After using LEM for a few years, i can't recommend it. If your environment is very large or you are pulling a lot of logs. The threat detect doesn't work well either. I had everything setup up for a simple port scan and had reporting turned on. I couldn't get it to flag the…
