SolarWinds Security Event Manager  OverviewUNIXBusinessApplication

SolarWinds Security Event Manager is the #10 ranked solution in our list of top Security Information and Event Management (SIEM) tools. It is most often compared to Splunk: SolarWinds Security Event Manager vs Splunk

What is SolarWinds Security Event Manager ?

When TriGeo was acquired by SolarWinds, TriGeo SIM became known as SolarWinds Log & Event Manager. This product is a leading Security Information and Event Management (SIEM) product and log management solution, which provides log collection, analysis, and real-time correlation.

SolarWinds Security Event Manager is also known as SolarWinds LEM, Solarwinds SIEM, TriGeo, Log and Event Manager.

SolarWinds Security Event Manager Buyer's Guide

Download the SolarWinds Security Event Manager Buyer's Guide including reviews and more. Updated: August 2021

SolarWinds Security Event Manager Customers

NetSuite, EasyStreet, Legacy Texas Bank, and Energy Federal Credit Union, to name a few.

SolarWinds Security Event Manager Video

Pricing Advice

What users are saying about SolarWinds Security Event Manager pricing:
  • "The pricing model would benefit from having package deals with other SolarWinds products."
  • "It is in the appropriate mid-range. It is not as expensive as some of the other solutions. It is also not cheap."
  • "Licenses can only be purchased in blocks of fifty at a time."

Filter Reviews

Filter by:
Filter Reviews
Filter Unavailable
Company Size
Filter Unavailable
Job Level
Filter Unavailable
Filter Unavailable
Filter Unavailable
Order by:
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Showingreviews based on the current filters. Reset all filters
Director, Technical Architect at Archer Information Technology
Real User
Can be used across many platforms and has a user-friendly GUI

What is our primary use case?

Our installation is on-premises at the moment. We are a consultant group so we implement multiple solutions for different customers using a variety of different products. Some clients are in the Cloud, some on a WAN network and some are on-premises. SolarWinds LEM is one of the products we use for certain purposes and often recommend. I'm very technical. I work as a network and security technical architect. At the same time, I also own the company, so I'm the director. I still remain very technically involved with the solutions and the architecture for solutions, based on networks and… more »

Pros and Cons

  • "The graphical user interface is very user-friendly. SolarWinds is a hybrid solution so you can use it across many platforms."
  • "The reporting could be more robust. It can be a lot more granular and that will make it a lot more useful in comparison to how it is incorporated at the moment."

What other advice do I have?

On a scale from one to ten where one is the worst and ten is the best, I would rate SolarWinds LEM as somewhere between eight and ten, so let's say nine. To make it a ten they would have to make improvements in pricing, reporting, and product integration. These facets of the solution are not so bad now but they can be improved. The advice I would give people considering network event management would be to go with the product that appeals to me the most. The advice that I would like to give would be to go with NPM (Network Performance Monitor) which is a different, more sophisticated…
ISO at a manufacturing company with 1,001-5,000 employees
Real User
Top 20
Provides in-depth monitoring capabilities and an easy way to set up dashboards

What is our primary use case?

I basically use it to look at the logs that are coming in, analyze those logs, and get recommendations of where we have problems.

Pros and Cons

  • "It has in-depth monitoring capabilities and an easy way for setting up dashboards. I can expand in various areas, or I can reduce areas. It supports different types of breakdowns, filters, and rules. It is very simple for an out-of-the-box type of product. It doesn't take a lot of time to figure it out, which is unlike some of the solutions that I have looked at. It meets all the aspects."
  • "Under the new system, it is not upgradable the way they say. When you try to do an upgrade, it doesn't really work unless you dump everything and start from scratch. You lose a lot of your nodes. Whenever you set your nodes up and everything else, they don't want to bring those nodes back in, so you have to really go back and restructure all your nodes. I went from version 6.5 to version 6.6 and then to version 6.7. I then went to version 2019, and now it is version 2020. It would be good if we can upgrade without having to delete everything and start from scratch. They can maybe build more KPIs and other things for the dashboard. Some of the other systems already have built-in KPIs. SolarWinds is starting to catch up, but it is not there yet. They can include some of the business or industry standards for tracking the time, that is, the meantime to detect (MTTD) and the meantime to resolve (MTTR). They can also find a way to build a KPI that measures the number of instances of port scans experienced in a week or a month."

What other advice do I have?

I would recommend SolarWinds LEM. We plan to continue using it. We have already put in the Orion platform system and brought it into play. We are next looking at the server access management. That probably would be the next step to implement. I would rate SolarWinds LEM a ten out of ten.
Learn what your peers think about SolarWinds Security Event Manager . Get advice and tips from experienced pros sharing their opinions. Updated: August 2021.
535,544 professionals have used our research since 2012.
Kumar Mahadevan
IT Infrastructure Analyst at AG Group
Real User
Top 5Leaderboard
Easy to install and will tell you such things as Failing MS SQL Server backups (Full, Diff or Transactional) etc

What is our primary use case?

The primary use case is for privilege account monitoring. It's monitoring admin accounts for things such as who logged in, where they logged in from, what time they logged in, and from what devices they used Remote desktop, with the privileged accounts. It's a good tool to do troubleshooting, you can see extensive Info about Kerberos User Auth tickets or Windows Kerberos Machine Auth tickets, which can alert you to say , failing Kerberos Authentications due to incorrect NTP (Network time).

Pros and Cons

  • "It's extremely easy to deploy."
  • "It won't tell you when your backups are failing, but it will give you hints when your database is running on full recovery."

What other advice do I have?

Consultant at a tech company with 51-200 employees
Assists greatly with analyzing log files from any IT related source

What is our primary use case?

Our primary use case is analyzing log files from any kind of source which is IT related. We use the product in our company on a daily basis and also integrate it for others. There are four people in our company using this software, and it's part of their daily routine to check everything. We are consultans and a reseller of the solution.

Pros and Cons

  • "It's easy to build rules and actions based on the logs and event types we collect with the software."
  • "There are no multiple dashboards which would allow you to see information side-by-side."

What other advice do I have?

I would advise people to make themselves familiar with the SolarWinds work community which has all the users' comments and where you can get the newest topics about everything connected to the software. It makes sense to peek around there. There is also SolarWinds SCM online training which is a big help when getting started with the software. The product fills all our requirements but there is always room for improvement and so I would rate this product a nine out of 10.
Keith Galleros
Information Security Analyst at Detecon Al Saudia Co. Ltd.
Real User
Top 10Leaderboard
Good log collection and reporting, but it provides no security information and the licensing model needs to be changed

What is our primary use case?

We are using this solution for our internal log event monitoring, as well as for file integrity monitoring.

Pros and Cons

  • "The most valuable feature is the reporting."
  • "There is no correlation made between log entries, so no threat information is presented."

What other advice do I have?

I am not expecting a future release of SolarWinds LEM because they have released another solution. They are continuing with a new security event and information management (SEIM) solution that is more suitable for large-scale enterprises. I would rate this solution a five out of ten.
Senior Technical Engineer at a tech vendor with 51-200 employees
Real User
Top 10
Easy to use with good reporting and alerting functionality

What is our primary use case?

We work with and resell all of the SolarWinds products, and SolarWinds LEM is one of the solutions that I have experience with. This solution is used in conjunction with others to find the root cause of problems when a user is not able to access an application.

What is most valuable?

This tool is simple to use. The reporting and alerting capabilities are really nice. The Heat Map is a very good feature that is related to Wi-Fi and helps to monitor access points.

What needs improvement?

It takes a long time to perform a root cause analysis. I would like to have a more customizable dashboard.

For how long have I used the solution?

I have been working with SolarWinds LEM for four years.

What do I think about the stability of the solution?

Buyer's Guide
Download our free SolarWinds Security Event Manager Report and get advice and tips from experienced pros sharing their opinions.