LEM pulls event data from across our network
March 21, 2017

LEM pulls event data from across our network

Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with SolarWinds Log & Event Manager

Our IT department uses SolarWinds Log & Event Manager (LEM) to monitor events across our network. LEM consolidates security alerts from our firewalls as well as OS event alerts from servers. Application generated errors are passed on to our development team.
  • LEM is able to pull from a variety of different information sources without requiring a lot of configuration changes to get the data flowing.
  • LEM assists in limiting the amount of data required for the business need without requiring a full dump (ie SNMP from all sources).
  • LEM does require tweaking in order to get each data source configured. The event data comes into LEM easily, but the kind of data needs to be identified or custom classifications set up to organize the resulting alerts meaningfully.
  • LEM has not made a positive impact on ROI. Instead it has provide required information (compliance requirement) and useful data for ensuring security and other standards are maintained.
LEM is valuable for pulling from many sources and consolidating resulting events into reports and alerts. LEM is not well suited to users not used to working with and parsing raw information.

SolarWinds Security Event Manager (SEM) Feature Ratings

Centralized event and log data collection
9
Correlation
8
Event and log normalization/management
8
Deployment flexibility
7
Integration with Identity and Access Management Tools
6
Custom dashboards and workspaces
7
Host and network-based intrusion detection
7