SolarWinds Security Event Manager Reviews and Pricing

IT Manager at a computer software company with 51-200 employees

Sep 17, 2015

Its alerting feature enabled us to fix issues before logging a call with the helpdesk.

How has it helped my organization?

We were suffering from a lack of visibility into our logs, so we implemented SolarWinds LEM. After building a few rules and alerts, we were notified when events happened before our end users notified us. Many times we were able to fix an issue before a call to the helpdesk was made.

What is most valuable?

Alerting
Searching

What do I think about the stability of the solution?

The solution was a little slow when running some larger queries. After upgrading our SAN many of the problems disappeared.

How are customer service and support?

Tech support was always on top of things. I usually got a response within a couple hours of opening a ticket and once on the phone, they took time to answer my questions.

Buyer's Guide

SolarWinds Security Event Manager

September 2025

Free Report: SolarWinds Security Event Manager Reviews and More

Learn what your peers think about SolarWinds Security Event Manager. Get advice and tips from experienced pros sharing their opinions. Updated: September 2025.

DOWNLOAD NOW

868,787 professionals have used our research since 2012.

Which solution did I use previously and why did I switch?

We needed a product but didn’t have one. We found it when it was still Trigeo, and followed it to SolarWinds.

How was the initial setup?

The initial setup was very easy to start getting logs to the solution. It took some time to understand what data to get and what was important.

What about the implementation team?

We did the implementation. My advice, understand what you want in the system and after letting it collect some data, swing back and make sure you have everything setup that you need. Give it some time, and learn it to get the most use out of it.

What other advice do I have?

It’s a great product, but like other SIEM software solutions, you only get out what you put into it.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.

it_user121770

Manager of Information Technology with 51-200 employees

Jun 5, 2014

We selected SolarWinds for 24/7 monitoring, forensic trail of unauthorized activity and security at the endpoint.

We needed a solution that could monitor and respond to all of our network and user activity, down to each endpoint, while providing auditors with granular and customizable reports and ensuring forensic traceability in the event of a breach or policy violation.

We stumbled upon a couple of challenges known to other small to mid-sized enterprises:

Outsourced log management was too expensive and incredibly risky. Our network data is too valuable to share with another company. Our members trust us to keep all sensitive data in house.
Enterprise-grade SIEM solutions are priced for large companies and thus stretched well beyond our IT budget. Additionally, all that money didn’t buy real-time analysis and blocking capabilities, which were the most important proactive defense to stop emerging attacks. Enterprise tools watch, aggregate data, and report, but they don’t take action. We needed more advanced solutions to provide comprehensive network management capabilities in real time.

We selected SolarWinds LEM for four specific reasons:

Right-sized for smaller budgets: The solution’s architecture and pricing are tailored to smaller companies. The appliance-based technology is plug-and-play, meaning that implementation takes hours, not weeks or months. And the cost starts at $20,000 – a fraction of competitors’ prices.
24/7 monitoring: SolarWinds LEM monitors all network activity – even when no one is watching – and stops policy violations and network and data breaches in real time, notifying network administrators of threats instantly via email, pager, and/or cell phone. I’ll even know if the cleaning crew or security guard is trying to log on after hours.
Outing the insider: SolarWinds LEM provides a forensic trail of user activities. It identifies insider policy breaches instantly – including unauthorized USB flash drive insertions and downloads – and stops violators in their tracks while notifying network managers.
Security at the end point: SolarWinds LEM’s solution controls policies from servers to endpoints, giving us the ability to shut down any system or user group across our seven branches in the event of threat detection. This granular control prevents fast-moving worms from spreading, quarantining at-risk systems before they can compromise member data.

With SolarWinds LEM, we’re exposing potential threats and preventing them from damaging our business. In one case, SolarWinds LEM instantly red-flagged multiple, simultaneous log-on failures. We examined the attempted user names, passwords, and incoming IP addresses, and quickly recognized that a bot was attempting to hack into our network. With the evidence provided by SolarWinds LEM, we contacted the hacker’s Internet service provider and shut them down.

SolarWinds LEM is a natural extension of our network. In reality, we consider the SolarWinds LEM appliance to be our fourth IT employee.

Disclosure: PeerSpot has made contact with the reviewer to validate that the person is a real user. The information in the posting is based upon a vendor-supplied case study, but the reviewer has confirmed the content's accuracy.

it_user104178Chief Marketing Officer with 201-500 employees

Report as inappropriate

Mar 22, 2016

LEM is not open source, it is a commercial product licensed by nodes. There is a free trial you can download at solarwinds.com/lem

See all 2 comments

Buyer's Guide

SolarWinds Security Event Manager

September 2025

Free Report: SolarWinds Security Event Manager Reviews and More

Learn what your peers think about SolarWinds Security Event Manager. Get advice and tips from experienced pros sharing their opinions. Updated: September 2025.

DOWNLOAD NOW

868,787 professionals have used our research since 2012.

reviewer1271415

Senior Technical Engineer at a tech vendor with 51-200 employees

Oct 5, 2022

Download

Easy to set up with high availability and good technical support

Pros and Cons

"It supports high availability, which is very helpful."

"We'd like more customization capabilities."

What is most valuable?

The initial setup is very straightforward and simple.

It can scale quite well.

The File Integrity Monitoring is great. In FIM, if you want to know who has changed a file, when that file was changed, et cetera, you have that visibility. You can make the reports from the console directly. That is out of the box. The report is there for you to use. The customization for the reports and alerts is also very easy. It helps maintain compliance and security. You also can easily analyze the logs as needed.

This is a stable product.

It supports high availability, which is very helpful.

It captures all of the requirements clients tend to need. It has everything.

What needs improvement?

We'd like more customization capabilities. We need to post events on the end of the devices. Sometimes, the event does not respond. There seems to be a compatibility issue at play. For the customized UX, if you post events, there are compatibility problems. The OEM needs to work on that part.

For how long have I used the solution?

I've been using the solution for six years.

What do I think about the stability of the solution?

The solution is stable and reliable. There are no bugs or glitches, and it doesn't crash or freeze.

What do I think about the scalability of the solution?

Scaling is easy. You just have to add VMs.

How are customer service and support?

The support is good. Previously, the support was not good. However, they've improved it over the last two years.

2020 there was an attack on SolarWinds software. They had trouble then. Now, it is stable and the support is very, very good. They have expanded their offices all over the world. I am located in India. They have a branch here so we can deal with local people.

How was the initial setup?

The installation is very easy. Even if you are non-technical, it's not an issue to get everything up and running.

You only need maybe two people to monitor and manage it once it is deployed. However, if the environment is quite large, you may need more.

What's my experience with pricing, setup cost, and licensing?

If a person prefers to pay for a subscription, the cloud deployment is the way to go. However, they can also choose to go on-premises and have a perpetual license. I can't speak to the exact costs, as I am on the technical side.

Which other solutions did I evaluate?

We compared the solution to QRadar.

What other advice do I have?

We are partners.

This can be deployed both on the cloud and on-premises.

I'd rate the solution nine out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer. Partner