Try our new research platform with insights from 80,000+ expert users
PeerSpot user
Communications and Networks Engineer at a transportation company with 1,001-5,000 employees
Real User
Download
A solution that offers easy operation and configuration with a straightforward setup
Pros and Cons
  • "We did previously use a different solution, but SolarWinds is much better. It's easy to interact with SolarWinds. It's easy to operate, easy to configure and is generally easier compared to what we were working with before."
  • "The solution's technical support is okay, but we don't have an SLA, and sometimes the response times are very slow."

What is our primary use case?

We primarily use the solution for monitoring the network.

What is most valuable?

The NTA & NPM are the most valuable features of the solution.

The solution is very user-friendly.

What needs improvement?

We're currently looking for an application monitoring solution and maybe a DHCP management module. It would be ideal if the solution could add these in its next release.

The solution should offer better support and better SLAs.

For how long have I used the solution?

I've been using the solution since 2005.
Buyer's Guide
SolarWinds Security Event Manager
January 2025
Free Report: SolarWinds Security Event Manager Reviews and More
Learn what your peers think about SolarWinds Security Event Manager. Get advice and tips from experienced pros sharing their opinions. Updated: January 2025.
DOWNLOAD NOW
832,138 professionals have used our research since 2012.

What do I think about the stability of the solution?

The solution is very stable.

What do I think about the scalability of the solution?

Scalability is fairly simple if you have the right licenses in place

How are customer service and support?

The solution's technical support is okay, but we don't have an SLA, and sometimes the response times are very slow.

Which solution did I use previously and why did I switch?

We did previously use a different solution, but SolarWinds is much better. It's easy to interact with SolarWinds. It's easy to operate, easy to configure and is generally easier compared to what we were working with before.

How was the initial setup?

The initial setup was straightforward. The deployment took about two weeks. You only need two people for both deployment and maintenance.

What about the implementation team?

We handled the implementation ourselves in house.

What was our ROI?

It gives the business visibility as to what is down so that the turnaround time for fixes is much less.

What's my experience with pricing, setup cost, and licensing?

We do a yearly license renewal.

What other advice do I have?

We are using the on-premises deployment solution.

It is a good solution to work with and it's very easy to use. I would only ensure that the organization that decides to implement the solution has the internal capability to manage it. If not, then I would ensure that direct support or an SLA is in place to help handle any issues or troubleshoot problems. 

I would rate the solution nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
PeerSpot user
Information Security Engineer at a cloud solution provider with 51-200 employees
Real User
We’re most impressed by LEM’s ease of deployment, automated reporting, and easy interface navigation.

We’re an Infrastructure-as-a-Service provider and a few months ago, a health care customer with a private cloud and mandatory HIPAA regulatory requirements approached us. The customer had one employee spending over a half day per week manually reviewing log files. Needless to say, manually reviewing log files is boring and generally not a good use of human time. It’s also easy to miss important information about malicious behavior.

They had to review a large number of logs every single day, and they basically didn’t have a good way to do that—they had an employee manually scrolling through each log file. When you start looking at log files you quickly realize that there is not a lot of good in sitting there manually combing through them, especially when you don’t know the sorts of things that you’re looking for. The client came to us and asked if we could find a better way for them to manager their log files.

We came up with a new offering for the customer to provide log management using SolarWinds Log & Event Manager. We had a very short timeline to respond on this for one. We’re a SolarWinds customer, in fact we’ve been one for quite some time. At one point we used the LEM product in the lab at our company, so I mentioned that to our customer and gave them an overview of LEM to see if it would meet their needs. They very quickly decided it was just what they were looking for.

We’re most impressed by LEM’s ease of deployment, automated reporting, and easy interface navigation. It makes digging through tons of log files very quick and easy to find what you need.

Since this initial client implementation, more of our customers have now approached us with compliance and SIEM needs. We now address two distinct markets for our offering in our private cloud customer base: customers needing SIEM for security analysis and automated response, and customers needing to comply with standards such as HIPAA and PCI. Just months after introducing the offering, we already have several customer deployments and several more in the pipeline.

Update 5/20/2019

While I am still a huge fan of SolarWinds and the LEM solution; I have significantly downgraded this from my original review.  I feel as though LEM has not kept up with the rest of the SIEM industry which has seen significant advancements in the last few years.  LEM lacks many of the features that you can now find in many next-gen SIEM solutions such as integrated threat intelligence, User Behavior Analytics and integration with SOAR technologies.  If you are looking for a robust log management solution and LEM supports the log source you are looking to ingest then this could be a good solution for you; however, if you are looking for a next-gen SIEM solution I would caution you on LEM and suggest you look at other solutions.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Flag as inappropriate
PeerSpot user
it_user631224 - PeerSpot reviewer
it_user631224Information Security Analyst at a non-profit with 1,001-5,000 employees
Real User
Report as inappropriate

We have LEM and its been left to rot really and a new manager came in and we have bought logrythm but not put it in yet. Since we have LEM i am now thinking of getting it working and trying to get the money back on the logrythm as it sounds like a bit of loving care and it would work for us

Like(0)Reply
See all 10 comments
Buyer's Guide
SolarWinds Security Event Manager
January 2025
Free Report: SolarWinds Security Event Manager Reviews and More
Learn what your peers think about SolarWinds Security Event Manager. Get advice and tips from experienced pros sharing their opinions. Updated: January 2025.
DOWNLOAD NOW
832,138 professionals have used our research since 2012.
it_user121770 - PeerSpot reviewer
Manager of Information Technology with 51-200 employees
Vendor
We selected SolarWinds for 24/7 monitoring, forensic trail of unauthorized activity and security at the endpoint.

We needed a solution that could monitor and respond to all of our network and user activity, down to each endpoint, while providing auditors with granular and customizable reports and ensuring forensic traceability in the event of a breach or policy violation.

We stumbled upon a couple of challenges known to other small to mid-sized enterprises:

  1. Outsourced log management was too expensive and incredibly risky. Our network data is too valuable to share with another company. Our members trust us to keep all sensitive data in house.
  2. Enterprise-grade SIEM solutions are priced for large companies and thus stretched well beyond our IT budget. Additionally, all that money didn’t buy real-time analysis and blocking capabilities, which were the most important proactive defense to stop emerging attacks. Enterprise tools watch, aggregate data, and report, but they don’t take action. We needed more advanced solutions to provide comprehensive network management capabilities in real time.

We selected SolarWinds LEM for four specific reasons:

  1. Right-sized for smaller budgets: The solution’s architecture and pricing are tailored to smaller companies. The appliance-based technology is plug-and-play, meaning that implementation takes hours, not weeks or months. And the cost starts at $20,000 – a fraction of competitors’ prices.
  2. 24/7 monitoring: SolarWinds LEM monitors all network activity – even when no one is watching – and stops policy violations and network and data breaches in real time, notifying network administrators of threats instantly via email, pager, and/or cell phone. I’ll even know if the cleaning crew or security guard is trying to log on after hours.
  3. Outing the insider: SolarWinds LEM provides a forensic trail of user activities. It identifies insider policy breaches instantly – including unauthorized USB flash drive insertions and downloads – and stops violators in their tracks while notifying network managers.
  4. Security at the end point: SolarWinds LEM’s solution controls policies from servers to endpoints, giving us the ability to shut down any system or user group across our seven branches in the event of threat detection. This granular control prevents fast-moving worms from spreading, quarantining at-risk systems before they can compromise member data.

With SolarWinds LEM, we’re exposing potential threats and preventing them from damaging our business. In one case, SolarWinds LEM instantly red-flagged multiple, simultaneous log-on failures. We examined the attempted user names, passwords, and incoming IP addresses, and quickly recognized that a bot was attempting to hack into our network. With the evidence provided by SolarWinds LEM, we contacted the hacker’s Internet service provider and shut them down.

SolarWinds LEM is a natural extension of our network. In reality, we consider the SolarWinds LEM appliance to be our fourth IT employee.

Disclosure: PeerSpot has made contact with the reviewer to validate that the person is a real user. The information in the posting is based upon a vendor-supplied case study, but the reviewer has confirmed the content's accuracy.
Flag as inappropriate
PeerSpot user
it_user104178 - PeerSpot reviewer
it_user104178Chief Marketing Officer with 201-500 employees
Vendor
Report as inappropriate

LEM is not open source, it is a commercial product licensed by nodes. There is a free trial you can download at solarwinds.com/lem

Like(0)Reply
See all 2 comments
CR
Scientist/Engineer-SG at NRSC
Real User
Download
Knowledgeable support, useful analysis, but slow support response
Pros and Cons
  • "The most valuable feature of SolarWinds Security Event Manager is the analysis and the knowledge about the incidence that we trace."
  • "We used the support from SolarWinds Security Event Manager and they are knowledgeable but challenging to get in contact with them."

What is our primary use case?

We are using SolarWinds Security Event Manager for event analysis.

What is most valuable?

The most valuable feature of SolarWinds Security Event Manager is the analysis and the knowledge about the incidence that we trace.

For how long have I used the solution?

I have been using SolarWinds Security Event Manager for approximately six years.

What do I think about the stability of the solution?

The performance and stability of SolarWinds Security Event Manager are good.

What do I think about the scalability of the solution?

The scalability of SolarWinds Security Event Manager is good. 

We have approximately 500 users using this solution in my organization.

How are customer service and support?

We used the support from SolarWinds Security Event Manager and they are knowledgeable but challenging to get in contact with them.

How was the initial setup?

The vendor did the setup of SolarWinds Security Event Manager.

What about the implementation team?

We used an integrator for the implementation of SolarWinds Security Event Manager.

What other advice do I have?

I would recommend SolarWinds Security Event Manager to others.

I rate SolarWinds Security Event Manager a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
reviewer1271415 - PeerSpot reviewer
Senior Technical Engineer at a tech vendor with 51-200 employees
Real User
Download
Easy to set up with high availability and good technical support
Pros and Cons
  • "It supports high availability, which is very helpful."
  • "We'd like more customization capabilities."

What is most valuable?

The initial setup is very straightforward and simple. 

It can scale quite well. 

The File Integrity Monitoring is great. In FIM, if you want to know who has changed a file, when that file was changed, et cetera, you have that visibility. You can make the reports from the console directly. That is out of the box. The report is there for you to use. The customization for the reports and alerts is also very easy. It helps maintain compliance and security. You also can easily analyze the logs as needed. 

This is a stable product.

It supports high availability, which is very helpful. 

It captures all of the requirements clients tend to need. It has everything. 

What needs improvement?

We'd like more customization capabilities. We need to post events on the end of the devices. Sometimes, the event does not respond. There seems to be a compatibility issue at play. For the customized UX, if you post events, there are compatibility problems. The OEM needs to work on that part.

For how long have I used the solution?

I've been using the solution for six years. 

What do I think about the stability of the solution?

The solution is stable and reliable. There are no bugs or glitches, and it doesn't crash or freeze. 

What do I think about the scalability of the solution?

Scaling is easy. You just have to add VMs. 

How are customer service and support?

The support is good. Previously, the support was not good. However, they've improved it over the last two years.

2020 there was an attack on SolarWinds software. They had trouble then. Now, it is stable and the support is very, very good. They have expanded their offices all over the world. I am located in India. They have a branch here so we can deal with local people.

How was the initial setup?

The installation is very easy. Even if you are non-technical, it's not an issue to get everything up and running. 

You only need maybe two people to monitor and manage it once it is deployed. However, if the environment is quite large, you may need more. 

What's my experience with pricing, setup cost, and licensing?

If a person prefers to pay for a subscription, the cloud deployment is the way to go. However, they can also choose to go on-premises and have a perpetual license. I can't speak to the exact costs, as I am on the technical side. 

Which other solutions did I evaluate?

We compared the solution to QRadar.

What other advice do I have?

We are partners. 

This can be deployed both on the cloud and on-premises. 

I'd rate the solution nine out of ten. 

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
PeerSpot user
reviewer1982652 - PeerSpot reviewer
Quality Control/ Clinical Research Associate at a pharma/biotech company with 501-1,000 employees
Real User
Download
Stable, scalable, but third part implementation required
Pros and Cons
  • "SolarWinds Security Event Manager has been generally working well."
  • "The company had to use a third party for the implementation of the solution."

What is our primary use case?

SolarWinds Security Event Manager is used for retrieving events and suspicious activities.

We are only studying the solution.

What is most valuable?

SolarWinds Security Event Manager has been generally working well.

For how long have I used the solution?

I have been using SolarWinds Security Event Manager for a couple of months.

What do I think about the stability of the solution?

SolarWinds Security Event Manager is stable.

What do I think about the scalability of the solution?

The scalability of SolarWinds Security Event Manager is good.

We might increase our usage of the solution in the future.

How are customer service and support?

I have contacted the support from SolarWinds Security Event Manager and they are good.

How was the initial setup?

The deployment of the solution took a couple of weeks.

What about the implementation team?

The company had to use a third party for the implementation of the solution.

What was our ROI?

I have seen an ROI by using this solution.

What's my experience with pricing, setup cost, and licensing?

The price of SolarWinds Security Event Manager is reasonable.

What other advice do I have?

We have more than one person who does the maintenance of the solution.

I rate SolarWinds Security Event Manager a seven out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
AJ
Systems administrator at a healthcare company with 201-500 employees
Real User
Download
Helps maintain logs of access and changes
Pros and Cons
  • "The most valuable feature is the ease of use for the end user."
  • "It can be difficult for users who are inexperienced with the solution."

What is our primary use case?

We have a hyper requirement to maintain logs of access and changes, so this solution logs everything.

What is most valuable?

The most valuable feature is the ease of use for the end user. 

What needs improvement?

It can be difficult for users who are inexperienced with the solution. 

For how long have I used the solution?

One to three years.

How is customer service and technical support?

It is managed by our tech support team that is in-house, so we do not need their tech support help. 

What other advice do I have?

My advice to users of this solution is to make sure that you know what it is you are looking for, and what it is you are trying to log. Otherwise, it will be difficult to manage.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
it_user1137249 - PeerSpot reviewer
Solutions Engineer at a tech services company with 11-50 employees
Real User
Download
Provides good visibility for login events
Pros and Cons
  • "The most valuable feature of this solution is the visibility into both attempted and failed logins."
  • "I would like to be able to dig deeper into the visibility of events or incidents to determine whether they are malicious, such as by doing behavior analysis."

What is our primary use case?

I use this solution to examine our logs and the logs of our customers

We have experience with on-premises deployments.

What is most valuable?

The most valuable feature of this solution is the visibility into both attempted and failed logins.

What needs improvement?

The query capability in this solution needs improvement. When you watch to fetch logs at specific times, sometimes there are issues.

The filtering engine needs to be improved to make it more accurate. When you are filtering, it comes with a lot of unwanted data.

I would like to be able to dig deeper into the visibility of events or incidents to determine whether they are malicious, such as by doing behavior analysis.

For how long have I used the solution?

I have been using this solution for six years.

What do I think about the stability of the solution?

This is a stable solution. I have seen issues, but they have been related to the platform, and not to the product itself. We use this solution on a daily basis.

What do I think about the scalability of the solution?

I don't think that this solution would do well for very large organizations. For smaller organizations, it should be good.

We have approximately three hundred users. The users are a mixture of programmers, system engineers, database administrators, and others in our IT company. 

When we were doing the scoping we left room to grow, I don't expect that we will be expanding our usage anytime soon.

Which solution did I use previously and why did I switch?

I have used IBM QRadar. It is a SIEM solution, but it can do what LEM can do.

How was the initial setup?

The initial setup of this solution is straightforward.

The length of deployment depends on how big the infrastructure is. Most of the deployments take less than a week, but some go beyond that. In my experience, it all depends on how many boxes you have and how many we are taking logs from. Some people will give you a whole list, while others will choose only specific things. You have to give people something that is unique to their environment.

One person is enough for the deployment.

What about the implementation team?

I take care of the implementation and deployment of this solution.

Which other solutions did I evaluate?

We did not evaluate other options before choosing this solution. Some of the customers have their preference and will ask for something else, so that is what we will do for them.

What other advice do I have?

My advice for anybody who is considering this solution is to really review their expectations. I know that some people who do not review their expectations are upset after the implementation because they feel that they are getting less than what they bargained for.

People also have to consider the system resources, and what they will be on the physical box or on a VM. If the proper resources are not assigned then it will impact the solution.

This is a good solution but there is no perfect system.

I would rate this solution a nine out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
Flag as inappropriate
PeerSpot user
Buyer's Guide
Download our free SolarWinds Security Event Manager Report and get advice and tips from experienced pros sharing their opinions.
Updated: January 2025
DOWNLOAD NOW
Buyer's Guide
Download our free SolarWinds Security Event Manager Report and get advice and tips from experienced pros sharing their opinions.
Buyer's Guide
SolarWinds Security Event Manager
January 2025
DOWNLOAD NOW
Quick Links
Learn More: Questions: