SolarWinds Security Event Manager Review

Provides in-depth monitoring capabilities and an easy way to set up dashboards


What is our primary use case?

I basically use it to look at the logs that are coming in, analyze those logs, and get recommendations of where we have problems.

What is most valuable?

It has in-depth monitoring capabilities and an easy way for setting up dashboards. I can expand in various areas, or I can reduce areas. It supports different types of breakdowns, filters, and rules. 

It is very simple for an out-of-the-box type of product. It doesn't take a lot of time to figure it out, which is unlike some of the solutions that I have looked at. It meets all the aspects.

What needs improvement?

Under the new system, it is not upgradable the way they say. When you try to do an upgrade, it doesn't really work unless you dump everything and start from scratch. You lose a lot of your nodes. Whenever you set your nodes up and everything else, they don't want to bring those nodes back in, so you have to really go back and restructure all your nodes. I went from version 6.5 to version 6.6 and then to version 6.7. I then went to version 2019, and now it is version 2020. It would be good if we can upgrade without having to delete everything and start from scratch.

They can maybe build more KPIs and other things for the dashboard. Some of the other systems already have built-in KPIs. SolarWinds is starting to catch up, but it is not there yet. They can include some of the business or industry standards for tracking the time, that is, the meantime to detect (MTTD) and the meantime to resolve (MTTR). They can also find a way to build a KPI that measures the number of instances of port scans experienced in a week or a month.

For how long have I used the solution?

I have been using SolarWinds LEM for a year and a half.

What do I think about the stability of the solution?

It is stable.

What do I think about the scalability of the solution?

It is scalable. Altogether, we have about five actual users. I got myself as the administrator, and then there are a couple of people who do the monitoring. I have got 2,000 systems listed on it.

In terms of a team, I would say you need at least three people for what I am doing. I am using the key research logs and pulling data from these logs. For one person, it takes a lot of time to do what I am doing right now.

How are customer service and technical support?

I am very satisfied with their technical support.

Which solution did I use previously and why did I switch?

I had another system, but I wasn't happy with it and its service and support. We just let it go.

How was the initial setup?

The initial setup is straightforward. The actual initial installation is not a problem. The problems come when you do your upgrades with it.

It took about a week to set it up and get all little things going in the way I wanted to. To make sure that correct data logs are going in, I tweaked some of the rules and filters and the domain across the net with individual systems.

What about the implementation team?

We originally started out with the seller, but when we did the first upgrade, it didn't go the way it should. From that point, I set it up from scratch and did the upgrade. At that time, it was version 6.6.

What's my experience with pricing, setup cost, and licensing?

It is in the appropriate mid-range. It is not as expensive as some of the other solutions. It is also not cheap.

What other advice do I have?

I would recommend SolarWinds LEM. We plan to continue using it. We have already put in the Orion platform system and brought it into play. We are next looking at the server access management. That probably would be the next step to implement.

I would rate SolarWinds LEM a ten out of ten.

Which deployment model are you using for this solution?

On-premises
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More SolarWinds Security Event Manager reviews from users
...who work at a Financial Services Firm
...who compared it with IBM QRadar
Learn what your peers think about SolarWinds Security Event Manager . Get advice and tips from experienced pros sharing their opinions. Updated: July 2021.
523,230 professionals have used our research since 2012.
Add a Comment
ITCS user
Guest