SANS released an updated list of their critical log categories recently. Some good recommendations especially if you're new to log management.
The 6 Categories of Critical Log Information
How easily can these be achieved using LEM?
Can the LEM team include them in the LEM ready made filters as a new filter group for example?
OT, SANS also had their top 20 critical security controls last year. I think it's a good marketing opportunity for Solarwinds to show how their products can be used to achieve these controls.