Microsoft Sentinel vs SolarWinds Security Event Manager comparison

Microsoft Sentinel vs. SolarWinds Security Event Manager

Download the complete report

Helped 868,759 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Microsoft Sentinel

Ranking in Security Information and Event Management (SIEM)

3rd

Average Rating

8.2

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

Security Orchestration Automation and Response (SOAR) (1st), Microsoft Security Suite (6th), AI-Powered Cybersecurity Platforms (5th)

SolarWinds Security Event M...

Ranking in Security Information and Event Management (SIEM)

24th

Average Rating

7.8

Reviews Sentiment

5.7

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of October 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Microsoft Sentinel is 6.2%, down from 8.0% compared to the previous year. The mindshare of SolarWinds Security Event Manager is 0.7%, up from 0.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM) Market Share Distribution
Product	Market Share (%)
Microsoft Sentinel	6.2%
SolarWinds Security Event Manager	0.7%
Other	93.1%

Security Information and Event Management (SIEM)

Featured Reviews

Ivan Angelov

Project Executive at synergyc

Threat detection and response capabilities enhance investigation processes

My security team has been using Microsoft Sentinel for around two years. We also have Bastion and SolarWinds as part of our monitoring tools. We use a three-way tool, alongside Microsoft Sentinel, in our environment The most valuable features for us include threat collection, threat detection,…

Read full review

Yashokanth Partkunan

Managed Services Engineer at Loop1 Systems

Has supported client needs efficiently but requires deeper analysis features and faster support

The log analyzing capability of SolarWinds Security Event Manager should go into more depth than the current environment. More modification and enhancements are required on the dashboard side in order to make it closer to optimal performance. From observation and feedback from users, they need more functionality related to monitoring, and in-depth analyzing needs to be improved.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."

"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."

"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."

"Custom workbooks are valuable. It is one of the crucial points in dealing with potential security threats in an automated way without requiring too much manpower."

"We didn't have anything similar. So, it really provides value from the incidents and automation point of view. The overview of the security fabric is most valuable."

"Free ingestion for Azure logs (with E5 licence)"

"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."

"Sentinel pricing is good"

More Microsoft Sentinel pros

"The solution helps me to go back in time and search for different events. For example, if you wanted to know who activated an account; you could go back in time and find out."

"We did previously use a different solution, but SolarWinds is much better. It's easy to interact with SolarWinds. It's easy to operate, easy to configure and is generally easier compared to what we were working with before."

"It's extremely easy to deploy."

"The out of the box reports and dashboard. It was easy to trim down these windows to something we could quickly use."

"User-friendly configuration is key, and the configurations are simple, not complex."

"The most valuable feature is the ease of use for the end user."

"The most valuable feature is the reporting."

"Some of the rules are most valuable because you can be notified about various things, such as spyware or things that are going on in the internal network."

More SolarWinds Security Event Manager pros

Cons

"We'd like to see more connectors."

"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."

"Add more out-of-the-box connectors with other SaaS platforms/applications."

"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."

"Microsoft Sentinel can be improved in terms of automation or connecting with security products so that it is easier to use for general IT admins."

"The solution could improve the playbooks."

"We are invoiced according to the amount of data generated within each log."

"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."

More Microsoft Sentinel cons

"The log analyzing capability of SolarWinds Security Event Manager should go into more depth than the current environment."

"The solution's technical support is okay, but we don't have an SLA, and sometimes the response times are very slow."

"There is no correlation made between log entries, so no threat information is presented."

"One of the drawbacks of being so flexible is that it is also a fairly complicated software application to install, configure, and maintain."

"The reporting could be more robust. It can be a lot more granular and that will make it a lot more useful in comparison to how it is incorporated at the moment."

"SolarWinds should improve its correlation capabilities. The correlation does not automatically detect and reduce the events fast enough. You have to manually do a correlation report, which means the tool is not scalable in many ways."

"I would like to be able to dig deeper into the visibility of events or incidents to determine whether they are malicious, such as by doing behavior analysis."

"Training for this solution needs to be improved, as new employees are sometimes unfamiliar with the product."

More SolarWinds Security Event Manager cons

Pricing and Cost Advice

"I don't know yet because they gave us a 30-day test window for free."

"It varies on a case-by-case basis. It is about $2,000 per month. The cost is very low in comparison to other SIEMs if you are already a Microsoft customer. If you are using the complete Microsoft stack, the cost reduces by almost 42% to 50%. Its cost depends on the number of logs and the type of subscription you have. You need to have an Azure subscription, and there are charges for log ingestion, and there are charges for the connectors."

"Sentinel is expensive relative to other products of the class, so it often isn't affordable for small-scale businesses. However, considering the solution has more extensive capabilities than others, the price is not so high. Pricing is based on GBs of ingested daily data, either by a pay-as-you-go or subscription model."

"Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."

"The solution is expensive and there is a daily usage fee."

"It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."

"The combination of the ease of accessibility and the free cost of the service is great. But we buy storage based on our events per second and on how many sources are integrated into the solution."

"Microsoft Sentinel is included in our E5 license."

More Microsoft Sentinel pricing and cost advice

"We do a yearly license renewal. For a year, the solution costs roughly $500,000 USD. There are no costs beyond this yearly fee."

"Licensing is on devices, so if you have many, then this may be high."

"The pricing model would benefit from having package deals with other SolarWinds products."

"The tool is available at a good price for customers compared to other solutions in the market. I rate the product's price as an eight out of ten."

"Licenses can only be purchased in blocks of fifty at a time."

"The price of SolarWinds Security Event Manager is reasonable."

"It is in the appropriate mid-range. It is not as expensive as some of the other solutions. It is also not cheap."

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

868,759 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

15%

Financial Services Firm

11%

Manufacturing Company

Government

University

14%

Financial Services Firm

13%

Computer Software Company

10%

Insurance Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	37
Midsize Enterprise	20
Large Enterprise	41

By reviewers
Company Size	Count
Small Business	19
Midsize Enterprise	3
Large Enterprise	7

Questions from the Community

Is there a common threat intelligence tool that aggregates multiple threat intelligence sources?

Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and its Threat Hunting functionality with AI available as templates or customized ...

What is a better choice, Splunk or Azure Sentinel?

It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...

Which is better - Azure Sentinel or AWS Security Hub?

We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...

What do you like most about SolarWinds Security Event Manager ?

The solution helps you monitor database instances, application instances, other customer application things, Linux servers, IBM servers, and Oracle servers.

What is your experience regarding pricing and costs for SolarWinds Security Event Manager ?

The tool is available at a good price for customers compared to other solutions in the market. I rate the product's price as an eight out of ten.

What needs improvement with SolarWinds Security Event Manager ?

I think the customization area in the tool can be considered as an area of concern where improvements are required In the future, I want to see the tool have better customization abilities with som...

AWS Security Hub vs Microsoft Sentinel

Comparisons

Compared 18% of the time

Cortex XSIAM vs Microsoft Sentinel

Compared 7% of the time

IBM Security QRadar vs Microsoft Sentinel

Compared 7% of the time

Wazuh vs Microsoft Sentinel

Compared 5% of the time

Google Chronicle Suite vs Microsoft Sentinel

Compared 4% of the time

More Microsoft Sentinel Competitors

Wazuh vs SolarWinds Security Event Manager

Compared 32% of the time

Splunk Enterprise Security vs SolarWinds Security Event Manager

Compared 21% of the time

IBM Security QRadar vs SolarWinds Security Event Manager

Compared 14% of the time

LogRhythm SIEM vs SolarWinds Security Event Manager

Compared 9% of the time

More SolarWinds Security Event Manager Competitors

Product Reports

Microsoft Sentinel

Download Microsoft Sentinel product report

SolarWinds Security Event Manager

Download SolarWinds Security Event Manager product report

SolarWinds Security Event Manager report

Also Known As

Azure Sentinel

SolarWinds LEM, Solarwinds SIEM, TriGeo, Log and Event Manager

Overview

Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

- Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

- Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

- Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

- Respond to incidents rapidly with built-in orchestration and automation of common tasks

To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

Microsoft

When TriGeo was acquired by SolarWinds, TriGeo SIM became known as SolarWinds Log & Event Manager. This product is a leading Security Information and Event Management (SIEM) product and log management solution, which provides log collection, analysis, and real-time correlation.

SolarWinds

Sample Customers

Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.

NetSuite, EasyStreet, Legacy Texas Bank, and Energy Federal Credit Union, to name a few.

Microsoft Sentinel vs. SolarWinds Security Event Manager