Help ensure compliance with PCI DSS, SOX, HIPAA, NERC CIP, FISMA, GLBA, and corporate policies using a single, centralized view of all your IT infrastructure
- Collects system and user activities to make it easy to reconstruct an event of interest or mitigate an emerging threat
- Monitors access to sensitive information to provide a chain of custody for log data
- Complies with data monitoring and retention requirements
- Reduces storage space and costs using a high-compression data store
Ensuring compliance requires monitoring, analyzing, and storing log and event data, such as access to sensitive information, user authentication tracking, and device configuration changes. All of this information must be readily available for forensic analysis, auditing, and reporting.
SolarWinds Log & Event Manager (LEM) makes it easy to meet the network security monitoring and log management requirements imposed by many auditing authorities. Using real-time log analysis and cross-event correlation from sources throughout your entire infrastructure, SolarWinds LEM quickly uncovers policy violations, identifies attacks, and highlights threats. SolarWinds LEM provides the security, collection, monitoring and real-time responses required to ensure compliance with industry regulations, and corporate policies.
Interactive or automatic rules-based event correlation
- Explores your data visually with an intuitive drag-and-drop interface using: text search, word clouds, bubble charts, histograms, and treemaps
- Performs cross-device, cross-event correlation in real-time
- Collects and consolidates logs from all of the systems in your network
- Correlates relationships between nominally unrelated activities
- Correlates multiple events including the distinct ability to set independent thresholds for activity per event or per group
- Creates custom groups and variables for event correlation rules using a drag-and-drop GUI
SolarWinds Log & Event Manager (LEM) provides the real-time monitoring and electronic paper trail required by most regulations. It collects and monitors activities from your users, network elements, databases, and applications. Expose potential compliance violations interactively using a visual and context-aware console or manually using a rules-based, real-time event correlation engine.
Respond interactively or automatically to IT issues, compliance violations, and security threats
- Takes automated actions to address critical issues immediately
- Leverages a library of built-in active responses to respond to operational issues
With SolarWinds Log & Event Manager (LEM), you can use an intuitive console to interactively troubleshoot and respond to IT problems or use correlation rules to automatically monitor and react. Respond to critical events by either sending notifications or using Active Reponses to trigger specific actions, such as:
- Block an IP address
- Create, disable, or delete user accounts and user groups
- Reset user account passwords
- Add or remove users from groups
- Detach USB devices
- Kill processes by ID or name
- Restart or shutdown machines
- Send incident alerts, emails, popup messages, or SNMP traps
Generate compliance reports and provide detailed audit information
Regardless of which acronym is driving compliance requirements—PCI DSS, GLBA, SOX, NERC CIP, HIPAA or internal corporate compliance standards—compliance solutions must provide IT operational and security audit information and reports.
SolarWinds Log & Event Manager (LEM) has a built-in reporting console that makes it easy to generate compliance reports and graphical summaries. Use over 300 templates out of the box to quickly generate reports or customize them for internal requirements using the reporting console. Detailed audit information is available using the query tool or using the in-depth drill down tool to access original log data.
- Produces graphical summaries to enhance your high-level reports
- Supports forensic analysis findings with detailed reports
- Allows for customization of reports using the query tool
- Schedules reports to run daily, weekly, or as needed