SolarWinds Security Event Manager Room for Improvement
JJ
reviewer1430268
ISO at a manufacturing company with 1,001-5,000 employees
Under the new system, it is not upgradable the way they say. When you try to do an upgrade, it doesn't really work unless you dump everything and start from scratch. You lose a lot of your nodes. Whenever you set your nodes up and everything else, they don't want to bring those nodes back in, so you have to really go back and restructure all your nodes. I went from version 6.5 to version 6.6 and then to version 6.7. I then went to version 2019, and now it is version 2020. It would be good if we can upgrade without having to delete everything and start from scratch.
They can maybe build more KPIs and other things for the dashboard. Some of the other systems already have built-in KPIs. SolarWinds is starting to catch up, but it is not there yet. They can include some of the business or industry standards for tracking the time, that is, the meantime to detect (MTTD) and the meantime to resolve (MTTR). They can also find a way to build a KPI that measures the number of instances of port scans experienced in a week or a month.
View full review »They need to do better with the Connectors. I had to battle with the IIS Web server Connector that comes built in with this product. No matter how I configured the IIS Web connector, I never saw SW pull in any IIS logs from my hosts , where Agent was installed.?
They have over 500 connectors, but in my experience only handful work. Also there's no PowerShell Logging connectors, if you want to pull in PowerShell Logging logs from your hosts into the SIEM.
View full review »SJ
reviewer1686546
Program Manager at a computer software company with 5,001-10,000 employees
SolarWinds should improve its correlation capabilities. The correlation does not automatically detect and reduce the events fast enough. You have to manually do a correlation report, which means the tool is not scalable in many ways. Another area that needs improvement is the integration of the IT framework. We are automating the framework using their tools. I think that automation will help.
Buyer's Guide
Security Information and Event Management (SIEM)
June 2022
Find out what your peers are saying about SolarWinds, Splunk, AT&T and others in Security Information and Event Management (SIEM). Updated: June 2022.
609,272 professionals have used our research since 2012.
It is a very technical program. They can simplify it so that it isn't so hard to deal with.
You can be notified of various things, but you have to configure them. That's the downside. You got to work with it and configure it.
View full review »Buyer's Guide
Security Information and Event Management (SIEM)
June 2022
Find out what your peers are saying about SolarWinds, Splunk, AT&T and others in Security Information and Event Management (SIEM). Updated: June 2022.
609,272 professionals have used our research since 2012.