In an earlier blog, we discussed how important it is to monitor logs from workstations. To address this much demanded security use case, SolarWinds introduced Log & Event Manager Workstation Edition with the release of LEM 5.6.
What is Log & Event Manager Workstation Edition?
LEM Workstation Edition is a special licensing model of Log & Event Manager that accommodates log management for thousands of workstation nodes at a much competitive and affordable pricing. LEM Workstation Edition provides all the functionality of LEM (including Active Responses, USB defender, Compliance Reports, etc.) to help you collect, correlate, analyze and store logs from more number of workstation nodes. This licensing model will greatly benefit LEM users for you can now pay less for monitoring more workstation nodes when compared to non-workstation nodes.
Workstation Edition nodes are priced at a much affordable pricing than the normal LEM nodes (which are now called ‘Universal’ nodes). The screenshot below shows how the Workstation and Universal nodes are differentiated on the LEM console (Manage Nodes section).
With this release, LEM 5.6,
- Workstation nodes support workstation client operating systems (Windows® XP, Vista, 7)
- Universal (or non-workstation) nodes support all other data sources supported by LEM
What’s New in Log & Event Manager 5.6?
There’s a bunch of new enhancements added to improve the product functionality and make the user experience better.
- Rule Categories and Tags
- New Rule Templates for Appliance Monitoring and File Tracking
- Improved Data Storage and Search
- New Differential Archiving means no more full database backups
- Progressive Search Results displays results as they are found. No need to wait anymore.
- New connectors for Juniper®, Cisco®, Microsoft® and many other devices/vendors
Rule Categories and Tags
As discussed in the product blog, you can use the new Rule Categories and Tags to:
- Tag rules you're using for compliance so that they don't get inadvertently disabled
- Categorize rules used for production, lab, and other environments so that you know how rules are used
- Tag "in progress" or "testing" rules so that you can find rules that you're working on developing
- Categorize rules for different departments or teams (sort of like how we have Security and IT Operations) so that each team can find their relevant rules quickly
Steal a glance at the new Rule Categories and Tags.
Integration with More IT Management Products
- You can send correlated LEM events to SolarWinds Server & Application Monitor for added visibility into server and application performance.
- You can correlate events in LEM and forward to SolarWinds Alert Central via email for incident handling, and distribute alerts using configurable escalation policies and on-call calendaring in Alert Central.
SolarWinds Log & Event Manager 5.6 makes log management an affordable must-have solution for security practitioners and IT admins who want to collect and monitor logs from across your IT landscape – servers, workstations, VMs, network devices, security appliances, databases and more.
For more details on the features and enhancements in LEM v5.6, read the Release Notes.