SolarWinds LEM Review

Allows us to monitor access and pull cyber reports quickly. No more searching through logs on each server.


What is most valuable?

The out of the box reports and dashboard. It was easy to trim down these windows to something we could quickly use.

How has it helped my organization?

It allows us to monitor access and pull cyber reports quickly. No more searching through logs on each server. There was not much customization, which we had to do with Splunk.

What needs improvement?

I imagine we will have to develop our own reports soon, this seems to be more cumbersome.

For how long have I used the solution?

For five months now.

What was my experience with deployment of the solution?

Not really.

What do I think about the stability of the solution?

Not yet.

What do I think about the scalability of the solution?

Not yet.

How is customer service and technical support?

Customer Service:

Good. There can be lag times on responses.

Technical Support:

Eight on a scale of 10.

Which solutions did we use previously?

Splunk. The pricing was too high and you need a PhD on customizing the reports.

How was the initial setup?

Setup was straightforward. We were able to use the default reports and window displays.

What about the implementation team?

We did it ourselves.

What was our ROI?

The pricing was low, around 30K so ROI is less than one year. Splunk was elevating into the 100K arena.

What's my experience with pricing, setup cost, and licensing?

Licensing is on devices, so if you have many, then this may be high. The storage can be an issue as well, we already had a SAN setup, but this is true for any SIEM.

Which other solutions did I evaluate?

Splunk and Oracle Audit Vault. We almost picked Oracle, because it pulls in the databases in a quick manner.

What other advice do I have?

Don't over think the situation. We went with the one which had a better user presentation because we have managers using it as well. Splunk is nicer if you have a bunch of technical people wanting to play with it.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
1 visitor found this review helpful
1 Comment
Alireza GhahroodReal UserTOP 5LEADERBOARD

SolarWinds Log and Event Manager offers the core SIEM capabilities supported by nearly every SIEM, and in addition, the product also supports enhanced file and registry integrity monitoring to generate additional security log entries for endpoints. No other advanced security capabilities are available from SolarWinds Log and Event Manager.

Reporting capabilities
Robust built-in reporting capabilities are offered by SolarWinds SIEM product, including over 300 reporting templates. These templates address the requirements of many security compliance initiatives, including the following:

Federal Information Security Management Act of 2014
Gramm-Leach-Bliley Act
Health Insurance Portability and Accountability Act
International Organization for Standardization/International Electrotechnical Commission 27001/27002, Information Security Management
North American Electric Reliability Corporation Critical Infrastructure Protection
Payment Card Industry Data Security Standard
Sarbanes-Oxley Act

14 July 18
Guest
Sign Up with Email