Ranked in these QuestionsQuestion Ranking
Pro Has custom search for in-depth log analysis
The in-depth, custom search helps you search by IP addresses, user names, etc, enabling faster root cause analysis when troubleshooting network, system, application and database issues.
Pro Peripheral security for enhanced visibility into malicious activities
All-in-one security solution that includes file integrity monitoring (zero-day malware& APT detection), SQL Auditor and USB detection
Pro Active response to detect and respond to threats in real-time
Automated response to events, like deleting user account, sending warning messages, kill processes, log off user, adding user to privileged account groups, etc
Pro Reduced costs with straight-forward licensing
Licensed by nodes (not log volume). No add-on purchases, DBA or expensive consultant support required. Extensive number of free connectors. Reduces SIEM management, training and operational overhead for resource-sensitive security departments.
Pro Automated industry-standard rules and reports to meet compliance and audit requirements
Demonstrate compliance and meet audit requirements with out of the box compliance reports for HIPAA, SOX, PCI DSS, DISA STIG and many more. Beyond SIEM monitoring and remediation capabilities, Log & Event Manager includes stronger security and broader compliance capabilities – like, SQL Auditor, File Integrity Monitoring, Active Response and USB Defender.
Pro Intuitive interface
Graphical Web UI with easy to read customizable dashboards, and search functionality to find the right information among thousands of logs. Log data and events are represented in bar graphs, with respect to time, and you can easily drill down to the specific system or node that's generating excessive or suspicious traffic.
Pro Centralized threat detection improves security incident awareness
Real-time, in-memory event correlations, based on built-in and custom rules, for instantaneous detection of unauthorized application/user-activity, database, configuration changes and suspicious network traffic
Con Linux agent don't manage to read logs
Linux agent made do not manage to read system logs which are in the default format which LEM is supposed to manage and also the installer seems to mess up the system during install as it assumes you are using a sysv like init system.
Con Bad UI
UI is confusing and difficult to find the information from the logs which you are looking for
Con Windows only
SolarWinds Log & Event Manager only works on Windows.