Logs.
ELK stack on the other hand is free in some of it's editions but seems much similar then Cortex. SolarWinds SEM has better premade dashboards and event filters.
Our only support case was the legacy Zyxel switch topic.
Great product, with a steep learning curve.
Tim Short | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
We are currently using it within our Operations team to monitor events and alert others of security events and anomalies that it detects. I would like to recommend this product to any business needing to increase their security posture and get better alerts and more reliable data to look at to assist with the root cause and security monitoring.
  • Automated threat detection
  • Log collection
  • Live filtering
  • Custom rules
  • Alerting can be confusing to configure
  • The dashboards and widgets look a little old as with all SolarWinds products
  • The initial setup can take a lot of time
It is great for using the automated response to log off users or detaching a USB device to assist with keeping your end-user devices safe in the workplace and from home now that people are doing more of a home office has a tool that can monitor what is going on on the desktops is a big plus and giving our OPS team the ability to kill a malicious process without giving them more training or privileged account to assist with stopping malicious users. There is not as much of a learning curve due to the fact that we already use the Orion products by SolarWinds making this product easier to learn.
  • It has given our helpdesk and ops team more capabilities with less training and access.
  • It gives a lot more insight to what the users are doing now that they are working from home
  • Allows for a central tool that works with our other SolarWinds products to give a better view of our entire ecosystem of computers.
We picked SolarWinds because of the better price point, integration with other SolarWinds products, and the ease of training. Because we were already familiar with the SolarWinds way of doing alerts and reports, it made this product a nice fit for our company and it has great capabilities built in to give our team a feeling of being more secure and to help deter possible attackers.
ORION Enterprise, SolarWinds NetFlow Traffic Analyzer (NTA), SolarWinds Database Performance Analyzer
  • Price
  • Product Features
  • Product Usability
  • Product Reputation
  • Prior Experience with the Product
  • Vendor Reputation
  • Existing Relationship with the Vendor
  • Positive Sales Experience with the Vendor
  • Analyst Reports
We decided to use the SolarWinds product because we are really satisfied with the SolarWinds product line and they always make great products. I would recommend this product to anyone especially those who are familiar with other SolarWinds products and have prior experience with SolarWinds. Security event manager is a great addition to anyone already using SolarWinds or even for people who have never used SolarWinds before.
Our organization has 4 people that monitor this on a daily basis and they all work in our Operations center they monitor all of the SolarWinds events. They monitor our similar products to watch for intrusion and unpatched machines along with seeing traffic patterns by the users and server traffic.
We have 2 people that monitor it and they are utilizing the SolarWinds training to learn how to better use the product.
  • Monitor for security incidents
  • prevent major network outages
  • keep everyone notified about potential issues
  • Fix minor issues before they become major issues
  • train more users to help with monitoring
  • alerting and automation to resolve issues
I would add a few more people to watch the product demo and maybe have more than 3 products I am reviewing. I am also partial to SolarWinds so I kind of limited myself and my options without realizing it. I would suggest getting a vendor who is agnostic to suggest multiple products to compete with it.
SolarWinds customer support has always been amazing and extremely willing to help. They also are great at providing a library of training and videos to further your knowledge and help you learn more about your product. The support team has helped us with data migration of other products and upgrades and they kept at it and stayed with us until the project was done.
If you are familiar with SolarWinds then you can use this product it's as easy as that. If you have never used a SolarWinds product then it will take a minute to get how they do reports and make dashboards but that being said the tool is great and can make things very easy once you get a feel for how it works and get everything setup how you like it.
Brandon Demko | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
We have a deployment of SolarWinds SEM that monitors our Windows and Linux servers currently for login attempts across the whole organization. This allows us to see any possible vulnerabilities in real-time.
  • It is flexible with a variety of system connectors.
  • Setup is easy.
  • Monitoring log size and system resources is simple.
  • It is a robust product so, not clear out of the box exactly what it can do.
  • Agent installs can sometimes need manual removal.
  • If you're running an older version of SEM, migrating clients to a new install isn't clear-cut.
SolarWinds SEM is a great cost/performance balance. It scales well and doesn't require a lot of babysitting. If you're not familiar with what you're looking for it can seem daunting.
  • It allows us to see in real-time events as they happen, saving us time.
We had an older version of SolarWinds SEM, however, it was not being utilized.
The quality of support can vary depending on whom you end up speaking with. I was fortunate enough to work with a support representative who was very familiar with the product. He had even authored some of the support documentation on the website. On the flip side, I had two other experiences where I was simply directed to online training material.
Overall, the system is easy to implement and maintain. Also, adding a connector to a system is pretty simple. Knowing what you want to monitor and watch for, however, can be a bit daunting.
Score 6 out of 10
Vetted Review
Verified User
SolarWinds SEM is used in our operational technology infrastructure to collect and analyze logs from critical systems, those that are part of or manage the infrastructure, and also systems themselves such as the control system(s). It is used to identify issues like account failures and unexpected configuration changes, as well as being a general centralized logging system. The only shortcoming is that it would be great if it could be used as a centralized logging system even for devices that do not have log processors. We have a number of devices not yet supported and just to have the logs in would be useful, rather than setting up a separate Syslog server.
  • Visualization: the UI is slick and easy to follow.
  • Filtering and Sorting: narrowing down logs is powerful.
  • Windows event log parsing
  • Device support: less common devices do not have drivers. An SDK or generic one to customize would be useful.
  • Generic syslog: some standalone syslog solutions without parsing are more powerful just for log analysis.
  • Traceability: tracing log events back to the source needs to be done in the older flash UI until implemented in the new UI.
SolarWinds Security Event Manager is good for detecting events out of the ordinary, however, getting it to the point where 'normal' or 'ok' activity is hidden is time-consuming and can be difficult. It is good as a general dashboard to identify security events or where changes have had unexpected impacts, not as good as a general log server for analysis.
  • It has not been operational long enough to determine ROI.
This was recommended to us by a vendor. As we were using other SolarWinds products, we did not analyze many options.
SolarWinds Server & Application Monitor, VMware vCenter Server
The support is always very responsive and helpful. I was surprised how questions were answered and issues were looked into with screen sharing and log capture etc.
It is very good at what it does, but time-consuming and hard to set up to 'stabilize' it so that abnormalities can be easily spotted.
Return to navigation