Real-time collection, correlation, and analysis of Snort intrusion detection and prevention system log and event data
SolarWinds Log & Event Manger (LEM) collects, correlates, and analyzes log and event data from the Snort intrusion detection and prevention system for your Windows® and Unix® environments.
Configure SolarWinds LEM to receive log data from Snort intrusion detection and prevention system.
- True real-time, in-memory, multi-dimensional correlation and analysis of Snort log data
- Quick and easy compliance reporting and forensics
- Nearly 700 built-in event correlation rules
Immediately respond to Snort IDS/IPS log data security events, malware threats, and intrusions with Active Response technology
Whether it’s a threat infiltrating your IT infrastructure, or malicious software that’s passed through your firewall, SolarWinds Log & Event Manager (LEM) can automatically take responsive actions in real-time based on the log data from your Snort IDS/IPS. Active Responses provide real-time assurance that each policy-driven event violation, such as behavior patterns or specific internal or compliance-driven policies, gets immediate corrective attention.
SolarWinds LEM’s built-in Active Responses include:
- Send incident alerts, emails, popup messages, or SNMP traps
- Block an IP address
- Detach USB devices
- Enable or disable users
- Kill processes by ID or name
- Log users off
- Restart or shutdown machines
- Start or stop services, and more
Interactively search Snort log and event data to troubleshoot issues and perform root cause analysis
SolarWinds Log & Event Manager (LEM) gives you advanced IT search functionality that goes beyond simple search and query languages. With SolarWinds LEM you can effectively perform ad hoc IT searches and deeper forensic analysis.
- Visually explore your data using word clouds, histograms, bubble charts, treemaps
- Search a range of data, from high-level events and key terms to detailed log details
- Identify important issues and drill-down quickly with a few mouse clicks
- Determine root cause by performing forensic analysis on correlated log and event data