No more typing reviews! Try our Samantha, our new voice AI agent.

Devo vs SolarWinds Security Event Manager comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Devo
Ranking in Security Information and Event Management (SIEM)
27th
Average Rating
8.4
Reviews Sentiment
6.5
Number of Reviews
26
Ranking in other categories
Log Management (27th), IT Operations Analytics (7th), AIOps (19th)
SolarWinds Security Event M...
Ranking in Security Information and Event Management (SIEM)
34th
Average Rating
7.8
Reviews Sentiment
5.7
Number of Reviews
27
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Security Information and Event Management (SIEM) category, the mindshare of Devo is 1.2%, up from 1.1% compared to the previous year. The mindshare of SolarWinds Security Event Manager is 1.0%, up from 0.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
Devo1.2%
SolarWinds Security Event Manager1.0%
Other97.8%
Security Information and Event Management (SIEM)
 

Featured Reviews

Usama Khan - PeerSpot reviewer
Team Lead Soc at a tech services company with 51-200 employees
Advanced threat hunting has improved SOC visibility and now supports faster incident response
Devo can improve in how its connectors enhance integration with third-party tools. Devo's architecture works by having you deploy a relay server in the data center of the client side and Devo SIEM is basically on the AWS cloud. There are specific ports which are enabled on the relay server, which are 514 and 13000, 13151, 152. However, when we talk about databases and custom integrations, there are not default ports in the relay server. No default ports are defined. For JDBC drivers, the port number is 1433, but it is not in the relay server. You have to add it manually. For Oracle RDBMS, the port is 1521, and it is also not there by default. I would appreciate more third-party integrations including Fortinet and others. Machine learning models can also be improved. Playbooks in the SOAR can also be improved. Regarding playbooks for automation, we utilize playbooks for automation in SOAR for automated IOC blocking on a firewall, on a web application firewall, on DNS security, etc. The only option for us to run the playbook is to schedule the job for it. However, if I want to manually run the playbook, there is no option for doing so. This needs improvement.
Yashokanth Partkunan - PeerSpot reviewer
Managed Services Engineer at Loop1 Systems
Has supported client needs efficiently but requires deeper analysis features and faster support
The log analyzing capability of SolarWinds Security Event Manager should go into more depth than the current environment. More modification and enhancements are required on the dashboard side in order to make it closer to optimal performance. From observation and feedback from users, they need more functionality related to monitoring, and in-depth analyzing needs to be improved.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Overall, I have no issues with it and my guys love it."
"One of the biggest features of the UI is that you see the actual code of what you're doing in the graphical user interface, in a little window on the side. Whatever you're doing, you see the code, what's happening. And you can really quickly switch between using the GUI and using the code. That's really useful."
"In traditional BI solutions, you need to wait a lot of time to have the ability to create visualizations with the data and to do searches. With this kind of platform, you have that information in real-time."
"Because of the way Devo works, our onboarding time has shrunk by 50 percent at least."
"The drill-down reports capabilities allow analysts to click on any element in a widget. When they see a spike in a line chart for a failed login, which could be a true or false attempt, they can click that spike, and a table widget on the same active board instantly populates with raw logs of data for those specific failed logins."
"One of the immediate improvements that come to mind is the amount of hot, searchable data, as in the SIEM we had before we were only able to search back 90 days of hot, searchable data, whereas here we have 400 days worth, which has definitely improved our threat hunting capabilities."
"Those 400 days of hot data mean that people can look for trends and at what happened in the past. And they can not only do so from a security point of view, but even for operational use cases. In the past, our operational norm was to keep live data for only 30 days. Our users were constantly asking us for at least 90 days, and we really couldn't even do that. That's one reason that having 400 days of live data is pretty huge. As our users start to use it and adopt this system, we expect people to be able to do those long-term analytics."
"Devo provides good value and, given the quality of the product, I would expect to pay more."
"We were suffering from a lack of visibility into our logs, so we implemented SolarWinds LEM."
"The most valuable feature of SolarWinds Security Event Manager is the analysis and the knowledge about the incidence that we trace."
"SolarWinds is one of the products that I use, amongst many others, to fit the needs of our customers which includes their budget, size, and industry."
"The pricing was low, around 30K so ROI is less than one year."
"The solution helps me to go back in time and search for different events. For example, if you wanted to know who activated an account; you could go back in time and find out."
"The reporting and alerting capabilities are really nice."
"SolarWinds' stability is fine. I don't think we've had any software issues."
"It has in-depth monitoring capabilities and an easy way for setting up dashboards. I can expand in various areas, or I can reduce areas. It supports different types of breakdowns, filters, and rules. It is very simple for an out-of-the-box type of product. It doesn't take a lot of time to figure it out, which is unlike some of the solutions that I have looked at. It meets all the aspects."
 

Cons

"Some basic reporting mechanisms have room for improvement."
"Some of the documentation could be improved a little bit. A lot of times it doesn't go as deep into some of the critical issues you might run into. They've been really good to shore us up with support, but some of the documentation could be a little bit better."
"The price is one problem with Devo."
"Some basic reporting mechanisms have room for improvement. Customers can do analysis by building Activeboards, Devo’s name for interactive dashboards. This capability is quite nice, but it is not a reporting engine. Devo does provide mechanisms to allow third-party tools to query data via their API, which is great. However, a lot of folks like or want a reporting engine, per se, and Devo simply doesn't have that. This may or may not be by design."
"The biggest area with room for improvement in Devo is the Security Operations module that just isn't there yet."
"There is room for improvement in the ability to parse different log types. I would go as far as to say the product is deficient in its ability to parse multiple, different log types, including logs from major vendors that are supported by competitors. Additionally, the time that it takes to turn around a supported parser for customers and common log source types, which are generally accepted standards in the industry, is not acceptable. This has impacted customer onboarding and customer relationships for us on multiple fronts."
"There's always room to reduce the learning curve over how to deal with events and machine data. They could make the machine data simpler."
"We only use the core functionality and one of the reasons for this is that their security operation center needs improvement."
"The company had to use a third party for the implementation of the solution."
"We'd like more customization capabilities."
"I imagine we will have to develop our own reports soon, this seems to be more cumbersome."
"There are no multiple dashboards which would allow you to see information side-by-side."
"One of the drawbacks of being so flexible is that it is also a fairly complicated software application to install, configure, and maintain."
"The flash-based interface can be improved because sometimes, the speed of monitoring is reduced."
"We used the support from SolarWinds Security Event Manager and they are knowledgeable but challenging to get in contact with them."
"Not very scalable in my opinion. That's why I'm investigating new SIEM replacement."
 

Pricing and Cost Advice

"[Devo was] in the ballpark with at least a couple of the other front-runners that we were looking at. Devo is a good value and, given the quality of the product, I would expect to pay more."
"The way Devo prices things is based on the amount of data, and I wish the tiers had more granularity. Maybe at this point they do, but when we first negotiated with them, there were only three or four tiers."
"I'm not involved in the financial aspect, but I think the licensing costs are similar to other solutions. If all the solutions have a similar cost, Devo provides more for the money."
"Devo was very cost-competitive... Devo did come with that 400 days of hot data, and that was not the case with other products."
"Pricing is based on the number of gigabytes of ingestion by volume, and it's on a 30-day average. If you go over one day, that's not a big deal as long as the average is what you expected it to be."
"Our licensing fees are billed annually and per terabyte."
"It's a per gigabyte cost for ingestion of data. For every gigabyte that you ingest, it's whatever you negotiated your price for. Compared to other contracts that we've had for cloud providers, it's significantly less."
"We have an OEM agreement with Devo. It is very similar to the standard licensing agreement because we are charged in the same way as any other customer, e.g., we use the backroom."
"It is in the appropriate mid-range. It is not as expensive as some of the other solutions. It is also not cheap."
"We do a yearly license renewal. For a year, the solution costs roughly $500,000 USD. There are no costs beyond this yearly fee."
"Licensing is on devices, so if you have many, then this may be high."
"The tool is available at a good price for customers compared to other solutions in the market. I rate the product's price as an eight out of ten."
"The price of SolarWinds Security Event Manager is reasonable."
"Licenses can only be purchased in blocks of fifty at a time."
"The pricing model would benefit from having package deals with other SolarWinds products."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
904,899 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
14%
Construction Company
10%
Outsourcing Company
9%
Manufacturing Company
9%
Financial Services Firm
14%
Construction Company
13%
Manufacturing Company
11%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business10
Midsize Enterprise5
Large Enterprise12
By reviewers
Company SizeCount
Small Business19
Midsize Enterprise3
Large Enterprise7
 

Questions from the Community

What is your experience regarding pricing and costs for Devo?
Pricing generally depends on the scale, data ingestion requirements, and integrations for what the enterprise monitoring needs. I have not been part of the procurement process, so I am not aware of...
What needs improvement with Devo?
I think some features could be added to Devo. The cost is a little higher compared to other tools such as DataDog or Elasticsearch, so they could work on reducing costs. Additionally, while the sup...
What is your primary use case for Devo?
My main use case for Devo is that it serves as a primary tool for centralized logging solutions, mainly for threat investigation and alert monitoring. It helps us with security and analytic analyti...
What is your experience regarding pricing and costs for SolarWinds Security Event Manager ?
The tool is available at a good price for customers compared to other solutions in the market. I rate the product's price as an eight out of ten.
What needs improvement with SolarWinds Security Event Manager ?
The log analyzing capability of SolarWinds Security Event Manager should go into more depth than the current environment. More modification and enhancements are required on the dashboard side in or...
What is your primary use case for SolarWinds Security Event Manager ?
I work with all SolarWinds products mostly, including Network Configuration Manager and NPM. I am a reseller. I usually recommend SolarWinds products for Loop1. It's for the bigger ones; we are the...
 

Also Known As

No data available
SolarWinds LEM, Solarwinds SIEM, TriGeo, Log and Event Manager
 

Overview

 

Sample Customers

United States Air Force, Rubrik, SentinelOne, Critical Start, NHL, Panda Security, Telefonica, CaixaBank, OpenText, IGT, OneMain Financial, SurveyMonkey, FanDuel, H&R Block, Ulta Beauty, Manulife, Moneylion, Chime Bank, Magna International, American Express Global Business Travel
NetSuite, EasyStreet, Legacy Texas Bank, and Energy Federal Credit Union, to name a few.
Find out what your peers are saying about Devo vs. SolarWinds Security Event Manager and other solutions. Updated: June 2026.
904,899 professionals have used our research since 2012.