There is not enough room in this windows to tell you everything good about LEM. The log monitoring across the enterprise, compliance, and KPI monitoring. It has a good dashboard.

I wish they had taken the time to plan out the development in to SolarWinds Orion suite so it was all one product rather than a running appliance in my virtual cluster

Node Health, compliance, and i like to call that Audit protection. We have a series of audits we go through annually. The addition of LEM has enabled us to quickly generate reports and show how good or how bad we are doing but also reduces the amount of time spent with the Auditors as they can see we are addressing it and work with us to find resolutions vs picking us apart for what we don't do. Being able to Zero in on issues like never before has opened my eyes and now keeps me awake at night to the reality of the threats and issues facing me and my limited team each day. Automatic notifications and help ticket generation has also been something that assists us knowing we are reducing guess work to fact check.

Compliance, IT Operations, and dashboards. These tools are essential for knowing and preventing security issues before they are major issues. The Dashboard is your guide. The ability to create custom monitors on the fly and all the builtin logic behind LEM is simply amazing. I had no idea what i did not know. The only trouble i have now is having enough time to spend using it properly in my Small IT shop.

SolarWinds has a great suite of software, and LEM is one of the jewels. however they as of yet have failed to fully integrate it in to the Orion package. you have to have it on a separate browser tab, and although the Dashboard is fantastic, not being able to put it in Orion prevents the NOC from building a Dashboard with LEM data on it with other data from other applications in Orion.

This software allowed us to pass an audit requirement for logging and retrieval of data. We also have been able to use it to notify us of penetration tests and various other events that need immediate attention.

This is a single point for all of your logging needs. The agents make collecting non-syslog data easy and very manageable. There are a lot of alerts, searches, and such that are included out of the box. The platform scales well and allows for a lot of data to be logged and searched. There are multiple users and each can configure their own alerts and notifications. Being able to customize the notifications is a very big plus.

Log and Event Manager can be very unwieldy and grow too large very quickly. The search building is not that intuitive and the logic sometimes fails in the queries when building them. If you have to search through a large number of events, it can be quite slow and take 30+ minuted to return results.

Easy to set up devices Easy to set up features Lots of security rules templates that are used in different standards (PCI DSS, SOX, Best practices...)

The price is a little high The licence is for 30 devices minimum, so, you can have to pay for something that you don't use

It is easy to setup and use. I use this for auditing on systems and all of the data collects on a Syslog Server also from SolarWinds. It provides me with all of the data I need and is very reliable for the most part.

When it stops working it is almost impossible to get it to work again. I have had a handful of systems where the client stopped working and no matter how many times I uninstall and reinstall it does not work again. Also in the selection menu to pick what you want to log it tends to take forever and locks up a lot.

Helpful display and insight of your application and systems logs.

Allow to setup triggers, alerts, and email base on any keyword or filters that you want to setup to filer out the logs. Agent base installation make it itself, no configuration required on systems side.

Difficult to configure the settings / filters for different OS type. Default disk storage on allow support up to 3TB, you will have to find an alternative solution to ship the logs to another disk / location if your logs are over 3TB.

It can alert those who need to be, to USB devices, and any log alert that you could want. It captures pretty much every log you want, and you can stop it from capturing those you don't want.

It has a bit of a learning curve on a few features, but with the walk through they did with us, that wasn't really a problem.

Logs on the fly - which can be essential to my job. There isn't much to really complain about this program. If you do run in to any issues, you can always ask support or just make a post on the forums and the THWACK community will help.

Ease of use has always been Symantec's forte, but the real winner here is the legendary THWACK community that supports Solarwinds. The app itself does that it needs to, logs and manages events.

Lets your set filters on the log and display certain type of logs based on the filter you have set. Depends on what you want to view, they allow you to show the more important logs

The selection of what you want is tricky. Requires more research or help. A lot of logs you can view or have sent to emails.