SolarWinds Security Event Manager Reviews and Pricing

Jeffrey Robinette

System Engineer at a government with 51-200 employees

Oct 25, 2017

Download

Allows us to monitor access and pull cyber reports quickly. No more searching through logs on each server.

Pros and Cons

"The out of the box reports and dashboard. It was easy to trim down these windows to something we could quickly use."

"I imagine we will have to develop our own reports soon, this seems to be more cumbersome."

What is most valuable?

The out of the box reports and dashboard. It was easy to trim down these windows to something we could quickly use.

How has it helped my organization?

It allows us to monitor access and pull cyber reports quickly. No more searching through logs on each server. There was not much customization, which we had to do with Splunk.

What needs improvement?

I imagine we will have to develop our own reports soon, this seems to be more cumbersome.

For how long have I used the solution?

For five months now.

Buyer's Guide

SolarWinds Security Event Manager

October 2025

Free Report: SolarWinds Security Event Manager Reviews and More

Learn what your peers think about SolarWinds Security Event Manager. Get advice and tips from experienced pros sharing their opinions. Updated: October 2025.

DOWNLOAD NOW

872,837 professionals have used our research since 2012.

What was my experience with deployment of the solution?

Not really.

What do I think about the stability of the solution?

Not yet.

What do I think about the scalability of the solution?

Not yet.

How are customer service and support?

Customer Service:

Good. There can be lag times on responses.

Technical Support:

Eight on a scale of 10.

Which solution did I use previously and why did I switch?

Splunk. The pricing was too high and you need a PhD on customizing the reports.

How was the initial setup?

Setup was straightforward. We were able to use the default reports and window displays.

What about the implementation team?

We did it ourselves.

What was our ROI?

The pricing was low, around 30K so ROI is less than one year. Splunk was elevating into the 100K arena.

What's my experience with pricing, setup cost, and licensing?

Licensing is on devices, so if you have many, then this may be high. The storage can be an issue as well, we already had a SAN setup, but this is true for any SIEM.

Which other solutions did I evaluate?

Splunk and Oracle Audit Vault. We almost picked Oracle, because it pulls in the databases in a quick manner.

What other advice do I have?

Don't over think the situation. We went with the one which had a better user presentation because we have managers using it as well. Splunk is nicer if you have a bunch of technical people wanting to play with it.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.

Alireza GhahroodConsultant & Instructor -Cyber Security,GovernanceRIskCompliance (CISO as a Services) at Independent

Report as inappropriate

Jul 14, 2018

SolarWinds Log and Event Manager offers the core SIEM capabilities supported by nearly every SIEM, and in addition, the product also supports enhanced file and registry integrity monitoring to generate additional security log entries for endpoints. No other advanced security capabilities are available from SolarWinds Log and Event Manager.

Reporting capabilities
Robust built-in reporting capabilities are offered by SolarWinds SIEM product, including over 300 reporting templates. These templates address the requirements of many security compliance initiatives, including the following:

Federal Information Security Management Act of 2014
Gramm-Leach-Bliley Act
Health Insurance Portability and Accountability Act
International Organization for Standardization/International Electrotechnical Commission 27001/27002, Information Security Management
North American Electric Reliability Corporation Critical Infrastructure Protection
Payment Card Industry Data Security Standard
Sarbanes-Oxley Act

it_user313953

IT Manager at a computer software company with 51-200 employees

Sep 17, 2015

Download

Its alerting feature enabled us to fix issues before logging a call with the helpdesk.

How has it helped my organization?

We were suffering from a lack of visibility into our logs, so we implemented SolarWinds LEM. After building a few rules and alerts, we were notified when events happened before our end users notified us. Many times we were able to fix an issue before a call to the helpdesk was made.

What is most valuable?

Alerting
Searching

What do I think about the stability of the solution?

The solution was a little slow when running some larger queries. After upgrading our SAN many of the problems disappeared.

How are customer service and technical support?

Tech support was always on top of things. I usually got a response within a couple hours of opening a ticket and once on the phone, they took time to answer my questions.

Which solution did I use previously and why did I switch?

We needed a product but didn’t have one. We found it when it was still Trigeo, and followed it to SolarWinds.

How was the initial setup?

The initial setup was very easy to start getting logs to the solution. It took some time to understand what data to get and what was important.

What about the implementation team?

We did the implementation. My advice, understand what you want in the system and after letting it collect some data, swing back and make sure you have everything setup that you need. Give it some time, and learn it to get the most use out of it.

What other advice do I have?

It’s a great product, but like other SIEM software solutions, you only get out what you put into it.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.

Buyer's Guide

SolarWinds Security Event Manager

October 2025

Free Report: SolarWinds Security Event Manager Reviews and More

Learn what your peers think about SolarWinds Security Event Manager. Get advice and tips from experienced pros sharing their opinions. Updated: October 2025.

DOWNLOAD NOW

872,837 professionals have used our research since 2012.

it_user121770

Manager of Information Technology with 51-200 employees

Jun 5, 2014

We selected SolarWinds for 24/7 monitoring, forensic trail of unauthorized activity and security at the endpoint.

We needed a solution that could monitor and respond to all of our network and user activity, down to each endpoint, while providing auditors with granular and customizable reports and ensuring forensic traceability in the event of a breach or policy violation.

We stumbled upon a couple of challenges known to other small to mid-sized enterprises:

Outsourced log management was too expensive and incredibly risky. Our network data is too valuable to share with another company. Our members trust us to keep all sensitive data in house.
Enterprise-grade SIEM solutions are priced for large companies and thus stretched well beyond our IT budget. Additionally, all that money didn’t buy real-time analysis and blocking capabilities, which were the most important proactive defense to stop emerging attacks. Enterprise tools watch, aggregate data, and report, but they don’t take action. We needed more advanced solutions to provide comprehensive network management capabilities in real time.

We selected SolarWinds LEM for four specific reasons:

Right-sized for smaller budgets: The solution’s architecture and pricing are tailored to smaller companies. The appliance-based technology is plug-and-play, meaning that implementation takes hours, not weeks or months. And the cost starts at $20,000 – a fraction of competitors’ prices.
24/7 monitoring: SolarWinds LEM monitors all network activity – even when no one is watching – and stops policy violations and network and data breaches in real time, notifying network administrators of threats instantly via email, pager, and/or cell phone. I’ll even know if the cleaning crew or security guard is trying to log on after hours.
Outing the insider: SolarWinds LEM provides a forensic trail of user activities. It identifies insider policy breaches instantly – including unauthorized USB flash drive insertions and downloads – and stops violators in their tracks while notifying network managers.
Security at the end point: SolarWinds LEM’s solution controls policies from servers to endpoints, giving us the ability to shut down any system or user group across our seven branches in the event of threat detection. This granular control prevents fast-moving worms from spreading, quarantining at-risk systems before they can compromise member data.

With SolarWinds LEM, we’re exposing potential threats and preventing them from damaging our business. In one case, SolarWinds LEM instantly red-flagged multiple, simultaneous log-on failures. We examined the attempted user names, passwords, and incoming IP addresses, and quickly recognized that a bot was attempting to hack into our network. With the evidence provided by SolarWinds LEM, we contacted the hacker’s Internet service provider and shut them down.

SolarWinds LEM is a natural extension of our network. In reality, we consider the SolarWinds LEM appliance to be our fourth IT employee.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.