SolarWinds Log & Event Manager all-in-one SIEM combines log management, correlation, reporting, file integrity monitoring, user activity monitoring, USB detection & prevention, threat intelligence and active response in a virtual appliance that’s easy to deploy, manage and use. SOlarWinds have designed their SIEM to provide the functionality you need without the complexity and cost of other enterprise SIEM solutions.
- Node based licensing: Licensing based on number of nodes, such as servers and network devices, with special pricing for endpoints.
- Real-time event correlation: In memory, cross platform event processing for instant notification and remediation without waiting on data queries.
- Search log data: Simple keyword search or powerful custom queries using drag-and-drop interface. Save, share and schedule searches for efficient forensics.
- Real-time remediation: Mitigate issues in real-time with Active Responses that will Block IPs, change privileges, disable accounts, block USB devices and kill applications.
- File integrity monitoring: Monitor and alert on registry, file and folder activity to detect suspicious and malicious behavior.
- High data compression: Average data compression of 95%. Simply provision more storage to the virtual appliance to expand data retention as needed.