We run Splunk; the "S" ("security") part in the "SIEM" is only a small one, and the core benefit of it (and any SIEM) is observability and actionable knowledge, in my eyes.
P.S. @yumdarling you probably meant "SIEM" in the title?
We are Splunk users along with Splunk Enterprise Security.
We do not own SEM or run it. We are Splunk folks but use Log Viewer everyday. The UI and learning curve is much lower for Solarwinds products vs other vendors. Next SIEM refresh Solarwinds will definitely be in the discussion for us.
We don't currently have SEM but I've used it a bit in the past. For me, the UI was always a pain point. It wasn't very straight forward and everything seemed to be in places where you wouldn't expect them. Hopefully the migration to HTML5 will resolve some of that.
