Log & Event Manager Powerful SIEM for the Resource-Constrained Security Pro

Starts at $4495
  • Gain the power of SIEM without spending a fortune or hiring an army
  • Increase security visibility with 24x7 automated monitoring and real-time analysis
  • Obtain broader compliance support, stronger security intelligence, and a faster time-to-respond duration with embedded file integrity monitoring and active response
  • Tackle compliance, security, and insider threats with expert-developed, pre-packaged templates and automated log management
  • Perform rapid root cause analysis with built-in intelligence and strong visualization across networks, systems, applications, and security

Guided Tour

In less than 6 minutes, get a first-hand view of Log & Event Manager and the power it can bring to your security and compliance efforts.

Download Free Trial Fully Functional For 30 Days

What LEM users say about it...

  • The deployment was extremely simple, the user interface was nice and easy to use, and performance was great!

  • Amazingly easy to use. The guy that manages it loves it because it's very easy compared to the other tools.

Resource-Constrained Security Pros Can Find and Foil More Threats. Even Stop Audit Fails, with SolarWinds’ SIEM Software.

Over 3500 resource-constrained security pros rely on SolarWinds® Log & Event Manager for powerful, affordable, and efficient Security Information and Event Management (SIEM). Our All-In-One SIEM combines log management, event correlation, visualization, reporting, file integrity monitoring, USB defense, SQL database monitoring, and active response in a virtual appliance that’s easy to deploy, manage, and use. We’ve designed our SIEM specifically for smaller security departments—providing the feature set you need without the complexity and cost.

Top 3 Reasons to Use SolarWinds’ Event & Log Management Software

  • Gain a 24x7 Virtual Security Operations Center – starting at under US$ 5k

    View of log management and log monitoring with SolarWinds' LEM.

    Automate the monitoring process for resource-constrained security pros with SolarWinds’ log management software.

    Security pros can’t stop what they can’t see. But without the people to actively monitor security activity, visibility is limited. Log & Event Manager was specifically designed to address the monitoring needs of small security staffs. Log & Event Manager delivers increased security visibility and reduced time-to-respond duration without needing additional headcount.

    • Hundreds of supported data sources plus embedded file integrity monitoring delivers rich information for intelligent monitoring
    • Over 700 expert-developed rules churn through data in real-time to pinpoint potential security incidents
    • Active response can be configured to automatically quarantine, block, or temporarily disable suspicious activity
    • Intuitive dashboards for event and log analysis plus rapid search enable security pros to quickly assess incidents
    • Built-in intelligence across networks, applications, and security speeds up root cause analysis
    Learn More about Security Monitoring »
  • Implement and Streamline Risk-Based Compliance

    SolarWinds' SIEM security software view of out-of-the-box reporting capabilities.

    An effective monitoring program implemented with Log & Event Manager addresses compliance gaps, demonstrates risk management, and automates compliance reporting

    Compliance audits are quickly evolving from checklist-based to risk-based. To address this increased scrutiny, organizations must demonstrate a strong security focus while at the same time address time-consuming compliance reporting requirements. Log & Event Manager helps regulated organizations get the reporting automation they need while providing an all-in-one event and log monitoring, investigation, and incident-response system that supports risk-based monitoring.

    • Produce compliance reports in a few clicks with audit-proven templates for PCI DSS, HIPAA, FISMA, SOX, GPG13, NERC CIP, and more
    • Easily customize dashboards, rules, and actions to regulated and sensitive systems for effective demonstration of risk management
    • Embedded file integrity monitoring & SQL database monitoring fulfill compliance requirements and adds intelligence to the monitoring process
    • Active response and USB defender help avoid data breaches and regulatory scrutiny through stopping potential attacks in progress
    Learn More about Risk Based Compliance »
  • Lower the Cost of Security Operations while Improving Effectiveness

    View of affordable siem software with low cost pricing model.

    Whether you already have a SIEM that is consuming your budget and resources or you are drowning in manual, ineffective security processes, Log & Event Manager delivers solid ROI through affordability, automation, and improved security.

    It’s no secret that many SIEM implementations are considered money pits. High license costs, overall complexity, and the need for constant care and feeding have made many organizations who desperately need SIEM benefits give up on it as a solution. SolarWinds drastically reduces the costs of SIEM while providing greater value to resource-constrained security pros. By eliminating the development of large enterprise features that are seldom used and focusing on those that improve operations, Log & Event Manager is offered at a very affordable license, maintenance, and operational cost.

    • All-in-one simple licensing model starting at US$ 4,995—licensing is typically less than enterprise SIEM maintenance costs
    • Includes traditional SIEM capabilities plus embedded log management, file integrity monitoring, active response, policy-based USB blocking, and SQL database monitoring
    • Our focus on usability and deployment means no additional consulting, training, or headcount required

    LEM provides a Workstation Edition license with ALL the functionality of LEM, but at an even lower cost, so organizations can affordably extend log monitoring to Windows® workstations.

    Learn More about Affordable SIEM »
Download Free Trial Fully Functional For 30 Days

System Requirements - One Software Fits All

Virtual Environments

VMware® ESX/ESXi 4.0+

Hyper-V® Server 2008 R2/2012/2012 R2

Hard Drive

250 GB

Memory

8 GB

CPU

Dual processor, 3 GHz

NOTE: The minimum server requirements listed assume default configuration. Significantly increasing the poll rate or statistic collection rate could result in additional load on the server, which may require a larger CPU or additional memory.

Must-Have Features of SolarWinds’ SIEM Software

  • Easy Collection of Network Device, Machine and Cloud Logs

    View of log collection and event management capabilities.

    Collect and catalog log and event data, in real-time, from anywhere data is generated within your IT infrastructure with SolarWinds’ event and log management software.

    • Automatically collects, classifies, normalizes, and aggregates all log data
    • Delivers real-time intelligence from network devices, security appliances, application servers, databases, virtual machines, cloud, and more
    • Integrates with other SolarWinds products, including Network Performance Monitor (NPM), Server & Application Monitor (SAM), and Alert Central

    SolarWinds Log & Event Manager (LEM) provides easy, automated, and powerful event log management with real-time intelligence from anywhere data is generated within the IT infrastructure to help streamline IT operations, strengthen security, and ensure compliance.

    LEM integrates with best-of-breed products in every major category and provides support for dozens of manufacturers, hundreds of products, and thousands of models, with more being added each week.

    Plus, LEM integrates with other SolarWinds products to provide even more flexibility and in-depth visibility to simplify IT management and fortify network security, including Network Performance Monitor (NPM) and Server & Application Monitor (SAM) to send/receive traps, as well as Alert Central for incident handling.

    Learn More about Event and Log Management »
  • In-Memory Event Correlation for Real-Time Threat Detection

    Screenshot of event log correlation by processing log data.

    Access to true real-time log and event correlation by processing log data before it is written to the database, enabling you to immediately respond to security threats and vital network issues with SolarWinds’ event correlation feature.

    • Instantly detect security, operational, and compliance issues, including external breaches, insider abuse, policy violations, application availability, performance problems, and more
    • Get alerted in real time and contain threats at network speed
    • Leverage over 700 built-in event correlation rules for out-of-the-box visibility and intelligence
    • Gain immediate insight into network anomalies and suspicious patterns in your environment
    • Detect and stop zero-day, multi-vector and blended threats

    Event correlation is key to an effective SIEM solution. But, not all correlation engines are built equally. With SolarWinds Log & Event Manager (LEM), you get true, real-time in-memory event correlation to instantly detect and mitigate threats. LEM is a log analysis tool which provides immediate incident awareness and actionable intelligence so you can respond to vital issues at network speed.

    LEM’s real-time analysis means you’re able to instantly take action to contain a threat or thwart an attack. Moreover, LEM provides automated, active responses for hands-free threat mitigation, so you can safeguard your network 24x7.

    LEM enables you to effectively troubleshoot both security and operational issues—be it a data breach or a network performance problem—by understanding the relationship between different activities using multiple event correlations. For instance, an unauthorized application gets installed then a significant increase in FTP traffic is seen going in and out of that system.

    LEM also has the unique ability to set independent thresholds for activity per event, or group of events. By combining LEM’s powerful correlation and thresholding abilities, you get security intelligence you can count on and reduce false positives.

    And, with over 700 built-in event correlation rules and easy-to-understand categorization, SolarWinds Log & Event Manager delivers visibility and control right out of the box. LEM’s library of configurable pre-built rules, along with the ability to create advanced rules with drag-and-drop simplicity, means you can say goodbye to writing complex scripts to correlate events—eliminating hours of work for you.

    Learn More about Event Correlation & Threat Detection »
  • Flexible Deployment Options for Scalable Log Collection and Analysis

    View of log analysis and log collection features.

    Flexible deployment methods to efficiently and affordably scale across multiple sites and geographies with SolarWinds’ log analyzer and log collection features.

    SolarWinds Log & Event Manager (LEM) includes flexible deployment methods to help address different scaling needs, such as:

    • Environments with both multiple autonomous datacenters and a need for high-level visibility
    • Companies with many geographically distributed remote sites
    • Organizations with longer-term storage and archiving requirements

    Log & Event Manager simplifies log management and log analysis by enabling you to scale across multiple datacenters to collect and centralize all your log data by simply deploying multiple LEM virtual appliances. You can then manage and monitor them all from one console.

    Plus, LEM’s virtual appliance deployment means sites with higher event volumes and complex deployment needs can take advantage of distributing virtual processing.

    Learn More about Log Analysis & Log Collection »
  • Out-of-the-Box Reporting for Security, Compliance, and Operations

    SolarWinds' SIEM security software view of out-of-the-box reporting capabilities.

    Simplify security, compliance, and operations reporting with hundreds of built-in reports and audit-proven templates that can be easily customized for your organization’s specific needs with SolarWinds’ SIEM security software.

    • Out-of-the-box security, compliance, and operations reporting
    • Over 300 "audit-proven" report templates for regulatory compliance including: PCI DSS, HIPAA, FISMA, DISA STIG, GLBA, SOX, NERC CIP, and many more
    • Customize reports to meet the specific requirements of your organization or industry
    • Schedule the creation and delivery of reports or run on-demand; automatically export to different formats
    • Add commonly used reports to your Favorites for repeated use

    SolarWinds Log & Event Manager (LEM) streamlines security, compliance, and operations reporting by providing an intuitive reporting console with hundreds of built-in templates and the ability to easily customize reports based on your organization’s specific needs.

    Reports can be created with different levels of data and graphics, including master reports, detailed reports, and top-level reports. Plus, you can schedule report generation and delivery, or run on-demand. You can also export reports to multiple formats, including Text, PDF, CSV, DOC, and HTML. Moreover, you can add commonly used reports to a Favorites list for fast and easy repeated use.

    And, LEM makes compliance reporting a snap with pre-packaged, audit-proven templates for a wide range of industries, including PCI DSS, HIPAA, SOX, FISMA, DISA STIG, NERC CIP, GLBA, NCUA, GPG 13 and many more.

    With SolarWinds LEM, you get quick and easy reporting—for all your needs—right out of the box!

    Learn More about Security Reporting & Compliance »
  • All-in-One Virtual Appliance for Quick and Simple Deployment

    View of easy to deploy SIEM software solution.

    Deployments are quick and simple with SolarWinds’ SIEM software. Our Event & Log Management software has an all-in-one virtual appliance, built-in rules and reports, easy-to-use web-based console, intuitive drag-and-drop interface, and point-and-click, drill-down simplicity, so you can be analyzing logs and uncovering threats in no time.

    • Easy and rapid deployment model with a virtual appliance on VMware® or Hyper-V®
    • Do-it-yourself deployment without the aid of consultants
    • No prerequisite of specific operating system or database as everything is packaged into LEM virtual appliance

    SolarWinds LEM is an all-in-one SIEM virtual appliance and log management software that provides quick and easy, do-it-yourself deployment via an affordable, all-in-one virtual appliance and does not require additional dedicated staff to manage.

    Packaged as a virtual appliance, LEM seamlessly integrates with your existing infrastructure to provide total deployment flexibility. Relying on virtual infrastructure allows customers to scale in multiple ways without additional hardware overhead or physical deployment complexity.

    And, LEM’s out-of-the-box functionality empowers you to start immediately detecting and remediating security threats and network problems.

    Learn More about Simple SIEM Deployment »
  • Cutting-Edge IT Search for Fast and Easy Forensic Analysis

    View of log management and log monitoring with SolarWinds' LEM.

    SolarWinds’ event and log management software’s advanced ad-hoc IT search capabilities, drag-and-drop interface, and intuitive visualization options make it easy to view and explore current and historical log data in a way that makes sense.

    • Quickly conduct forensic analysis to figure out what happened before, during, and after an event to isolate fault and determine root cause
    • Explore and analyze data intuitively with visual search tools, including word clouds, histograms, tree maps, and charts to easily spot anomalies and trends
    • Leverage basic keyword searches and partial information to surface events, and then drill-down with the click-of-a-button for more detailed data
    • Build complex searches fast with a simple drag-and-drop interface, as well as save and reuse custom searches
    • Run scheduled searches with the ability to automatically export and email results upon completion

    SolarWinds® Log & Event Manager (LEM) gives you advanced IT search functionality that enables you to easily analyze events and view log data in a way that makes sense for truly fast and effective event forensics, troubleshooting, root cause analysis, and overall log management.

    LEM approaches IT search and event forensics in an intuitive, interactive, and user-friendly way with our nDepth search tool—a powerful search engine that allows you to search either normalized event data or the original log messages if you have specific data analysis needs.

    You can explore data visually and as an event list. Moreover, you can refine searches with point-and-click simplicity and drill down into data to pinpoint issues fast. Plus, you can schedule searches to run on a recurring basis, with the ability to automatically export and email results upon completion.

    LEM includes multiple data visualization tools for easy-to-understand event analysis, including word clouds, tree maps, charts, and histograms. Each graphical tool provides an alternative view of the same data so you can examine your data from several perspectives.

    With LEM, the logic is built-in so you don't need to know SQL expressions or programming. You can quickly build searches with a simple drag-and-drop interface—even for complex search criteria. Additionally, you can leverage basic keyword searches so partial information can turn into an intelligent search. And, you can save your searches for future reference.

    With SolarWinds Log & Event Manager, you get cutting-edge IT search capabilities that go well beyond ineffective search bars, so you can find the information you’re looking for with just a few clicks of the mouse!

    Learn More about Event Log Forensics »
  • Built-In Active Responses for Automated Remediation

    Screenshot of active responses for operational security and compliance issues.

    Log & Event Manager enables you to immediately respond to security, operational, and policy-driven events using built-in, configurable Active Responses to take automatic actions, such as quarantining infected machines, blocking IP addresses, disabling user accounts, and more.

    With a library of built-in and configurable Active Responses, SolarWinds Log & Event Manager (LEM) executes the automated responses you need to mitigate threats and respond to operational issues immediately—even while you sleep!

    Built-in responses include:

    • Block an IP address
    • Detach USB devices
    • Kill processes by ID or name
    • Start or stop Windows services
    • Log users off
    • Enable or disable domain and local user accounts, or Windows® machine accounts
    • Add or remove users from groups
    • Create, disable, or delete user accounts and user groups
    • Remove user-defined group elements
    • Reset user account passwords
    • Restart or shutdown machines
    • Append text to a file
    • Send incident alerts, emails, or popup messages

    LEM’s Active Response capabilities provide immediate assurances that each policy-driven event violation, such as unauthorized access, unexpected configuration changes, application performance degradation, unusual traffic spikes, and any other anomalous behavior patterns get immediate corrective attention.

    Learn More about Active Response »
  • USB Defender Technology for Internal Data Loss Protection

    View of SolarWinds' event and log management software's USB defender technology for internal data loss.

    Log & Event Manager helps eliminate endpoint data loss and protect sensitive data with real-time notification of USB devices, coupled with the ability to monitor what files are accessed on the device, as well as the ability to automatically block their usage.

    • Protect sensitive data with real-time notification when USB devices are detected
    • Automatically or manually eject USB devices
    • Create whitelists of authorized USB devices
    • Monitor what files or processes are accessed on the drive
    • Leverage built-in reporting to audit USB usage over time

    SolarWinds Log & Event Manager (LEM) includes built-in USB Defender technology that provides real-time notification when USB drives are detected.

    You can monitor the usage of any USB drive connection, including mass storage, smartphones, cameras, and wireless networking devices. You can also create whitelists and granular rules regarding what USB devices are authorized or which users are allowed to use them. Moreover, LEM has the intelligence to know the difference between USB keyboard/mouse vs. USB mass storage devices.

    LEM lets you see what files or processes are accessed on USB devices. This information can be further correlated with network logs to identify potential malicious attacks coming from a USB device. You can then detach the drive right from the LEM console or configure automated actions to block the usage, including the ability to disable user accounts, quarantine workstations, and automatically eject USB devices. You can even configure LEM to detach a UDB device when systems are offline. Plus, LEM provides built-in reporting to audit USB usage over time.

    With LEM’s USB defense, you can be confident your sensitive data doesn’t walk out the door.

    Learn More about Data Loss Protection »
  • Embedded File Integrity Monitoring for Smarter Threat Detection and Broader Compliance Support

    View of Log & Event Manager's File Integrity Monitoring feature.

    SolarWinds’ SIEM software has real-time File Integrity Monitoring (FIM) for Windows® at no extra cost, allowing you to address more compliance requirements and gain deeper security visibility.

    • Provides intelligence that you can’t get from logs to detect zero-day malware, insider abuse, and stealthy attacks
    • Addresses key requirements of regulations including PCI DSS, HIPAA, SOX, and more at no extra cost
    • Deep integration with SIEM provides a complete view of all user activity across files, applications, systems, and networks

    Advanced threat techniques and increased regulatory scrutiny demands make attacks harder to detect and audits harder to pass. Logs alone don’t provide the intelligence required to detect today’s advanced threats. Log & Event Manager includes File Integrity Monitoring (FIM) to deliver granular information about file and system access that you can’t get from logs. We’ve integrated FIM into our all-in-one investigation, and incident-response system to not only more accurately detect and investigate sophisticated and insider threats, but also stop them in their tracks with active response.

    Learn More about File Integrity Monitoring »
  • High Compression and Encryption for Secure Log Archival and Efficient Log Management

    View of efficent log management with high compression and ecryption.

    Log & Event Manager securely stores terabytes of log data at a high compression rate and enables immediate access to historical data for easy analysis, searching, and compliance reporting, while reducing external storage requirements.

    • Securely store logs with a high performance, high compression data model that stores data at up to a 60:1 ratio
    • Satisfy your retention requirements and avoid buying costly additional storage hardware
    • Enable differential archiving on a regular or automatic basis rather than full archive every time
    • Automatic encryption and signatures of data stores and archived data
    • Easily search, analyze, and report on historical data for compliance reporting and auditing

    SolarWinds Log & Event Manager (LEM) uses a high performance, high compression data model for log storage, storing data at up to a 60:1 ratio. That means you can store the massive amounts of log data required for regulatory compliance while reducing the need for external storage and the costs associated with that storage.

    LEM’s highly efficient storage capabilities mean you have an easily accessible, living archive for immediate access to historical information. This makes searching, analyzing, and reporting for compliance and auditing a breeze.

    Plus, SolarWinds LEM is an efficient log management software that keeps your log data secure with automatic encryption and signatures of data stores and archived data.

    Learn More about Efficient Log Management »
  • Low Cost, Node-Based Pricing Model for Budgets of All Sizes

    View of affordable siem software with low cost pricing model.

    Log & Event Manager collects and catalogs log and event data, in real-time, from anywhere data is generated within your IT infrastructure.

    • Cost-effectively deploy log analysis across your entire IT infrastructure—from network perimeter to endpoint
    • Extend log management to workstations to protect against endpoint vulnerabilities and risky user behavior
    • Deploy LEM Workstation Edition for even lower cost log management on Windows® workstations
    • Automatically recover unused agent licenses to streamline LEM usage on workstations and virtual desktops

    With SolarWinds® Log & Event Manager (LEM), you get affordable node-based pricing, so you can cost-effectively monitor all of your nodes, regardless of the number of log sources on each node, allowing you to stay within a planned budget as you deploy and expand your IT infrastructure.

    Moreover, LEM provides a Workstation Edition license with ALL the functionality of LEM, but at an even lower cost, so organizations can affordably extend log monitoring to Windows® workstations. Why is this important?

    Internal threats and security risks introduced by employees pose a very real problem, which is why workstations are considered one of the more vulnerable entities on your network. These endpoint vulnerabilities must be addressed to ensure the integrity and safety of your sensitive corporate and customer data.

    With LEM, you can go beyond just monitoring network devices and server applications; you can easily monitor key workstation activities, such as user logons, system changes, installation of prohibited applications, unauthorized use of USB drives, and more. Very importantly, you can leverage LEM’s built-in Active Responses to automatically combat workstation security and threats in real-time—no human intervention required.

    SolarWinds LEM also provides the ability to automatically recover unused agent licenses, which is especially helpful in virtual desktop (VDI) environments.

    Learn More about Affordable SIEM Software »
Download Free Trial Fully Functional For 30 Days

Demos

  • Interactive Demo: SolarWinds Log & Event Manager

    Get immediate access to the SolarWinds Log & Event Manager interactive demo. This demo allows you to explore the rich feature set of LEM without registration being required. Start exploring now!

  • Live Monthly Topic Demos: SolarWinds Log & Event Manager

    A SolarWinds Sales Engineer will present a 30 minute demo of Log & Event Manager, covering a specific topic each month while exploring different parts of the product. Sign up for the next live demo or for the topic most relevant to you now!

Datasheets

Videos

  • Actively Defending Your Network with SolarWinds Log & Event Manager Custom Rules

    Let your rules do it for you, using SolarWinds Log & Event Manager. Rules within the Solarwinds LEM can automatically respond to events on your network 24/7, just as if you were there all the time. Notify yourself and others of security related events via email, log off misbehaving users, or disable networking to stop a virus from spreading– all without any direct intervention on your part.

  • Adding Nodes, Devices and Systems with Log & Event Manager

    Integrate network devices and systems for analysis with Log & Event Manager.

  • Network Troubleshooting in SolarWinds Lab: Virus in a Haystack

    Join Head Geeks Patrick Hubbard and Lawrence Garvin for Virus in a Haystack and learn all about the hospital (network) virus that couldn't be diagnosed. We'll look at a very puzzling circumstance where a firewall continued to reboot at ever decreasing intervals. The IT department would reboot it, but over time, it would grind to a halt. It looked like a bad box, but then it looked like a virus. The anti-virus said all was well... so what was it? Learn how their current monitoring setup missed the real problem and how your monitoring tools can be optimized to avoid the same sort of puzzling issue.

  • SolarWinds Security Software - Log & Event Manager

    Watch this short video covering SolarWinds Log & Event Manager's key security features. You will learn quickly how LEM can help you keep your network secure. You will also see the product in action.

Webcasts

  • Deploying and Managing SolarWinds Log & Event Manager

    With our release of LEM 5.3, installing and deploying have become more intuitive. Josh Stephens and Rob Johnson will show you how it’s done! They’ll also discuss and demonstrate some excellent use-case scenarios for User-Defined Groups, Widgets, Filters and nDepth Queries.

    *Registration Required

  • Geek Speak: Back to Basics on Compliance Management

    Nowadays, just about everyone is worried about compliance. Whether your organization falls under some industry or government compliance standards or you’re maintaining and auditing your own private standards, compliance affects us all.

    *Registration Required

  • SANS Product Review: Champagne SIEM on a Beer Budget

    Watch Jerry Shenk, Senior SANS Analyst, review SolarWinds SIEM virtual appliance – “Log & Event Manager”. In this product review Jerry and SolarWinds Sales Engineer, Rob Johnson, walk through the installation, configuration, SIEM operations, and reporting. Learn how this powerful, yet affordable SIEM from SolarWinds could fit the bill for resource constrained IT teams.

    *Registration Required

Case Studies

  • Energy Federal Credit Union

    EFCU was using passive log capture technology to track traffic entering and exiting its network by manually examining firewall activity logs.

  • Legacy Texas Bank Case Study

    Legacy Texas Bank is a full-service community bank serving businesses and families throughout North Texas with 19 branches, 350 employees and over $1.6 billion in assets. Network and information security is absolutely vital, as is compliance with FFIEC and FDIC regulations.

Whitepapers

  • Estimating Log Generation for Security Information Event and Log Management

    As more solutions enter the marketplace claiming to collect, analyze and correlate log data, it is becoming increasingly necessary to have the ability to estimate log generation for one’s environment. This is required for two primary reasons: to estimate the amount of storage required for log data; and to estimate the cost of various solutions given their licensing model. This paper will discuss an approach to estimating the amount of log data generated in a hypothetical network environment.

  • Controlling the Cost of SIEM

    When looking at a SIEM implementation, the license cost can be just the tip of the iceberg. The majority of SIEMs are complex—having been developed for enterprise use—which means that a lot of additional work goes along with them.

  • A SIEM Buyer’s Guide for the Resource-Constrained Security Pro

    This SIEM Buyer’s Guide is for the resource-constrained IT pros who need the security benefits of SIEM but are held down by imposing budget and staffing requirements. Read this paper and understand how to adopt a SIEM model which is powerful in capability, simple to use, at the same time not draining your budget.

Product Guides

Product FAQ

Download Free Trial Fully Functional For 30 Days

Version History

v6.0
V6.0 – SolarWinds Log & Event Manager (LEM) v6.0 adds the new real-time File Integrity Monitoring (FIM) functionality along with some performance and usability enhancements.
  • File Integrity Monitoring for Windows®
    • Real-time monitoring of your files and folders including file reads, writes, deletes, permissions changes, and more
    • Real-time monitoring of your registry settings including key and value creates and deletes
    • A simple, intuitive interface that allows you to configure directories to watch, filename masks, and types of events you want to monitor
    • Built-in templates to jump start your use of FIM to bolster compliance with PCI DSS, HIPAA, SOX, and many other compliance standards
  • New connectors for LOGbinder EX, Cisco®, VMware® and more
  • Significant performance enhancements for specific types of rules
+ Read More
v5.7
V5.7 - SolarWinds Log & Event Manager (LEM) v5.7 provides the following usability and performance enhancements:
  • nDepth Scheduled Searches
    • Schedule nDepth searches to run automatically once or on a recurring basis
    • Email search results as a CSV attachment, or generate an event notifying you of search completion
  • Agent Node License Recycling
    • Define schedule to automatically recover unused agent licenses
    • Specify virtual desktop and workstation devices where licenses can be recovered
  • Scalability Enhancements
    • Improved rules engine and appliance-side processing
  • FIPS Self-Certification
  • Additional Improvements
    • Create User-Defined Groups more easily with new CSV import
    • Deploy LEM to Hyper-V® on Windows 2012 R2
    • New connectors for NetApp®, IBM®, Brocade, and more
+ Read More
v5.6
Introducing SolarWinds LEM Workstation Edition – an incredibly affordable new pricing model to make log management of Windows® workstations simpler and more economical than ever.

Product Enhancements

  • Rule Categories and Tags makes it easier to find and create rules
  • New rule templates for appliance monitoring and file tracking
  • Improved Data Storage and Search
    • New differential archiving means no more full database backups
    • Progressive search results displays results as they are found. No need to wait anymore!
  • New connectors for Juniper®, Cisco®, Microsoft® and other devices/vendors

Licensing

  • All new affordable and economical SolarWinds LEM Workstation Edition pricing model to monitor and manage logs from Windows workstations

Product Integration with

  • SolarWinds Server & Application Monitor (SAM)
    • Send correlated LEM events to SAM for added visibility into server and application performance
    • Forward SAM alerts to LEM and correlate them with specific LEM events, then create rules and configure notifications for future occurrences
  • SolarWinds Alert Central
    • Correlate events in LEM and forward to Alert Central via email for incident handling
    • Easily distribute alerts using configurable escalation policies and on-call calendaring in Alert Central
+ Read More
v5.5
Discovery for syslog devices, new dashboard content, and support for Hyper-V™ 2012
  • Discovery of syslog devices – Collect syslog or SNMP trap data in Log & Event Manager with out manual configuration using connector discovery.
  • New dashboard content – New widgets help pinpoint issues and track trends in near-term historical data; new details dashboards facilitate troubleshooting and drill-down of nodes and users.
  • Support for Hyper-V 2012, Windows® 2012 and Windows 8 – Install the LEM appliance on Hyper-V 2012, monitor Windows 8/2012, and use IE10 on Windows 8 to access the LEM Console.
  • Additional user interface improvements to help customers find things faster, including new default filters, removal of unused content, and renaming of confusing verbiage.
+ Read More
v5.4
SolarWinds Log & Event Manager version 5.4 added virtual application support for Hyper-V and integration with other SolarWinds products.
  • Virtual appliance support on Hyper-V Server 2008 R2
  • Web-based console
  • Authentication against Active Directory®
  • Integration with other SolarWinds products
+ Read More
v5.3
SolarWinds Log & Event Manager version 5.3 added support for Kiwi® Syslog Server, updates to the agent, and more.
  • Support for Kiwi Syslog Server
  • Updates to the Log & Event Manager Agent (including Java Runtime Environment
  • Additional nDepth Export functionality
+ Read More
To see a complete version history for SolarWinds Log & Event Manager, please visit our release notes.

Data Sources

Anti-Virus Software

  • AMaViS
  • AVG 7.5 Network (workstation)
  • AVG Anti-Virus Network Edition 8.0
  • AVG DataCenter 7.5 (server)
  • Baracuda AV¹
  • Cisco Content Security and Control Security Services Module¹
  • Command AntiVirus Enterprise
  • Command AntiVirus for Windows
  • Command AntiVirus Small Business
  • Command AV for Exchange Server
  • Computer Associates E-Trust 6.0+ (InnoculateIT)
  • F-Secure AntiVirus 7
  • ForeFront Client Security
  • ForeFront Security for Exchange
  • ForeFront Security for Sharepoint
  • FreshClam
  • Kaspersky AV
  • McAfee ePO
  • McAfee GroupShield for Exchange Server
  • McAfee Total Protection
  • McAfee VScan 4.5
  • McAfee VScan 5.0
  • McAfee VScan 6.0
  • McAfee VScan 7.0
  • McAfee VScan 8.0
  • Microsoft Antigen 9.0

Firewalls

Intrusion Detection / Prevention Systems

Network Devices

Operating Systems

Vulnerability Assessment

Identity and Authentication Management Applications

Web Server / FTP / Content Management

Database Auditing

Other Products / Applications / Environments

Tips and Training

Tips and Training

How-to Deploy Log & Event Manager to VMware

Watch the video
Tips and Training

LEM Install: How-to Deploy Log & Event Manager to Hyper-V™ R2 Server 2008 R2

Watch the video
Tips and Training

Creating Rules for Real-time Correlation and Response with Log & Event Manager

Watch the video
Tips and Training

Effectively Creating Filters and Monitoring Events with SolarWinds Log & Event Manager

Watch the video
Tips and Training

SolarWinds Log & Event Manager Quick Tour

Watch the video
Tips and Training

Adding Nodes, Devices and Systems with SolarWinds Log & Event Manager

Watch the video
Tips and Training

Using nDepth and Reports to Search and Analyze Log Data with SolarWinds Log & Event Manager

Watch the video
Awards & Props

We are known for our award-winning solutions, and we continue to strive for excellence with applications designed by IT pros, for IT pros. Log & Event Manager was awarded a 5-star rating by SC Magazine in April 2014.

  • SC Magazine Awards 2014 winner
  • Windows IT Pro 2012
  • Information Security Readers Choice
Some of the companies that rely on us

SolarWinds is trusted by Fortune 500 companies, & small businesses alike.

  • awards
  • awards
  • awards
  • awards