We are currently leveraging Splunk for security data and correlation, sever / desktop event filtering, dashboarding of customer service and BI data, etc. Recently we lost both of our Splunk admins and are tossing around the idea of switching over to LEM in part or fully.
Are you guys enjoying using LEM? Also, do you have any insight to the advantages of LEM vs Splunk?