SolarWinds LEM License
Log & Event Manager
Demonstrate Compliance and Improve Security
Thousands of resource-constrained security pros rely on SolarWinds Log & Event Manager for powerful, affordable, and efficient security information and event management (SIEM). Our all-in-one SIEM combines log management, correlation, forwarding, reporting, file integrity monitoring, user activity monitoring, USB detection and prevention, threat intelligence, and active response in a virtual appliance that’s easy to deploy, manage, and use. We’ve designed our SIEM to provide the functionality you need without the complexity and cost of most other enterprise SIEM solutions.
LOG & EVENT MANAGER
- Designed to collect, consolidate, and analyze logs and events from firewalls, IDS/IPS devices and applications, switches, routers, servers, operating system logs, and other applications
Real-time correlation to identify attacks
- Supports the forwarding of correlated and normalized log data to other solutions for further analysis
- Designed to detect breaches with threat intelligence
- Supports root cause analysis with built-in intelligence that applies to networks, applications, and security management
- Can block and quarantine malicious and suspicious activity, including inappropriate USB usage
- Can deliver deeper intelligence and broader compliance support through embedded File Integrity Monitoring (FIM)
- Produces out-of-the-box compliance reports for HIPAA, PCI DSS, SOX, ISO, DISA STIGs, FISMA, FERPA, NERC CIP, GLBA, GPG13, and more.
Scalable and Easy Collection of Network Device, Machine, and Cloud Logs
Log & Event Manager collects and catalogs log sand event data in real time from anywhere data is generated within your IT infrastructure.
Real-Time, In-Memory Event Correlation
By processing log data before it is written to the database, Log & Event Manager can deliver true real time log and event correlation, helping you to immediately troubleshoot and investigate security breaches and other critical issues.
Once Log & Event Manager has correlated and normalized log data, it can be forwarded to other solutions for further analysis. Forward entire logs or identify specific nodes and log events to forward.
Threat Intelligence Feed
Leverage an out-of-the-box feed of known bad IPs to identify malicious activity. The feed regularly updates from a collection of research sources and automatically tags events as they enter the appliance. From there, you can quickly run searches or reports to view the suspect activity, or create rules to perform automatic actions.
Advanced IT Search for Event Forensic Analysis
Log & Event Manager’s advanced ad hoc IT search capability makes it easy to discover issues using a drag-and-drop interface that tracks events instantly. You can even save common searches for easy future reference.
Log Data Compression and Retention
Log & Event Manager stores terabytes of log data at a high compression rate for compliance reporting, compiling, and off-loading, reducing external storage requirements. Embedded, Real-Time File Integrity Monitoring Embedded File Integrity Monitoring is designed to deliver broader compliance support and deep-er security intelligence for insider threats, zero-day malware, and other advanced attacks.
Built-in Active Response
Log & Event Manager can help you to immediately respond to security, operational, and policy-driven events using built-in active responses that take actions, such as quarantining infect-ed machines, blocking IP addresses, killing processes, and adjusting Active Directory settings.
USB Detection and Prevention
Log & Event Manager can help prevent endpoint data loss, and protects sensitive data with real-time notification when USB devices connect, the ability to automatically block their usage, and built-in reporting to audit USB usage.
User Activity Monitoring
Improve situational awareness by gaining insight into critical user activities. Learn when privi-leged accounts are being used, how they are being used, and from where.
Out-of-the-Box Security and Compliance Reporting Templates
Log & Event Manager makes it easy to generate and schedule compliance reports quickly using over 300 report templates and a console that lets you customize reports for your organization’s specific compliance needs.
Ease-of-Use and Deployment
Log & Event Manager was built to be quick and simple to deploy. You can be up and auditing logs in no time using our virtual appliance deployment model, web-based console, and intuitive interface.
WHO SHOULD USE LOG & EVENT MANAGER?
Designed for resource-constrained security pros challenged with:
- Lack of visibility into attacks, as well as limited time for staffed monitoring
- Compliance demands requiring automation and/or file integrity monitoring
- Inability to prioritize, manage, and respond to security incidents
- Slow incident response time
- Inability to determine the root cause of suspicious activity
- The need to monitor internal users for acceptable use and insider threats
- The need to share log and activity data across security, network, applications, and systems.
- Inefficient, inoperable, or costly existing SIEM implementations
HOW LOG & EVENT MANAGER HELPS SUPPORT YOUR SECURITY PROGRAM
- Automation and embedded intelligence provide a Virtual Security Operations Center for 24/7 monitoring
- Faster event detection and alerting on threat intelligence matches based on IPs
- More intelligent and reliable detection of suspicious and malicious activity—including zero-day malware, insider, and advanced threats
- Helps eliminate time-intensive manual reporting processes
- Shortens time-to-respond duration through powerful forensics capabilities
- Automatically blocks abuse and misuse through active response for network, system, and access policy violations
- Expanded security tool integration by providing the capability to forward logs or log data to other tools
- Monitors and blocks USB usage based on behavioral policy rules
- User-friendly login process with single sign-on integration—use user ID and password, smart card, one-time password, or a biometric device