SolarWinds Security Event Manager  Overview

SolarWinds Security Event Manager is the #9 ranked solution of our top Security Information and Event Management (SIEM) tools. It's rated 3.8 out of 5 stars, and is most commonly compared to Splunk: SolarWinds Security Event Manager vs Splunk

What is SolarWinds Security Event Manager ?

When TriGeo was acquired by SolarWinds, TriGeo SIM became known as SolarWinds Log & Event Manager. This product is a leading Security Information and Event Management (SIEM) product and log management solution, which provides log collection, analysis, and real-time correlation.

SolarWinds Security Event Manager is also known as SolarWinds LEM, Solarwinds SIEM, TriGeo, Log and Event Manager.

SolarWinds Security Event Manager Buyer's Guide

Download the SolarWinds Security Event Manager Buyer's Guide including reviews and more. Updated: April 2020

SolarWinds Security Event Manager Customers

NetSuite, EasyStreet, Legacy Texas Bank, and Energy Federal Credit Union, to name a few.

SolarWinds Security Event Manager Video

SolarWinds Security Event Manager Reviews

Filter by:
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
AchmadFredericks
Director, Technical Architect at Archer Information Technology
Real User
Top 10
Dec 29, 2019
Can be used across many platforms and has a user-friendly GUI

What is our primary use case?

Our installation is on-premises at the moment. We are a consultant group so we implement multiple solutions for different customers using a variety of different products. Some clients are in the Cloud, some on a WAN network and some are on-premises. SolarWinds LEM is one of the products we use for certain purposes and often recommend. I'm very technical. I work as a network and security technical architect. At the same time, I also own the company, so I'm the director. I still remain very technically involved with the solutions and the architecture for solutions, based on networks and… more »

Pros and Cons

  • The graphical user interface is very user-friendly. SolarWinds is a hybrid solution so you can use it across many platforms.
  • The reporting could be more robust. It can be a lot more granular and that will make it a lot more useful in comparison to how it is incorporated at the moment.

Cost and Licensing Advice

  • The pricing model would benefit from having package deals with other SolarWinds products.

What other advice do I have?

On a scale from one to ten where one is the worst and ten is the best, I would rate SolarWinds LEM as somewhere between eight and ten, so let's say nine. To make it a ten they would have to make improvements in pricing, reporting, and product integration. These facets of the solution are not so bad now but they can be improved. The advice I would give people considering network event management would be to go with the product that appeals to me the most. The advice that I would like to give would be to go with NPM (Network Performance Monitor) which is a different, more sophisticated…
reviewer1430268
ISO at a manufacturing company with 1,001-5,000 employees
Real User
Oct 11, 2020
Provides in-depth monitoring capabilities and an easy way to set up dashboards

What is our primary use case?

I basically use it to look at the logs that are coming in, analyze those logs, and get recommendations of where we have problems.

Pros and Cons

  • It has in-depth monitoring capabilities and an easy way for setting up dashboards. I can expand in various areas, or I can reduce areas. It supports different types of breakdowns, filters, and rules. It is very simple for an out-of-the-box type of product. It doesn't take a lot of time to figure it out, which is unlike some of the solutions that I have looked at. It meets all the aspects.
  • Under the new system, it is not upgradable the way they say. When you try to do an upgrade, it doesn't really work unless you dump everything and start from scratch. You lose a lot of your nodes. Whenever you set your nodes up and everything else, they don't want to bring those nodes back in, so you have to really go back and restructure all your nodes. I went from version 6.5 to version 6.6 and then to version 6.7. I then went to version 2019, and now it is version 2020. It would be good if we can upgrade without having to delete everything and start from scratch. They can maybe build more KPIs and other things for the dashboard. Some of the other systems already have built-in KPIs. SolarWinds is starting to catch up, but it is not there yet. They can include some of the business or industry standards for tracking the time, that is, the meantime to detect (MTTD) and the meantime to resolve (MTTR). They can also find a way to build a KPI that measures the number of instances of port scans experienced in a week or a month.

Cost and Licensing Advice

  • It is in the appropriate mid-range. It is not as expensive as some of the other solutions. It is also not cheap.

What other advice do I have?

I would recommend SolarWinds LEM. We plan to continue using it. We have already put in the Orion platform system and brought it into play. We are next looking at the server access management. That probably would be the next step to implement. I would rate SolarWinds LEM a ten out of ten.
Learn what your peers think about SolarWinds Security Event Manager . Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
447,718 professionals have used our research since 2012.
Kumar Mahadevan
IT Infrastructure Analyst at a government with 1,001-5,000 employees
Real User
Top 10
Sep 30, 2020
Easy to install and will tell you such things as Failing MS SQL Server backups (Full, Diff or Transactional) etc

What is our primary use case?

The primary use case is for privilege account monitoring. It's monitoring admin accounts for things such as who logged in, where they logged in from, what time they logged in, and from what devices they used Remote desktop, with the privileged accounts. It's a good tool to do troubleshooting, you can see extensive Info about Kerberos User Auth tickets or Windows Kerberos Machine Auth tickets, which can alert you to say , failing Kerberos Authentications due to incorrect NTP (Network time).

Pros and Cons

  • It's extremely easy to deploy.
  • It won't tell you when your backups are failing, but it will give you hints when your database is running on full recovery.

What other advice do I have?

n/a
reviewer975090
Consultant at a tech company with 51-200 employees
Reseller
Top 10
Feb 28, 2020
Assists greatly with analyzing log files from any IT related source

What is our primary use case?

Our primary use case is analyzing log files from any kind of source which is IT related. We use the product in our company on a daily basis and also integrate it for others. There are four people in our company using this software, and it's part of their daily routine to check everything. We are consultans and a reseller of the solution.

Pros and Cons

  • It's easy to build rules and actions based on the logs and event types we collect with the software.
  • There are no multiple dashboards which would allow you to see information side-by-side.

What other advice do I have?

I would advise people to make themselves familiar with the SolarWinds work community which has all the users' comments and where you can get the newest topics about everything connected to the software. It makes sense to peek around there. There is also SolarWinds SCM online training which is a big help when getting started with the software. The product fills all our requirements but there is always room for improvement and so I would rate this product a nine out of 10.
SolutionsEngnr67
Solutions Engineer at a tech services company with 11-50 employees
Real User
Sep 16, 2019
Provides good visibility for login events

What is our primary use case?

I use this solution to examine our logs and the logs of our customers We have experience with on-premises deployments.

Pros and Cons

  • The most valuable feature of this solution is the visibility into both attempted and failed logins.
  • I would like to be able to dig deeper into the visibility of events or incidents to determine whether they are malicious, such as by doing behavior analysis.

What other advice do I have?

My advice for anybody who is considering this solution is to really review their expectations. I know that some people who do not review their expectations are upset after the implementation because they feel that they are getting less than what they bargained for. People also have to consider the system resources, and what they will be on the physical box or on a VM. If the proper resources are not assigned then it will impact the solution. This is a good solution but there is no perfect system. I would rate this solution a nine out of ten.
Byron Anderson
Information Security Engineer at a cloud provider with 51-200 employees
Real User
Top 10
May 20, 2019
We’re most impressed by LEM’s ease of deployment, automated reporting, and easy interface navigation.
We’re an Infrastructure-as-a-Service provider and a few months ago, a health care customer with a private cloud and mandatory HIPAA regulatory requirements approached us. The customer had one employee spending over a half day per week manually reviewing log files. Needless to say, manually reviewing log files is boring and generally not a good use of human time. It’s also easy to miss important information about malicious behavior. They had to review a large number of logs every single day, and they basically didn’t have a good way to do that—they had an employee manually scrolling through each log file. When you start looking at log files you quickly realize that there is not a lot of good in sitting there manually combing through them, especially when you don’t know the…
Keith Galleros
Information Security Analyst at Detecon Al Saudia Co. Ltd.
Real User
Top 5Leaderboard
Jan 26, 2020
Good log collection and reporting, but it provides no security information and the licensing model needs to be changed

What is our primary use case?

We are using this solution for our internal log event monitoring, as well as for file integrity monitoring.

Pros and Cons

  • The most valuable feature is the reporting.
  • There is no correlation made between log entries, so no threat information is presented.

Cost and Licensing Advice

  • Licenses can only be purchased in blocks of fifty at a time.

What other advice do I have?

I am not expecting a future release of SolarWinds LEM because they have released another solution. They are continuing with a new security event and information management (SEIM) solution that is more suitable for large-scale enterprises. I would rate this solution a five out of ten.
Sameer Gangan
‎IT Consultant at a consultancy with 5,001-10,000 employees
Consultant
Aug 19, 2019
Good security monitoring features, but the user interface needs to be replaced

What is our primary use case?

We are using this solution for the purpose of security monitoring. It performs network behavior monitoring, log monitoring, and disaster recovery monitoring.

Pros and Cons

  • It performs network behavior monitoring, log monitoring, and disaster recovery monitoring.
  • Training for this solution needs to be improved, as new employees are sometimes unfamiliar with the product.

What other advice do I have?

This is one of the good products in this market. People are always looking for easy-to-use products, and don't want to invest time on learning new or complex things. This is a solution that I recommend, although there are a lot of products that are better. I would rate this solution a seven out of ten.
See 3 more SolarWinds Security Event Manager Reviews
Buyer's Guide
Download our free SolarWinds Security Event Manager Report and get advice and tips from experienced pros sharing their opinions.