SolarWinds Log & Event Manager (LEM) is a SIEM that makes it easy to use logs for security, compliance and troubleshooting. It normalises logs so your rules and reports work regardless of the source and includes rules and reports for standards like HIPAA, PCI-DSS, SOX, GLBA, NCUA, NERC-CIP, DISA-STIG and more.
- Node based licensing: Licensing based on number of nodes, such as servers and network devices, with special pricing for endpoints.
- Real-time event correlation: In memory, cross platform event processing for instant notification and remediation without waiting on data queries.
- Search log data: Simple keyword search or powerful custom queries using drag-and-drop interface. Save, share and schedule searches for efficient forensics.
- Real-time remediation: Mitigate issues in real-time with Active Responses that will Block IPs, change privileges, disable accounts, block USB devices and kill applications.
- File integrity monitoring: Monitor and alert on registry, file and folder activity to detect suspicious and malicious behavior.
- High data compression: Average data compression of 95%. Simply provision more storage to the virtual appliance to expand data retention as needed.