SolarWinds has put together another outstanding product. The SolarWinds Log & Event Manager (LEM) offers a quality set of log management, event correlation, search and reporting facilities. This gives organizations the ability to collect large volumes of data from virtually any device on a network in real time and then correlate the data into actionable information. The company does this by paying attention to the need for real-time incident response and effective forensics, as well as security and IT troubleshooting issues. Another winning set of features are the quality regulatory compliance management and ready-made reporting functions.
The most common means of deployment of the product is by a virtual appliance. The SolarWinds LEM is typically installed in a Microsoft Hyper-V 2008 R2/2012 or a VMware ESX/ESXi 4/5 environment with a minimum of 250GB disk storage, two dedicated CPU cores, and 8GB RAM. This deployment model provides a flexible environment that can scale with the customer, whether they've purchased 30 licenses or more.
Installation was relatively easy and began with a rich set of documents, videos and web links. The support team was readily available when questions arose (usually sequence questions). Next, the firewalls and ports were configured in the test environment. Once the virtual host was set up, the virtual appliance was imported into the VM environment. The next step was to run a small application that helped set up networking, time zone and browser-based access to the LEM. The dashboard was excellent, full of features and intuitive. It took minutes to enroll monitored hosts, which then were enrolled half through pushing agents to the client and half by installing agents from the client. Syslog devices were pointed to the host. To generate log events, a number of pen-testing tools were used on various systems.
The solution was easy to use because the graphics and text were easy to follow. Any tasks that required new knowledge to perform took only minutes to work out. At no time during the testing did the system lag or cause performance delays. SolarWinds has taken an interesting approach regarding ticketing systems. The company indicated that customers typically own their own ticketing system, so it created an incident ticket that can be used as an individual ticket or fed into most common ticketing management systems.
Support options begin with a basic no-cost offering providing unlimited phone- and form-based email 24/7 worldwide. The first year of support is included in the initial purchase. SolarWinds does not have a direct, fee-based support option. Customers who desire commercial assistance beyond the basic level can engage with an independent SolarWinds partner. Other features include a rich company website packed with FAQ listings, documents, videos and more. In addition, there is an active SolarWinds-sponsored customer community comprised of more than 60,000 IT professionals.
The value for the cost of the SolarWinds Log & Event Manger system is quite good. While the company has generally targeted small- to midsized companies, this product could fit well into much larger organizations.