LEM generally communicates using either an Agent (e.g. on Windows systems), or via syslog or SNMP.
All of these technologies are Active Directory agnostic.
The User tool allows for the retrieval of user accounts from Active Directory using a specified domain credential, but this retrieval is functionally at the domain level, and generally not relevant to the forest. As best I can see, there are no restrictions against having multiple AD Query Tools implemented (e.g. one for each domain/forest). Potentially worthy of note is the level of query access to AD Users and Groups that this tool allows, and whether administrator(s) from other forests need to be restricted from knowledge of users/groups in not-their-forest.
In short, I'm not aware of any specific issues that would arise by managing multiple forests, any more than would arise from managing multiple domains. It may be, though, that the more relevant question here is related to the statutory requirements driving you to deploy multiple forests as security boundaries. Those regulations may also relate to whether your monitoring tools also need to implement similar security boundaries. If so, those regulations may implicate the requirement of separate LEM servers beyond the question of its technical capabilities.