We’re most impressed by LEM’s ease of deployment, automated reporting, and easy interface navigation.
We’re an Infrastructure-as-a-Service provider and a few months ago, a health care customer with a private cloud and mandatory HIPAA regulatory requirements approached us. The customer had one employee spending over a half day per week manually reviewing log files. Needless to say, manually reviewing log files is boring and generally not a good use of human time. It’s also easy to miss important information about malicious behavior.
They had to review a large number of logs every single day, and they basically didn’t have a good way to do that—they had an employee manually scrolling through each log file. When you start looking at log files you quickly realize that there is not a lot of good in sitting there manually combing through them, especially when you don’t know the sorts of things that you’re looking for. The client came to us and asked if we could find a better way for them to manager their log files.
We came up with a new offering for the customer to provide log management using SolarWinds Log & Event Manager. We had a very short timeline to respond on this for one. We’re a SolarWinds customer, in fact we’ve been one for quite some time. At one point we used the LEM product in the lab at our company, so I mentioned that to our customer and gave them an overview of LEM to see if it would meet their needs. They very quickly decided it was just what they were looking for.
We’re most impressed by LEM’s ease of deployment, automated reporting, and easy interface navigation. It makes digging through tons of log files very quick and easy to find what you need.
Since this initial client implementation, more of our customers have now approached us with compliance and SIEM needs. We now address two distinct markets for our offering in our private cloud customer base: customers needing SIEM for security analysis and automated response, and customers needing to comply with standards such as HIPAA and PCI. Just months after introducing the offering, we already have several customer deployments and several more in the pipeline.
Update 5/20/2019
While I am still a huge fan of SolarWinds and the LEM solution; I have significantly downgraded this from my original review. I feel as though LEM has not kept up with the rest of the SIEM industry which has seen significant advancements in the last few years. LEM lacks many of the features that you can now find in many next-gen SIEM solutions such as integrated threat intelligence, User Behavior Analytics and integration with SOAR technologies. If you are looking for a robust log management solution and LEM supports the log source you are looking to ingest then this could be a good solution for you; however, if you are looking for a next-gen SIEM solution I would caution you on LEM and suggest you look at other solutions.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
SolarWinds Log and Event Manager offers the core SIEM capabilities supported by nearly every SIEM, and in addition, the product also supports enhanced file and registry integrity monitoring to generate additional security log entries for endpoints. No other advanced security capabilities are available from SolarWinds Log and Event Manager.
Reporting capabilities
Robust built-in reporting capabilities are offered by SolarWinds SIEM product, including over 300 reporting templates. These templates address the requirements of many security compliance initiatives, including the following:
Federal Information Security Management Act of 2014
Gramm-Leach-Bliley Act
Health Insurance Portability and Accountability Act
International Organization for Standardization/International Electrotechnical Commission 27001/27002, Information Security Management
North American Electric Reliability Corporation Critical Infrastructure Protection
Payment Card Industry Data Security Standard
Sarbanes-Oxley Act