Hey All,

With the recent release of Log & Event Manager 5.3 (read more about that on the blog Log & Event Manger: LEM 5.3 has Landed), our development team is working on some pretty great features requested by a lot of customers.

Hyper-V Virtual Appliance Support

It's hard to ignore Microsoft's increased presence in the virtualization market, and Hyper-V is starting to pick up some great marketshare as it's evolved from what was Virtual PC. With Microsoft planning on including Hyper-V support natively in Windows 8, it's just going to get more and more common.

We're planning on providing our virtual appliance evaluation for Hyper-V and fully supporting it in production, including the ability to synchronize time with the host, take snapshots, and perform clean shutdowns (similar to VMware).

SolarWinds Orion Platform Product Integration: Raising Events to LEM for Correlation & Response

We'll be adding a couple of features related to extending our integration with other SolarWinds products - thanks to customer feedback and input. The first of these features will be receiving SNMP trap alerts from your Orion platform products, enabling you to:

  • Correlate those events with other LEM log & event data and using additional LEM real-time correlation features - time & frequency, field-based correlation, multiple-event correlation, and more.
  • Search events in the context of other LEM data for troubleshooting - sometimes performance and availability data can provide the missing key to a security or operations issue, being able to see that data in context together could bring something to light that you might not have otherwise noticed.
  • Respond with your LEM active responses - restart a service, disable an account, block an IP, or just send a popup message in response to correlated data OR interactively.
  • Report on events enterprise-wide for compliance, auditing, and peace of mind.

SolarWinds Orion Platform Product Integration: Escalating Events from LEM to Orion via SNMP Traps

Since we're in the business of what makes sense to customers, we're also adding the ability to go the other direction and share events from LEM upstream to Orion via SNMP traps. This feature can also be use to escalate to non-SolarWinds products - if you've got a trouble ticketing system or other network management system that accepts SNMP traps as alerts, you can escalate LEM events up to those systems as well. Some of the ways this can be useful are:

  • Use log data to detect a problem, and automatically raise a condition in Orion to take advantage of workflow you've already built.
  • Share knowledge from LEM to Orion without providing access to all of your sensitive security and operations log data. 
  • Take advantage of LEM's log data parsing to forward only log events of interest to Orion, instead of asking Orion to store 100% of log data for that one or two events you're interested in in that context.

Active Directory Authentication

We'll be extending our integration with Active Directory to authentication, allowing you to use your existing domain credentials to log in to the LEM console rather than just the built-in LEM users.

Improved Documentation

We're investing in our Log & Event Manager Knowledgebase, releasing articles that help you get LEM deployed and solve problems easier. We've also added a bunch of videos to the Resource Center, and improved the LEM Documentation Page on Thwack. These efforts will continue, along with a revamped Admin Guide that's more oriented around how you get tasks done than the pure reference manual that it is today.

And, finally.....

Access the Log & Event Manager Console from your Browser

While we'll continue to offer the Log & Event Manager Console as an installable AIR package for customers that want to take advantage of the desktop experience, we'll also offer the ability for you to access the SAME Console from inside your browser. With the popularity of laptops in the workplace and systems that aren't "always on" sometimes a web accessible Console makes the most sense. The new LEM browser-enabled Console will let you:

  • Access LEM from Flash-enabled browsers and devices (primarily IE 7+ and Firefox 4+)
  • Monitor, configure, search, and respond over HTTPS (HTTP for evaluation customers) from anywhere you can connect to the appliance
  • Quickly evaluate or get LEM up and running from anywhere, without worrying about administrative credentials to install software

It's worth noting that LEM Reports will still be an installed desktop application, but many customers have chosen to install reports on a single always-on system for scheduling and running reports, while the Console is accessed by multiple team members.

And Beyond....

Some of the other items on our roadmap include:

  • Simplifying product implementation - helping you get value out of your investment quickly

And, for our standard disclaimer: The LEM team continues to work on additional features that we think will help improve our customers' day to day Log & Event Manager needs, and while these are generally our "highest priority" features, this is not a commitment or guarantee that these will be released in the next revision. Sometimes priorities shift or customer feedback encourages a change in direction.

Questions about how these features would work? Willing to participate in a release candidate of any of these features? Any other comments or feedback? Let us know with a reply here, or feel free to contact me directly.