SolarWinds Log & Event Manager is licensed based on the number of nodes from which you are collecting data. The license is tiered and starts at “up to 30 nodes.”View pricing and licensing options here »

SolarWinds Log & Event Manager can collect data from thousands of models of devices.View the current listing of supported devices here »

Yes, for some types of devices. For devices that natively support other communication methods like syslog and SNMP traps, SolarWinds Log & Event Manager utilizes those technologies instead of agents. Where required, SolarWinds Log & Event Manager uses agents to collect data, process it in real time, and take actions. The agents can be easily deployed and updated.

SolarWinds Log & Event Manager offers a unique combination of features that make it popular with IT professionals:

• The ability to take automated remediation actions as a result of real-time event correlation is the feature most often stated as driving decisions to purchase the product.
• Our virtual appliance deployment model is ideal for organizations with minimal IT staff. Implementation is quick and easy and doesn’t impose an additional drain on already-stretched IT resources. SolarWinds Log & Event Manager can literally be installed in minutes and staff can be fully trained the same day – all with zero downtime.
• SolarWinds Log & Event Manager has an incredibly intuitive interface that is designed to make it easy for IT teams to quickly configure custom views. That ensures staff can monitor the aspects of their IT and security operations that they consider most critical. The product does not require dedicated security professionals to use or maintain and the interface is simple to navigate.
• Our pricing model is affordable and there are no hidden costs. SolarWinds Log & Event Manager provides full coverage without complex equations for events per second or costs per type of monitored device. View pricing here »

• SolarWinds Log & Event Manager’s architecture is focused on real-time processing. The policy engine is the first thing to process any event, the console is second, and the database is last. This approach allows the product to leverage the full power of the virtual appliance’s memory and processor to identify, notify, and respond to threats.
• Traditional event management and correlation products are database-centric; this model is okay when you are performing forensic analysis since real-time response is not a concern. These products first write to the database, then query this information to display on the consoles, and lastly apply appropriate notification policies. Unfortunately, this limits response to the database insertion speed – and requires more powerful and expensive database servers to gain any boost in performance. As a result, these products are not equipped to provide active response and some limit their "responses" to various notification methods (email, pager, etc.).

Yes. To learn more about how SolarWinds Log & Event Manager secures your environment, please visit our security solution page »

Today, computer worms can traverse the entire Internet in less than 10 minutes, making automation not only desirable, but essential. Firewalls actively block undesirable traffic and anti-virus software opens, cleans, and quarantines infected email. It is a natural extension for SIEM products like SolarWinds Log & Event Manager to communicate with these and other systems to coordinate their actions, thereby strengthening your overall infrastructure defenses.
SolarWinds Log & Event Manager includes Active Response technology and notification features that deliver precisely this type of communication and coordination. The underlying engine performs sophisticated event analysis and correlation that incorporates critical assets and company policy. In doing so, SolarWinds Log & Event Manager empowers the IT staff to rapidly identify and remediate incidents. Additionally, Active Response technology also enables you to proactively respond to performance issues and operational events by taking actions like restarting services automatically and updating user accounts with a few mouse clicks.

• When antivirus products can't mitigate threats, SolarWinds Log & Event Manager steps in to automatically isolate infected machines from the network.
• When a firewall passes apparently “harmless” traffic through to the network, the Intrusion Detection System (IDS) spots it and SolarWinds Log & Event Manager automatically drops the connection.
• When a workstation is being used to explore unauthorized areas of a system, SolarWinds Log & Event Manager can shut it down to keep your data safe.