1 2 3 Previous Next

Geek Speak

142 Posts authored by: Leon Adato Employee

December Writing Challenge Week 5 Recap


And with these last four words, the 2019 writing challenge comes to a close. I know I’ve said it a couple of times, but even so, I cannot express enough my gratitude and appreciation for everyone who took part in the challenge this year—from the folks who run the THWACK® community, to our design team, to the lead writers, to the editing team, and, of course, to everyone who took time out of their busy day (and nights, in some cases) to thoughtfully comment and contribute.


Because we work in IT, and therefore have an ongoing love affair with data, here are some numbers for you:


The 2019 December Writing Challenge

  • 31 days, 31 words
  • 29 authors
    • 13 MVPs


It’s been an incredible way to mentally pivot from the previous year, and set ourselves up for success, health, and joy in 2020.


Thank you again.

  • - Leon


Day 28. Software Defined Network (SDN)

THWACK MVP Mike Ashton-Moore returned to the ELI5 roots, by crafting his explanation using the xkcd Simple Writer online tool. Despite limiting himself to the first 1,000 (or “ten-hundred,” to use the xkcd term) words, Mike created a simple and compelling explanation.


George Sutherland Dec 29, 2019 8:49 PM

SDN is the network version of the post office. You put your package in the system and let the post office figure out the best and fastest mode of delivery.


Ravi Khanchandani  Dec 30, 2019 12:58 AM

Life comes a full circle with SDN, from centralized routing to distributed routing and back to centralized routing.

The SDN controller is like the Traffic Police HQ that sends out instructions to the crossings or edge devices to control the traffic. How much traffic gets diverted to what paths, what kind of traffic goes which path, who gets priority over the others. Ambulances accorded highest priority, trucks get diverted to the wider paths, car pools & public transport get dedicated lanes, other cars get a best effort path


Juan Bourn Dec 30, 2019 10:37 AM

I gotta admit, I had to read this twice. Not being very familiar with SDN prior to this, I didn’t understand the special boxes and bypassing them lol. I couldn’t make the relationship tangible. But after a second read through, it made sense. Good job on making it easy to understand. You can’t do anything about your audience, so no knock for my inability to understand the first time around!


Day 29. Anomaly detection

As product marketing manager for our security portfolio, Kathleen Walker is extremely well versed in the idea of anomaly detection. But her explanation today puts it in terms even non-InfoSec folks can understand.


Vinay BY  Dec 30, 2019 5:06 AM

As the standard definition states -> “anomaly detection is the identification of rare items, events or observations which raise suspicions by differing significantly from the majority of the data”


Something unusual from the data pattern that you see on a regular basis, this as well helps you to dig down further to understand what happened exactly and why was it so. Anomaly detection can be performed in several areas, basically performed before aggregating the data into your system or application.


Thomas Iannelli
  Dec 30, 2019 5:27 AM

We don’t have kids living with us, but we do the same thing for our dog, Alba, and she for us. We watch her to make sure she eats, drinks, and performs her biological functions. When one of those things is off we either change the diet or take her to the vet. She watches us. She even got used to my wife, who works at home, going into her office at certain times, taking a break at certain times to put her feet up, or watch TV during lunch. So much so that Alba will put herself in the rooms of the house before my wife. She does it just so casually. But when my wife doesn’t show up, she frantically goes thru the house looking for her. Why isn’t she where she is supposed to be. Alba does the same thing when I go to work. It is fine that I am leaving during the week. She will not fuss and sometimes will greet me at the door. But if I get my keys on the weekend or in the evening she is all over me wanting to go for the ride. There is a trip happening out of the ordinary. When we have house guests, as we did over the holiday, she gets very excited when they arrive, and even the next morning will try to go to the guest bedroom and check to make sure they are still here. But after a day or two it is just the new normal. Nothing to get too excited about. The anomaly has become the norm.


I guess the trick is to detect the anomaly and assess quickly if it is outlier, if it is going to be the new normal, or if it is a bad thing that needs to be corrected.


Paul Guido  Dec 30, 2019 9:32 AM (in response to Charles Hunt)

cahunt As soon as I saw the subject, I thought of this song. “One of these things is not like the other” is one of my primary trouble-shooting methods to this very day.


Once I used the phrase that “The systems were nominal” and people did not understand the way I used “nominal.” I was using it in the same way that NASA uses it in space systems that are running within specifications.


In my brain, an anomaly is outside the tolerance of nominal.


Day 30. AIOps

Melanie Achard returns for one more simple explanation, this time of a term heavily obscured by buzzwords, vendor-speak, and confusion.


Vinay BY  Dec 30, 2019 10:21 AM

AIOps or artificial intelligence for IT operations includes the below attributes in one or the other way, to me they are all interlinked:

Proactive Monitoring

Data pattern detection, Anomaly detection, self-understanding and Machine Learning which improvises the entire automation flow

Events, Logs, Ticket Dump

Bots & Automation

Reduction of Human effort, cost reduction, time reduction and service availability


Thomas Iannelli  Dec 30, 2019 5:41 AM

Then the computer is watching and based on either machine learning or anthropogenic algorithms process the data for anomaly detection and then takes some action. In the form of an automated response to remediate the situation or to alert a human that something here needs you to focus attention on it. Am I understanding correctly?


Jake Muszynski Dec 30, 2019 12:13 PM

Computers don't lose focus, my biggest issue with people reviewing the hordes of data that varous monitors create is that they get distracted, they only focus on the latest thing. AI helps by looking at all the things, then surfacing what might need attention. In a busy place, it can really make a difference.



Day 31. Ransomware

On our final day of the challenge, THWACK MVP Jeremy Mayfield spins a story bringing into sharp clarity both the meaning and the risk of the word of the day.


Faz f Dec 31, 2019 5:57 AM

This is when your older Sibling/friend has your toy and will not give it back unless you do something for them. It's always good to keep your toys safe.


Michael Perkins Dec 31, 2019 11:36 AM

Ransomware lets a crook lock you out of your own stuff, then make you pay whatever the crook wants for the key. This is why you keep copies of your stuff. It takes away the crook's leverage and lets you go "Phbbbbbbbbbbt!" in the crook's face.


Brian Jarchow Dec 31, 2019 12:38 PM

Ransomware reminds me of the elementary school bully who is kind enough to make sure you won't get beaten up if you give him all of your lunch money.

The year is winding down, and—while it’s not something I do every year—I thought I’d take a moment to look ahead and make a few educated guesses about what the coming months have in store for us nerds, geeks, techies, and web-heads (OK, the last category is for people from the Spider-verse, but I’m still keeping them in the mix.)


As with any forward-looking set of statements, decisions made based on this information may range from “wow, lucky break” to “are you out of your damn mind?” And, while I could make many predictions about the national (regardless of which nation you live in) and/or global landscape as it relates to economy, politics, entertainment, cuisine, alpaca farming, etc., I’m going to keep my predictions to tech.


Prediction 1: The Ever-Falling Price of Compute

This one is a no-brainer, honestly. The cost of compute workloads is going to drop in 2020. This is due to the increased efficiencies of hardware and the rising demand for computer resources—especially in the cloud.


I can also make this prediction because it’s basically been true for the last 30 years.


With that said, it’s worth noting—according to some sources (https://www.quantumrun.com/future-timeline/2020/future-timeline-subpost-technology)—the following milestones/benchmarks will be reached:

  • (Moore’s Law) Calculations per second, per $1,000, will reach 10^13 (equivalent to one mouse brain)
  • Average number of connected devices, per person, is 6.5
  • Global number of internet-connected devices reaches 50,050,000,000
  • Predicted global mobile web traffic equals 24 exabytes
  • Global internet traffic grows to 188 exabytes


  • Share of global car sales taken by autonomous vehicles will be about 5%
  • World sales of electric vehicles will reach 6,600,000

In addition, in 2017, Elon Musk posited it would take 100 square miles of solar panels total to provide all the electricity used in the U.S. on an average day. https://www.inverse.com/article/34239-how-many-solar-panels-to-power-the-usa. In 2018, freeenergy.com took another swipe at it and figured the number slightly higher—21,500 sq. miles. But that’s still 0.5% of the total available land in the U.S. and amounts to (if you put it all in one place, which you would not) a single square of solar panels 145 miles on each side. https://www.freeingenergy.com/how-much-solar-would-it-take-to-power-the-u-s/.


What I’m getting at is that the impending climate crisis and the improving state of large-storage batteries and renewable energy sources may push the use of environmentally friendly transportation options even further than expected. If nothing else, these data points will provide background to continue to educate everyone across the globe about ways to make economically AND ecologically healthy energy choices.


*Ra’s Al Ghul to Bruce Wayne, “Batman Begins”


Prediction 4: Say “Blockchain” One. More. Time.

Here’s a non-prediction prediction: People (mostly vendors and dudes desperate to impress the laydeez) are going to keep throwing buzzwords around, making life miserable for the rest of us.


HOWEVER, eventually enough of us diligent IT folks nail down the definition so the hype cycle quiets down. In 2020, I think at least a few buzzwords will get a little less buzz-y.


One of those is “AI” (artificial intelligence). IT professionals and even business leaders are finally coming to grips with how this ISN’T (androids like Data; moderately complex algorithms; or low-paid offshore workers doing a lot of work without credit) and will be more clearly be able to understand when true AI is both relevant and necessary.


Closely related, machine learning (the “ML” in the near-ubiquitous “AI/ML” buzzword combo) will also reach a state of clarity, and businesses wanting to leverage sophisticated automation and behavioral responses in their products will avoid being caught up (and swindled) by vendors hawking cybernetic snake oil.


Finally, the term 5G is going to get nailed down and stop being seen as “Better because it’s got one more G than what I have today.” This is more out of necessity than anything else, because carriers are building out their 5G infrastructure and selling it, and the best cure for buzzword hype are vendor contracts clearly limiting what they’re legally obligated to provide.


Prediction 5: Data As A Service

While this effort was well under way in 2019 from the major cloud vendors, I believe 2020 is when businesses will, en masse, take up the challenge of building both data collection and data use features into their systems. From the early identification of trends and fads; to flagging public health patterns; to data-based supply chain decisions—the name of the game is to use massive data sets to analyze complex financial behaviors and allow businesses to react more accurately and effectively.


Again, this isn’t so much the invention of something new as it is the adoption of a capability providers like AWS and Azure have made available in various forms since 2018 and putting it to actual use.


Prediction N: We’re So Screwed

Security? Privacy? Protection of personal information? Everything I described above—plus the countless other predictions which will come out to be true in the coming year—is going to come at the cost of your information. Not only that, but the primary motivator in each of those innovations and trends is profit, not privacy. Expect a healthy helping of hacks, breaches, and data dumps in 2020.


Just like last year.

One of the things I like most about the writing challenge is we’ve set it at a time when many of us are either “off” (because how many of us in tech are ever REALLY “off”) or at least find ourselves with a few extra compute cycles to devote to something fun. This week, more than any so far, has shown this to be true.


Despite a conspicuous absence of references to brightly colored interlocking plastic blocks, our ELI5 imaginations ran wild, from tin can telephones to poetry (with and without illustration) to libraries.


I’m thrilled with how the challenge has gone so far, and what other examples are yet to come as we finish strong next week.


21. Routing

Kevin Sparenberg—former SolarWinds customer, master of SWUG ceremonies, semi-official SolarWinds DM, and owner of many titles both official and fictitious—takes the idea of routing back to its most fundamental and builds it back up from there.


Mike Ashton-Moore  Dec 22, 2019 10:43 AM

I love this challenge—all these definitions that I can now use when a non-geek asks me what I do.


For adults—so not five-year olds, I always reverted to the sending a letter through the post office, which seems to cover it


Jeremy Mayfield  Dec 23, 2019 9:21 AM

Holly Baxley Dec 23, 2019 10:37 AM (in response to Kevin M. Sparenberg)

I use that same analogy when I explain to my unfortunate Sales Agents who work in neighborhoods with a shared DSL line. I always get calls around the holidays that the internet in their model has suddenly started crawling. It’s too hard for me to explain shared DSL lines and that we have no control over what’s put under our feet when we build houses, and that ISP’s with older cable lines will “store” up a certain amount of data per neighborhood—and depending on how heavily it’s used during the day—it can make all the difference with those…speeds UP TO 75 MBps.”


If I tried to explain how the old neighborhood DSL’s route and “borrow” data when it’s not being used by someone else, their heads would explode.


So, I use our highway as an example.


“You know how the internet’s called an Information Highway?” Well, in your neighborhood it works a lot like that. During the day, your speeds are okay because most people are at work and school. They’re not on your “information highway.” But when the holidays hit, you got kids at home streaming and gaming and suddenly your own internet’s gonna drop because now many people are on your “highway.” Just like when you get on the highway to go home—if you don’t have many people on the road, you can go the 60 – 70 mph that you’re allowed on the posted signs. But if it’s the rush hour—and cars are jammed for miles—it doesn’t matter if the posted signs say “60 mph”—you’re gonna go the same crawling 30 mph that everyone else is, because it’s jammed.


Right now—you got a heavy “rush hour” on your DSL line because there’s a lot of people in your neighborhood on it.”


What I wouldn’t give to have us all on fiber.


But such is the life of a home builder.


  1. Speedtest.net ... you’re my only friend.

I also think about it as getting to work. I know the preferred path, but due to insane drivers outside of my control, I’m sometimes forced to take alternate paths to get to the same place. If there’s an accident on the main road I take, US 301, then I might have to take the interstate 75 which is often flowing smoothly until it gets backed up then I might need to take the turnpike. Luckily for me, there’s almost no time difference in getting from home to work and vice versa, but at the end of the day, I’m only able to measure the difference in distance traveled. It’s more miles to use the I-75 and/or turnpike. So, my route is within minutes of each other, but the distance traveled to get there is much greater when I don’t get to use my preferred path.


22. Ping

When a few folks here at SolarWinds began talking about “NetFlowetry”—mostly as a silly idea—we had no idea how it would take off. THWACK MVP Thomas Iannelli’s entry shows how much the idea has caught on, and how well it can be used to make a challenging concept seem accessible.


Shmi Ka  Dec 23, 2019 6:30 AM

This is so wonderful! This is so great for non-experts in this subject. Your poem is full of visual words for a visual learner like me. Thank you!


Rick Schroeder  Dec 26, 2019 12:52 PM

We rely on ping for a lot, but we as Network Analysts understand much about pings that many other folks may not. For example, a switch or router may be humming along, working perfectly, forwarding and routing packets for users without a single issue. But pinging that switch or router may not be the best way to discover latency between that switch and any other device. This is because ICMP isn’t as important to forward or respond to as TCP traffic.


A switch or router “knows” its primary job is to forward data and reply to pings as fast as possible just isn’t as important as moving TCP packets between users. So, a perfectly good network and set of hardware may serve users quite well, but might simultaneously show varying amounts of latency. It’s because we may be monitoring a switch that’s busy doing other things; when it gets a free microsecond, it might reply to our pings. Or it might not. And users aren’t experiencing slowness or outages when the switch starts showing higher latency than it did when there was very little traffic going through it.


It’s important to not place excessive reliance on pings “to” routers or switches for this very reason.


However, you might just find pings more valuable if you ping from endpoint to endpoint instead of from monitoring station to switch or routers. The switch or router will forward the ICMP traffic nicely, and may do so much better than it will REPLY to the pings.


So, ping from a workstation to another workstation, or to a server, or server to server, instead of from a workstation to a router or switch that might have better things to do with its processing resources than reply to your ping quickly.


Greg Palgrave Dec 22, 2019 9:56 PM

Give me a ping, Vasili. One ping only, please.


23. IOPS

When explaining the speed of reads and writes, most people’s minds wouldn’t think about libraries. But THWACK MVP Jake Muszynski isn’t like most people, and his example was brilliantly, elegantly simple.


Tregg Hartley Dec 23, 2019 10:33 AM

Reads and writes per second

Is a metric measured here?

Where is the system bottleneck

Of our data we hold so dear?


Vinay BY  Dec 23, 2019 11:26 AM

IOPS—Read and write without any latency, most of us would want the data on our screen in split seconds and IOPS does contribute to it, we would always love to keep this as healthy as possible, with data pouring in we need to keep these things at scale -> IOPS, data storage, data retrieval and throughput.


George Sutherland Dec 23, 2019 12:14 PM

Well said sir... I love the book analogy.


It’s also like a puzzle... except that you get the same picture but the number of pieces in box change... sometimes 50, others 100, others 500 and some even 1000 pieces. Same view just more to consider.


Or when I mentioned your post to an accountant friend of mine.... debits=credits!!!!


24. Virtual Private Network (VPN)

THWACK MVP Matthew Reingold finds what is perhaps the most amazing, most simple, and most accurate ELI5 explanation for virtual private networks I’ve ever seen. You can bet I will be adding it to my mental toolbox.


Beth Slovick Dec 24, 2019 4:16 AM

We use VPNs for everything from connecting to the office to protecting our torrent downloads from nosy ISPs. Everyone uses a VPN these days to encrypt and protect their information from prying eyes.


Kelsey Wimmer Dec 24, 2019 10:59 AM

You could also describe it as using a water hose through a pool. You get to go through the pool, but the hose hides your data and what comes out of the pool is only what has gone through your hose.


Tregg Hartley Dec 24, 2019 11:17 AM

Open a connection between me and you

Encrypt the data before it goes through,

Then the only people who can see

The flowing data is you and me.



25. Telemetry

The word telemetry is still obscured by a healthy dose of “hand wavium” from companies and individuals who don’t understand it but want to sound impressive. – Josh Biggley, who has devoted a good portion of his career to both building systems to gather and present telemetry data; and clarifying what the word means.


Vinay BY  Dec 26, 2019 9:13 AM

To me, telemetry is to reach to a point/milestone where normal/generic process/procedure can’t -> be it collecting data, be it monitoring, be it inducing instructions or any other possible thing.


Juan Bourn Dec 26, 2019 11:05 AM

If telemetry can tell a pit crew in NASCAR exactly how the race car is behaving, it can do the same (and possibly more) for us. The idea is, as mentioned by the author, to remove the noise. What do we care about? What matters? What is measurable vs. what is observable? Finally, how do we put that into a dashboard that we can use to have an overview of everything at once? That’s where telemetry really is useful, the combined overview of all our metrics.


Brian Jarchow Dec 26, 2019 4:44 PM

I’ve known people who worked on Boeing’s Delta program and the SpaceX Falcon 9 program. In rocketry, a lot of telemetry data is the difference between “it exploded” and “here’s what went wrong.”


26. Key Performance Indicator (KPI)

If Senior UX researcher Rashmi Kakde ever thought about a second career, I’d suggest writing and illustrating tech books for kids. Her poetic story about KPI is something I plan to print and use often.


Jake Muszynski  Dec 26, 2019 10:24 AM

I have started working with KPI’s that I track for the Orion® Platform. As I delegate work to others or if I get distracted (when) I need an easy way to verify that the Orion Platform is doing what I expect it to. I have overall system health from App monitors and the “my Orion deployment” page, but what about all those things that are more like house cleaning? Things like custom properties. Unknown devices. Nodes missing polls. I build out dashboards and reports to let me know how the processes I have in place (both automated and human) are getting things done. I pull them into a PowerShell monitor from SAM via SWQL queries.

Did I have a spike in unmanaged devices? Do I need to find out why?

Do all my Windows servers have at least one disk?
Are there disks that need to be removed?

Not all of them are important, at least not right now. But once I gather stats on what we need to clean up to be current, then I choose a few significant metrics to improve. Those are my KPI’s. I look at the number for a quarter and try to improve the process and the automation to make sure stuff doesn’t fall between the cracks. And having stats over time mean that I can see if thing change and need my attention. If I make a few things better, and other stuff suffers, I change my KPI’s.


Mike Ashton-Moore  Dec 26, 2019 12:18 PM

I love, love, love this one, especially the pictures


For me the most important part of KPIs is to try to refer to them by their full name rather than the TLA.





I’ve seen several “service desk” systems that try to label ticket close rates as a KPI.

Where something is measured because it was easy to measure, not because it indicates how well the service desk is being run.

That it isn’t a Key Performance Indicator any more than MPG is a KPI for how comfortable a car is.

It’s just an interesting statistic, not a KPI.


We need to remember what Performance our Indicator is Key for highlighting to us and why it is important enough to make it “Key.”


Michael Perkins Dec 26, 2019 2:55 PM

The trick with KPIs is figuring out what is actually “key” and observable to system performance. Of course, one must begin by asking what it means that the system is performing well.


I was laid off years ago because someone “upstairs” decided to change what was key without telling anyone. I was laid off for handling fewer tickets than my colleagues. For months, if not a couple of years, I had been an unofficial escalation point—working high-priority tickets and customers. That took—with explicit approval from managers with whom I shared space—more time than ordinary tickets, so I handled fewer overall. I also would help colleagues if they had questions.


Well above those folks, it was decided that my group would have one KPI—number of tickets processed. On Friday going into Labor Day Weekend that year, I was working with a customer, who thanked me profusely, when I heard my manager (two levels above me), getting rather upset. I found out later that was when higher-ups told him I was getting laid off. I found out about 20 – 30 minutes later.


So, was processing tickets quickly the KPI? Should it have been combined with, say, customer satisfaction, perhaps measured via survey? What about some sort of metric in which the severity or difficulty of the tickets was taken into account? What was really key to the support desk’s performance?


27. Root Cause Analysis

Principal UX researcher Kellie Mecham is trying to inspire an entire new generation of UX/UI folks with her explanation, by pointing out the ability to ask questions a core skill. By way of example, she shows how enough “why” questions can uncover the root cause of any situation.


Richard Phillips  Dec 27, 2019 9:12 AM

Root cause analysis is critical to understanding the past and the why did that happen. Along with RCA I like to include the how questions of How can we prevent that in the future and How can we use this information to make things better, faster, more resilient. When asked for the root cause I like to provide not just the answer, but the value obtained from that answer.


Tregg Hartley
Dec 27, 2019 10:37 AM

Getting to the bottom of things

Is what we are looking for,

Diagnose the disease

Lease the symptoms at the door.



Brian Jarchow Dec 27, 2019 11:03 AM

Unfortunately, I have worked with people who would then take it to the level of: “Why do we need to pay? Why can’t we just have?”


A root cause analysis can only go so far, and some people have difficulty with reasonable limits.


It's been a few weeks since VMworld Europe, and that's given Sascha and me a chance to digest both the information and the vast quantities of pastries, paella, and tapas we consumed.


VMworld was held again in Barcelona this year and came two months after the U.S. convention, meaning there were fewer big, jaw-dropping, spoiler-filled announcements, but more detail-driven, fill-in-the-gaps statements to clarify VMware's direction and plans.


As a refresher, at the U.S. event, some of the announcements included:

  • VMware Tanzu – a combination of products and services leveraging Kubernetes at the enterprise level.
  • Project Pacific – related to Tanzu, this will turn vSphere into a Kubernetes native platform.
  • Tanzu Mission Control – will allow customers to manage Kubernetes clusters regardless of where in the enterprise they're running.
  • CloudHealth Hybrid – will let organizations update, migrate, and consolidate applications from multiple points in the enterprise (data centers, alternate locations, and even different cloud providers) as part of an overall cloud optimization and consolidation strategy
  • The intent to acquire Pivotal
  • The intent to acquire Carbon Black


Going into the European VMworld, one could logically wonder what else there was to say about things. It turns out there were many questions left hanging in the air after the booths were packed and the carpet pulled up and in San Francisco.


Executive Summary

VMware, since selling vCloud to OVH, started looking into other ways to diversify their business and embrace the cloud. The latest acquisitions show it’s a vision, and their earning calls show it’s a successful one. (https://ir.vmware.com/overview/press-releases/press-release-details/2019/VMware-Reports-Fiscal-Year-2020-Third-Quarter-Results/default.aspx)



At both the U.S. and Europe conventions, Tanzu was clearly the linchpin initiative around which VMware's new vision for itself revolves. While the high-level sketch of Tanzu products and services was delivered in San Francisco, in Barcelona we also heard:

  • Tanzu Mission Control will allow operators to set policies for access, backup, security, and more to clusters (either individual or groups) across the environment.
  • Developers will be able to access Kubernetes resources via APIs enabled by Tanzu Mission Control.
  • Project Pacific does more than merge vSphere and Kubernetes. It allows vSphere administrators to use tools they’re already familiar with to deploy and manage container infrastructures anywhere vSphere is running—on-prem, in hybrid cloud, or on hyperscalers.
  • Conversely, developers familiar with Kubernetes tools and processes can continue to roll out apps and services using the tools THEY know best and extend their abilities to provision to things like vSphere-supported storage on-demand.


The upshot is Tanzu and the goal of enabling complete Kubernetes functionality is more than a one-trick-pony idea. This is a broad and deep range of tools, techniques, and technologies.


Carbon Black

In September we had little more than the announcement of VMware's "intent to acquire" Carbon Black. By November the ink had dried on that acquisition and we found out a little more.

  • Carbon Black Cloud will be the preferred endpoint security solution for Dell customers.
  • VMware AppDefense and Vulnerability Management products will merge with several modules acquired through the Carbon Black acquisition.


While a lot more still needs to be clarified (in the minds of customers and analysts alike), this is a good start in helping us understand how this acquisition fits into VMware's stated intent of disrupting the endpoint security space.



The week before VMworld US, VMware announced its Q2 earnings, which included NSX adoption had increased more than 30% year over year. This growth explains the VMworld Europe announcement of new NSX distributed IDS and IPS services, as well as "NSX Federation," which let customers deploy policies across multiple data centers and sites.


In fact, NSX has come a long way. VMware offers two flavors of NSX: The well-known version, which is meanwhile called NSX Data Center for vSphere, and the younger sibling NSX-T Data Center.

The vSphere version continuously improved in two areas preventing a larger adoption; the user experience and security and is nowadays a matured and reliable technology.

NSX-T has been around for two years or so, but realistically it was always behind in features and not as valuable. As it turns out, things have changed, and NSX-T fits well into the greater scheme of things and is ready to play with the other guys in the park, including Tanzu and HCX.



Pivotal was initially acquired by EMC, and EMC combined it with assets from another acquisition: VMware. Next, Dell acquired EMC, and a little later both VMware and Pivotal became individual publicly traded companies with DellEMC remaining as the major shareholder. And now, in 2019, VMware acquired Pivotal.


One could call that an on/off relationship, similar to the one cats have with their owners servants. It’s complicated.


Pivotal offers a SaaS solution to create other SaaS solutions, a concept which comes dangerously close to Skynet, minus the self-awareness and murder-bots.


But the acquisition does makes sense, as Pivotal Cloud Foundry (PCF) runs on most major cloud platforms, and on vSphere, and (to no one's surprise), Kubernetes.


PCF allows developers to ignore the underlying infrastructure and is therefore completely independent from the type of deployment. It will help companies in their multi-cloud travels, while still allowing them to remain a VMware customer.


New Announcements

With all of that said, we don't want you to think there was nothing new under the unseasonably warm Spanish sun. In addition to the expanded information above, we also heard about a few new twists in the VMware roadmap:

  • Project Galleon will see the speedy delivery of an app catalog with greater security being key.
  • VMware Cloud Director service was announced, giving customers multi-tenant capabilities in VMware Cloud on AWS. This will allow Managed Service Providers (MSPs) to share the instances (and costs) of VMware Cloud on AWS across multiple tenants.
  • Project Path was previewed.
  • Project Maestro was also previewed—a telco cloud orchestrator designed to deliver a unified approach to modelling, onboarding, orchestrating, and managing virtual network functions and services for Cloud Service Providers.
  • Project Magna, another SaaS-based solution, was unveiled. This will help customers build a “self-driving data center” by collecting data to drive self-tuning automations.


Antes Hasta Tardes

Before we wrap up this summary, we wanted to add a bit of local color for those who live vicariously through our travels.


Sascha loved the “meat with meat” tapas variations and great Spanish wine. Even more so, as someone who lives in rainy Ireland, I enjoyed the Catalan sun. It was fun to walk through the city in a t-shirt while all the locals consider the temperature in November as barely acceptable.

Similarly, Leon, (who arrived in Barcelona three days after it had started snowing back home) basked in the warmth of the region and of the locals willing to indulge his rudimentary Spanish skills; and basked equally in the joy of kosher paella and sangria.


Until next time!

We’re more than halfway through the challenge now, and I’m simply blown away by the quality of the responses. While I’ve excerpted a few for each day, you really need to walk through the comments to get a sense of the breadth and depth. You’ll probably hear me say it every week, but thank you to everyone who has taken time out of their day (or night) to read, reply, and contribute.


14. Event Correlation

Correlating events—from making a cup of coffee to guessing at the contents of a package arriving at the house—is something we as humans do naturally. THWACK MVP Mark Roberts uses those two examples to help explain the idea that, honestly, stymies a lot of us in tech.


Beth Slovick Dec 16, 2019 9:46 AM

Event Correlation is automagical in some systems and manual in others. If you can set it up properly, you can get your system to provide a Root Cause Analysis and find out what the real problem is. Putting all those pieces together to set it up can be difficult in an ever-changing network environment. It is a full-time job in some companies with all the changes that go on. The big problem there is getting the information in a timely manner.


Richard Phillips  Dec 17, 2019 1:02 PM

She’s a “box shaker!” So am I.


Flash back 20 years—a box arrives just before Christmas. The wife and I were both box shakers and proceed to spend the next several days, leading up to Christmas, periodically shaking the box and trying to determine the contents. Clues: 1) it’s light 2) it doesn’t seem to move a lot in the box 3) the only noise it makes is a bit of a scratchy sound when shaken.


Finally Christmas arrives and we anxiously open to the package to find a (What was previously very nice) dried flower arrangement—can you imagine what happens to a dried flower arrangement after a week of shaking . . .

Matt R  Dec 18, 2019 12:57 PM

I think of event correlation like weather. Some people understand that dark clouds = rain. some people check the radar. Some people have no idea unless the weather channel tells them what the weather will be.


15. Application Programming Interface (API)

There’s nobody I’d trust more to explain the concept of APIs than my fellow Head Geek Patrick Hubbard—and he did not disappoint. Fully embracing the “Thing Explainer” concept—one of the sources of inspiration for the challenge this year—Patrick’s explanation of “Computer-Telling Laws” is a thing of beauty.


Tregg Hartley Dec 15, 2019 11:37 AM

I click on an icon

You take what I ask,

Deliver it to

The one performing the task.


When the task is done

And ready for me,

You deliver it back

In a way I can see.


You make my life easier

I can point, click and go,

You’re the unsung hero

and the star of the show.


Vinay BY  Dec 16, 2019 5:45 AM

API to me is a way to talk to a system or an application/software running on it, while we invest a lot of time in building that we should also make sure it’s built with standards and rules/laws in mind. Basically we shouldn’t be investing a lot of time on something that can’t be used.


Dale Fanning Dec 16, 2019 9:36 AM

In many ways an API is a lot like human languages. Each computer/application usually only speaks one language. If you speak in that language, it understands what you want and will do that. If you don’t, it won’t. Just like in the human world, there are translators for computers that know both languages and can translate back and forth between the two so each can understand the other.


16. SNMP

Even though “simple” is part of its name, understanding SNMP can be anything but. THWACK MVP Craig Norborg does a great job of breaking it down to its most essential ideas.


Jake Muszynski  Dec 16, 2019 7:16 AM

SNMP still is relevant after all these years because the basics are the same on any device with it. Most places don’t have just one vendor in house. They have different companies. SNMP gets out core monitoring data with very little effort. Can you get more from SNMP with more effort? Probably. Can other technologies get you real time data for specialty systems? Yup, there is lots of stuff companies don’t put in SNMP. But that’s OK. Right up there with ping, SNMP is still a fundamental resource.


scott driver Dec 16, 2019 1:38 PM

SNMP: Analogous to a phone banking system (these are still very much a thing btw).


You have a Financial Institution (device)

You call in to an 800# (an oid)

If you know the right path you can get your balance (individual metric)


However when things go wrong, the fraud department will reach out to you (Trap)


Tregg Hartley Dec 17, 2019 12:10 PM

Sending notes all of the time

For everything under the sun,

The task is never ending

And the Job is never done.


I can report on every condition

I send and never look back,

My messages are UDP

I don’t wait around for the ACK.


17. Syslog

What does brushing your teeth have to do with an almost 30-year-old messaging protocol? Only a true teacher—in this case the inimitable “RadioTeacher” (THWACK MVP Paul Guido)—could make something so clear and simple.


Faz f Dec 17, 2019 4:54 AM

Like a diary for your computer


Juan Bourn Dec 17, 2019 11:24 AM

A way for your computer/server/application to tell you what it was doing at an exact moment in time. It’s up to you to determine why, but the computer is honest and will tell you what and when.


18. Parent-Child

For almost 20 days, we’ve seen some incredible explanations for complex technical concepts. But for day 18, THWACK MVP Jez Marsh takes advantage of the concept of “Parent-Child” to remind us our technical questions and challenges often extend to the home, but at the end of the day we can’t lose sight of what’s important in that equation.


Jeremy Mayfield  Dec 18, 2019 7:41 AM

Thank you, this is great. I think of the parent-Child as one is present with the other. As the child changes the parent becomes more full, and eventually when the time is right the child becomes a parent and the original parent may be no more.


The Parent-Child Relationship is one that nurtures the physical, emotional and social development of the child. It is a unique bond that every child and parent will can enjoy and nurture. ... A child who has a secure relationship with parent learns to regulate emotions under stress and in difficult situations.


Dale Fanning Dec 18, 2019 8:36 AM

I’m a bit further down the road than you, having launched my two kids a few years ago, but I will say that the parent-child relationship doesn’t change even then, although I count them more as peers than children now. I’m about to become a grandparent for the first time, and our new role is helping them down the path of parenthood without meddling too much hopefully. It’s only much later that you realize how little you knew when you started out on the parent journey.


Chris Parker Dec 18, 2019 9:37 AM

In keeping with the IT world:


This is the relationship much like you and your parent.


You need your parents/guardians in order to bring you up in this world and without them you might be ‘orphaned’

Information on systems sometimes need a ‘Parent’ in order for the child to belong

You can get some information from the Child but you would need to go to the Parent to know where the child came from

One parent might have many children who then might have more children but you can follow the line all the way to the beginning or first ‘parent’


19. Tracing

I’ve mentioned before how LEGO bricks just lend themselves to these ELI5 explanations of technical terms, especially as it relates to cloud concepts. In this case, Product Marketing Manager Peter Di Stefano walks through the way tracing concepts would help troubleshoot a failure many of us may encounter this month—when a beloved new toy isn’t operating as expected.


Chris Parker Dec 19, 2019 4:57 AM

Take apart the puzzle until you find the piece that is out of place


Duston Smith Dec 19, 2019 9:26 AM

I think you highlight an important piece of tracing—documentation! Just like building LEGOs, you need a map to tell you what the process should be. That way when the trace shows a different path you know where the problem sits.


Holly Baxley Dec 19, 2019 10:15 AM

Hey Five-year-old me,


Remember when I talked about Event Correlation a while back and told you that it was like dot to dot, because all the events were dots and if you connected them together you can see a clearer “picture” of what’s going on?


Well, today we’re going to talk about Tracing, which “seems” like the same thing, but it isn’t.


See in Event Correlation you have no clue what the picture is. Event Correlation’s job is to connect events together, so it can create as clear a picture as it can of the events to give you an outcome. Just remember, Event Correlation is only as good as the information that’s provided. If events (dots) are left out—the picture is still incomplete, and it takes a little work to get to the bottom of what’s going on.


In tracing—you already know what the picture is supposed to look like.


Let’s say you wanted to draw a picture of a sunflower.


Your mom finds a picture of the sunflower on the internet and she prints it off for you.


Then she gives you a piece of special paper called “vellum” that’s just the right amount of opaque (a fancy term for see-through) paper, so you can still see the picture of the sunflower underneath it. She gives you a pencil so you can start tracing.


Now in tracing does it matter where you start to create your picture?


No it doesn’t.


You can start tracing from anywhere.


In dot-to-dot, you can kinda do the same thing if you want to challenge yourself. It’s not always necessary to start at dot 1, and if you’re like me (wait...you are me)...you rarely find dot 1 the first time anyway. You can count up and down to connect the dots and eventually get there.


Just remember—in this case, you still don’t know what the picture is and that’s the point of dot to dot—to figure out what the picture is going to be.


In tracing—we already know what the picture either is, or at least is supposed to look like.


And just like in tracing, once you lift your paper off the picture, you get to see—did it make the picture that you traced below?


If it didn’t—you can either a) get a new sheet and try again or b) start with where things got off track and erase it and try again.


To understand tracing in IT, I want you to think about an idea you’ve imagined. Close your eyes. Imagine your picture in your mind. Do you see it?


  1. Good.


We sometimes say that we can “picture” a solution, or we “see” the problem, when in reality, a problem can be something that we can’t really physically see. It’s an issue we know is out there: e.g., the network is running slow and we see a “picture” of how to fix it in our mind; a spreadsheet doesn’t add up right like it used to, and we have a “picture” in our mind of how it’s supposed to behave and give the results we need.


But we can’t physically take a piece of paper and trace the problem.


We have programs that trace our “pictures’ for us and help us see what went right and what went wrong.


Tracing in IT is a way to see if your program, network, spreadsheet, document, well...really anything traceable did what it was supposed to do and made the “picture” you wanted to see in the end.


It’s a way to fix issues and get the end result you really want.


Sometimes we get our equipment and software to do what it’s supposed to, but then we realize—it could be even BETTER, and so we use tracing to figure out the best “path” to take to get us there.


That would be like deciding you want a butterfly on your Sunflower, so your mom prints off a butterfly for you and you put your traced Sunflower over the butterfly and then decide what’s the best route to take to make your butterfly fit on your sunflower the way you want it.


And just like tracing—sometimes you don’t have to start at the beginning to get to where you want to be.


If you know that things worked up to a certain point but then stopped working the way you want, you can start tracing right at the place where things aren’t working the way you want. You don’t always have to start from a beginning point. This saves time.


There’s lots of different types of tracing in IT. Some people trace data problems on their network, some people trace phone problems on their network, some trace document and spreadsheet changes on their files, some trace database changes. There’s all sorts of things that people can trace in IT to either fix a problem or make something better.


But the end question of tracing is always the same.


Did I get what I “pictured?”


And if the answer is “yes” - we stop and do the tech dance of joy.


It’s a secret dance.


Someday, I’ll teach you.


20. Information Security

THWACK MVP Peter Monaghan takes a moment to simply and clearly break down the essence of what InfoSec professionals do, and to put it into terms that parents would be well-advised to use with their own kids.


(while I don’t normally comment on the comments, I’ll make an exception here)

In the comments, a discussion quickly started about whether using this space to actually explain infosec (along with the associated risks) TO a child was the correct use of the challenge. While the debate was passionate and opinionated, it was also respectful and I appreciated that. Thank you for making THWACK the incredible community that it has grown to be!


Holly Baxley Dec 20, 2019 3:18 PM (in response to Jeremy Mayfield)

I think Daddy's been reading my diary

He asks if I'm okay

Wants to know if I want to take walks with him

Or go outside and play


He tells Mommy that he's worried

There's something wrong with me

Probably from reading things in the diary

Things he thinks he shouldn't see


But I'll tell you a little secret

That diary isn't real

I scribbled nonsense in that journal

And locked away the one he can't steal


If Daddy was smart he woulda noticed

Something he's clearly forgot

Never read a diary covered with Winnie the Poo

Whose head is stuck in the Honeypot.


Jon Faldmo Dec 20, 2019 1:27 PM

I haven't thought of how information security applies or is in the same category as privacy and being secure online. I have always thought of Information Security in the context of running a business. It is the same thing, just usually referenced differently. Thanks for the write up.


Tregg Hartley Dec 20, 2019 3:33 PM

The OSI model

Has seven layers,

But it leaves off

The biggest players.


The house is protected

By the people inside,

We are all on watch

As such we abide.


To protect our house

As the newly hired,

All the way

To the nearly retired.

As we head into the new year, people will once again start quoting a popular list describing the things kids starting college in 2020 will never personally experience. Examples of these are things like “They’re the first generation for whom a ‘phone’ has been primarily a video game, direction finder, electronic telegraph, and research library.” And “Electronic signatures have always been as legally binding as the pen-on-paper kind.” Or most horrifying, “Peanuts comic strips have always been repeats.”


That said, it’s also interesting to note the things fell into obsolescence over the last few decades. In this post, I’m going to list and categorize them, and add some of my personal thoughts about why they’ve fallen out of vogue, if not use.


It’s important to note many of these technologies can still be found “in the wild”—whether because some too-big-to-fail, mission-critical system depends on it (c.f. the New York Subway MetroCard system running on the OS/2 operating system—https://www.vice.com/en_us/article/zmp8gy/the-forgotten-operating-system-that-keeps-the-nyc-subway-system-alive); or because devotees of the technology keep using it even though newer, and ostensibly better, tech has supplanted it (such as laserdiscs and the Betamax tape format*).


Magnetic Storage

This includes everything from floppy disks (whether 10”, 8”, 5.25”, or 3.5”), video tapes (VHS or the doubly obsolete** Betamax), DAT, cassette tapes or their progenitor reel-to-reel, and so on.


The reason these technologies are gone is because they weren’t as good as what came after. Magnetic storage was slow, prone to corruption, and often delicate and/or difficult to work with. Once a superior technology was introduced, people abandoned these as fast as they could.


Disks for Storage

This category includes the previously-mentioned floppy disks, but extends to include CDs, DVDs, and the short-lived mini-disks. All have—by and large—fallen by the wayside.


The reason for this is less because these technologies were bad and/or hard to use, per se (floppies notwithstanding) but because what came after—flash drives, chip-based storage, SSD, and cloud storage, to name a few—were so much better.


Mobile Communications

Since the introduction of the original cordless phone in 1980, mobile tech has become both ubiquitous and been an engine of societal and technological change. But not everything invented has remained with us. Those cordless phones I mentioned are a good example, as are pagers and mobile phones that are JUST phones and nothing else.


It’s hard to tell how much of this is because the modern smartphone was superior to its predecessors, and how much was because the newest tech is so engaging—both in terms of the features it contains and the social cachet it brings.


Portable Entertainment

Once a juggernaut in the consumer electronics sector, the days of Walkman, Discman, and portable DVD players has largely ended.


In one of the best examples of the concept of “convergence,” smartphone features have encompassed and made obsolete the capabilities once performed by any and all those mobile entertainment systems.


School Tech

There was a range of systems which were staples in the classroom until relatively recently: if the screen in the classroom came down, students might turn their attention to information emanating from an overhead projector, a set of slides, a filmstrip, or even an actual film.


Smartboards, in-school media servers, and computer screen sharing all swooped in to make lessons far more dynamic, interactive, and (most importantly) simple for the teacher to prepare. And no wonder, since no teacher in their right mind would go back to the long hours drawing overhead cells in multiple marker colors, only to have that work destroyed by a wayward splash of coffee.


A Short List of More Tech We Don’t See (Much) Any More:

  • CRT displays
  • Typewriters
  • Fax machines (won’t die, but still)
  • Public phones
  • Folding maps
  • Answering machines

What other tech or modern conveniences of a bygone era do you miss—or at least notice is missing? Talk about it in the comments below.


* Ed. note: Betamax was far superior, especially for TV usage, until digital records became commercially acceptable from a budget perspective, thankyouverymuch. Plus, erasing them on the magnet thingy was fun.

** Ed. note: Rude.

Week 2 of the challenge has brought even more insights and wisdom than I imagined - although I should have expected it, given how incredible the THWACK community is day after day, year in and year out. As a reminder, you can find all the posts here: December Writing Challenge 2019.


I also wanted to take a moment to to talk about the flexibility of the ELI5 concept. If you have a child, or have been around a child, or ever were a child, you’re probably acutely aware no two kids are exactly alike. Therefore, “Explain Like I’m Five” (ELI5) implicitly allows for a range of styles, vocabularies, and modalities. Like some of the best ideas in IT (or at least the ones making the most impact), there’s not a single, correct way to “do” explain-it-simply. ELI5 is not a single standard, it’s a framework, a way of approaching a task. Explanations can use simple words; or present simple concepts using more sophisticated words; or use examples familiar to a child; or even be presented in pictures instead of words. Because the best thing about explaining something simply is there are many ways to do it.


With that said, here are the featured words words and lead writers for this week, and some of the notable comments from each day.



7. Troubleshoot

Kicking off the second week of the challenge, THWACK MVP Nick Zourdos tackles one of the most common tasks in IT—one of the things we most hate to do, and yet also one of the skills we take most pride in.


Jake Muszynski  Dec 7, 2019 6:53 PM

In IT the ability to troubleshoot problems will set you apart. So many people I have worked with go in circles or have no idea how to move forward to resolve issues. Starting with ruling out the things that are right, and listing what you don’t know goes a long way to a resolution.


Tregg Hartley Dec 8, 2019 4:33 PM

Understanding how things work

Is at the very core,

Of knowing how to troubleshoot

And doing well, this chore.



Knowing which tools to use

Will also help with this,

To localize the issue

And return to cyber bliss.


Thomas Iannelli  Dec 10, 2019 11:46 AM

SUZIE: Uncle Tom?

TOM: Yes Suzie.

SUZIE: Mom says you troubleshoot computers. What’s troubleshoot?

TOM: Well Suzie, see Alba over there?

SUZIE: uh huh

TOM: See how she is just laying there?

SUZIE: uh huh

TOM: Is she sleeping or dead?


TOM: How can you tell she is not dead?

SUZIE: I can see her chest moving.

TOM: What else?

SUZIE: When I squeak this toy her head will pop up, watch.

[Suzie squeaks the toy, but Alba doesn’t move.]

TOM: Oh, no Suzie Alba didn’t move. What next?

SUZIE: I’ll give her a treat.

[Suzie repeatedly says Alba’s name and offers a treat, but Alba is not interested.]

TOM: Oh, no Suzie Alba didn’t move again! I think I know a good way to test if she is still alive.

TOM: Hey, Alba do you want to go for a ride?

[At which point Alba jumps up, almost knocking Suzie over, and heads toward the garage door.]

TOM: You see Suzie, troubleshooting is like trying to answer the question whether Alba was alive or dead. It is a problem to be solved. You did very good things to find out if she was alive and kept trying. Sometimes it just takes someone with a little more experience who knows the right question to ask or thing to do in order to solve a problem. That is the same thing I do when I troubleshoot computers. But see next time you will know to simply ask if Alba wants to go for a ride, we all learn from each other.

SUZIE: Uncle Tom, I also learned not to get between Alba and the garage door when you ask her if she wants to go for a ride!

[They both laugh and go take Alba for a ride around the neighborhood. Otherwise she will stand by the garage door barking for the next 30 minutes, definitely letting everyone know she is alive.]


  1. 8. Virtualization

The second word of the week has—as many of the commenters said—completely changed the nature of IT for many of us. SolarWinds SE Colin Baird gives a simple, but not simplistic, explanation of what and how this technology has been so transformative.


Faz f Dec 9, 2019 4:10 AM

I have a very big Cardboard box, too big for me, cardboard, Scissors and sellotape.

My friend comes and also wants a box,

I get the cardboard, scissors and sellotape and make my friend a box inside my box,

My box is still too big for me.


Another friend comes who wants a box.

I get the cardboard, scissors and sellotape and make my friend another box inside my box,

Next to my first box.

My box is still too big for me.


Another friend comes who wants a box.

I get the cardboard, scissors and sellotape and make my friend another box inside my box,

Next to the other boxes.

I think my box is now just right for me,

My friends are having fun in their Visualisation of a box.


George Sutherland Dec 9, 2019 8:29 AM

The pie analogy is perfect. Virtualization is the natural progression of computing....

I also think that virtualization is “divide and conquer” a large box can support a number of smaller boxes, each solving a needed business problem.


scott driver Dec 9, 2019 12:01 PM

Thank you for getting back to the ELI5 approach.


Virtualization: Computers running inside other computers


  1. 9. Cloud Migration

THWACK MVP Holger Mundt kicks of a series of days focusing not only on cloud-based technologies and techniques, but also featuring those little plastic blocks kids (of all ages) love to play with to build new things, worlds, and dreams.


Chris Parker Dec 9, 2019 3:29 AM

All your precious items

Saved at home

Under your care, in your hands


But in time there are too many

Not enough space

A single collection

A risk, danger


A solution, though not always best

Someone else to take care for you

The burden lifted from your hands

A Gringotts in the sky


A cost attached

But sometimes needed

Safest option to suit most needs


But be warned

The goblins can be tricky

The cloud unmanaged

A cost too big


Control passed over

Hard to return


Sascha Giese  Dec 9, 2019 3:51 AM

Not gonna migrate my LEGO Super Star Destroyer!


Michael Perkins
Dec 9, 2019 8:50 AM

I am old enough (barely) to remember when computers were usually big machines in central locations accessed via dumb terminals. The big machine’s owner or administrator sold or doled out resources to you: storage, processor time, etc. I grew up through the PC revolution—the first box on which I actually worked was a 6k Commodore PET (one for the whole school), followed quickly by an Apple IIe (one in each classroom). My first home PC was the 128k Mac—the same one advertised on the ‘1984’ Super Bowl ad. I’ve used various flavors of DOS, Linux/UNIX, MacOS, and Windows through grade school, high school, undergraduate and graduate work, home and employment.


Now, everyone is migrating to the cloud. The big machine at the other end is a lot more complex: more redundant, better connected, faster. It offers additional services than the old ones, at least if you purchase the right ‘aaS.’ At its heart though, we are going back to paying for processor cycles, storage, and connectivity to it.


Everything old is new again.


  1. 10. Container

David Wagner is one of the product managers for the team building and supporting SolarWinds solutions for the cloud, so it makes sense for him to tackle this word.


Kelsey Wimmer Dec 10, 2019 12:21 PM

In some ways, it’s like keeping the forks, knives, and spoons in one drawer that has dividers rather than keeping forks, knives, and spoons in different drawers. That last part sounds silly, but that’s exactly what people who developed containers thought.


Rick Schroeder  Dec 10, 2019 4:52 PM

Some containers let us manage many smaller items that are put into groups, and it’s a huge time-saver, and very powerful. Rather than contacting 100,000 soldiers individually, one might contact “The army” container. Or one of several Corps, Divisions, Brigades or Regiments, Battalions, Companies, Platoons, right down to squads. Managing by containers, or by groups, is part of what makes Active Directory powerful—or ridiculously complex and inefficient, depending on one’s great planning and experience—or the lack thereof.


Other containers are computer environments that are isolated from other systems, and that allow us to execute commands without impacting resources that should NOT be disturbed. Containers can make installing/running apps on a Linux server simpler and more uniform. And that makes for faster deployment and better security.


Matt R  Dec 11, 2019 10:31 AM

Ha, this is perfect. My child has a specific definition of containers, as well. We had this conversation last year:


(daughter): Mommy, will you sit in the trash can (next to potty) while I go potty?

(mom): People don’t sit in the trash

(daughter): Except for when they die, then we throw them in the trash

(mom): We don’t throw dead people away

(daughter): Oh, only animals. What do we do with dead people?


So, be careful what you define as a container or it may end up with some...unwanted results.


Laura Desrosiers Dec 11, 2019 11:49 AM

I keep everything as neat, clean and simple as possible. I don’t like to over complicate things and everything has its place.


  1. 11. Orchestration

Another day of cloud-based topics, and product manager Dave Wagner is back to explain how yesterday’s word and todays fit together to create a more automated environment.


Anthony Hoelscher Dec 11, 2019 12:22 PM

Another way to imagine this is baking a cake. It’s awfully hard to find a substitute for an egg when you are out. All the ingredients must be added within a certain time to be effective. There are certain sub tasks that must be completed to achieve a delicious cake, you beat the egg before you add it to your working recipe, and you always crack it open, careful not to lose any shell in the batter.

Everything has its place, and recipes help achieve the same result, don’t leave out the eggs.


Holly Baxley Dec 11, 2019 12:59 PM (in response to Dave Wagner)

Workflow: Mom’s before-bed-to-do-list

Orchestration: Mom directing all of us to do our tasks before bed


Jason Scobbie Dec 11, 2019 12:46 PM

Automation is a great thing... Combining these tasks and process through orchestration is the difference between fixing things for an Engineer or small team to turning it into an Enterprise wide improvement. When you can automate a change, but also the change ticket, taking the device in/out of monitoring, pre/post change verification, and NOC notification all by a single click to start is a key to greatness.


  1. 12. Microservices

For this cloud-centric term, SolarWinds product manager Melanie Achard once again invoked the (practically) holy LEGO concept, to great effect.


Jeremy Mayfield  Dec 12, 2019 8:33 AM

Of course I am a fan of the Lego analogies. Great way to explain this. Just to be different today, right from Google: The honeycomb is an ideal analogy for representing the evolutionary microservices architecture. In the real world, bees build a honeycomb by aligning hexagonal wax cells. They start small, using different materials to build the cells. Construction is based on what is available at the time of building. Repetitive cells form a pattern and result in a strong fabric structure. Each cell in the honeycomb is independent but also integrated with other cells. By adding new cells, the honeycomb grows organically to a big, solid structure. The content inside each cell is abstracted and not visible outside.


Kelsey Wimmer Dec 12, 2019 9:27 AM

A microservice is a small program that does one job but does it really well. It doesn’t try to do everything. Just its job. It needs to communicate with other programs but it doesn’t do their jobs. You can put a bunch of microservices together and do even bigger things.


Holly Baxley Dec 12, 2019 10:54 AM

Hey Five-year-old me,


Do you remember the Power Rangers? How cool they are? Remember how you always wished you were the Pink Ranger, even though you were told the Green Ranger was always the strongest? You thought gymnastic skills could kick butt over raw brawn any day.


Well, keep that in your mind, as we talk about IT Microservices.


Just like each Power Ranger can stand on its own and have its own cool robot technology without affecting anyone else, each Ranger can take their powers and robots and add it to each other to make one HUGE super cool mega Ranger that can fight any beast.


Sometimes the Rangers had to work independently to root out the bad guys, and sometimes it takes a very big robot as a unified team to really tackle some big battles.


Microservices work like that in IT.


Each Microservice can stand on its own, like each Power Ranger. It can have its own skills, be upgraded independently, and get some really cool features—without affecting anyone else.


Each Microservice is very specific, just like a Power Ranger has very specific powers and skills it brings to the team.


But what’s cool is if you take several of these microservices and connect them together, they morph into a bigger application—just like the Power Rangers could morph into one unified giant robot ranger. This bigger application can tackle some giants that other applications and software on its own can’t.


Maybe that’s why giants such as Amazon and Netflix use Microservices in their IT architecture.


Maybe they should really call microservices: “Mighty Morphin’ Microservices!”


Yes, I suppose the nano-bots on Tony Stark’s Iron Man suit are microservices too. Maybe Tony uses microservices to create the nano-bots to do what they do to form Iron Man’s suit. You think?


  1. 13. Alert

For the last word of the week, THWACK MVP Adam Timberley gave us what amounts to D&D character cards, explaining the different personas that you may meet when working with alerts.


Faz f Dec 13, 2019 6:54 AM

Alerts you know,

Your Alarm clock in the Morning (this could be Mum)

When Dad is cooking and the oven beeps and dinner is ready!

At School when the dinner bell rings and you can play outside.

This are all Alerts you know


Mike Ashton-Moore Dec 13, 2019 9:24 AM

holy smokes, I read that and kept expecting a truncated post message

Love the detail and the archetypes - and recognize many of them, I have examples of most of them in my team.

My problem with alerts is what the intended use is.

I would advice going to the googles and searching "Red Dwarf Blue Alert"

I love my Trek/Wars etc, but Red Dwarf is aimed squarely at grown ups


George Sutherland Dec 13, 2019 1:00 PM

Alert: SHIELDS UP!!!!!


  1. Seriously.. Instinctively it's the fight or flight dilemma we face when confronted with the barrage of atomic particle pieces of information.


(great graphics and analysis of the people types involved.... WELL DONE!)


I use the STEP technique

Survey the situation

Take the appropriate action based on what is presented

Evaluate your response

Prepare for the next situation

The 2019 Writing Challenge got off to an amazing start and I’m grateful to everyone who contributed their time, energy, and talent both as the lead writers and commenters. The summary below offers up just a sample of the amazing and insightful ways in which IT pros break down difficult concepts and relate them—not just to five-year-olds, but to folks of any age who need to understand something simply and clearly.


Day 1: Monitoring—Leon Adato

I had the privilege of kicking off the challenge this year, and I felt there was no word more appropriate to do so with than “monitoring”


Jeremy Mayfield  Dec 1, 2019 8:27 AM


Great way to start the month. I was able to understand it. You spoke to my inner child, or maybe just me as I am now...... Being monitored is like when the kids are at Grandma’s house playing in the yard, and she pretends to be doing dishes watching everything out the kitchen window.


Rick Schroeder  Dec 2, 2019 2:30 AM

Are there cases when it’s better NOT to know? When might one NOT monitor and thereby provide an improvement?


I’m not talking about not over-monitoring, nor about monitoring unactionable items, nor alerting inappropriately.


Sometimes standing something on its head can provide new insight, new perspective, that can move one towards success.


Being able to monitor doesn’t necessarily mean one should monitor—or does it?


When is it “good” to not know the current conditions? Or is there ever a time for that, assuming one has not over-monitored?


Mathew Plunkett Dec 2, 2019 8:35 AM

rschroeder asked a question I have been thinking about since THWACKcamp. It started with the question “Am I monitoring elements just because I can or is it providing a useful metric?” The answer is that I was monitoring some elements just because it was available and those were removed. The next step was to ask “Am I monitoring something I shouldn’t?” This question started with looking for monitored elements that were not under contract but evolved into an interesting thought experiment. Are there situations in which we should not be monitoring an element? I have yet to come up with a scenario in which this is the case, but it has helped me to look at monitoring from a different perspective.


Day 2: Latency –Thomas LaRock

Tom’s style, and his wry wit, is on full display in this post, where he shows he can explain a technical concept not only to five-year-olds, but to preteens as well.


Thomas Iannelli  Dec 2, 2019 12:02 PM

In graduate school we had an exercise in our technical writing class where we took the definition and started replacing words with their definitions. This can make things simpler or it can cause quite a bit of latency in transferring thoughts to your reader.


Latency -

  • The delay before a transfer of data begins following an instruction for its transfer.
  • The period of time by which something is late or postponed before a transfer of data begins following an instruction for its transfer.
  • The period of time by which something causes or arranges for something to take place at a time later than that first scheduled before a transfer of data begins following an instruction for its transfer.
  • The period of time by which something causes or arranges for something to take place at a time later than that first arranged or planned to take place at a particular time before a transfer of data begins following an instruction for its transfer.
  • The period of time by which something causes or arranges for something to take place at a time later than that first arranged or planned to take place at a particular time before an act of moving data to another place begins following an instruction for its moving of data to another place.
  • The period of time by which something causes or arranges for something to take place at a time later than that first arranged or planned to take place at a particular time before an act of moving the quantities, characters, or symbols on which operations are performed by a computer, being stored and transmitted in the form of electrical signals and recorded on magnetic, optical, or mechanical recording media to another place begins following an instruction for its moving of the quantities, characters, or symbols on which operations are performed by a computer, being stored and transmitted in the form of electrical signals and recorded on magnetic, optical, or mechanical recording media to another place.
  • The period of time by which something causes or arranges for something to take place at a time later than that first arranged or planned to take place at a particular time before an act of moving the quantities, characters, or symbols on which operations are performed by a computer, being stored and transmitted in the form of electrical signals and recorded on magnetic, optical, or mechanical recording media to another place begins following a code or sequence in a computer program that defines an operation and puts it into effect for its moving of the quantities, characters, or symbols on which operations are performed by a computer, being stored and transmitted in the form of electrical signals and recorded on magnetic, optical, or mechanical recording media to another place.


.....and so on


Juan Bourn Dec 2, 2019 1:39 PM

I think I am going to enjoy these discussions this month. I have a hard time explaining things without using technical terms sometimes. Not because I don’t understand them (i.e., Einstein’s comment), but because I sometimes think only in technical terms. It’s honestly what I understand easiest. For me, latency is usually associated as a negative concept. It’s refreshing to hear it discussed in general terms, as in there’s latency in everything. Like many things in IT, it’s usually only brought to light or talked about if there’s a problem with it. So latency gets a bad rep. But it’s everywhere, in everything.


Jake Muszynski  Dec 2, 2019 10:42 AM

Hold on, I will reply to this when I get a chance.


Day 3: Metrics–Sascha Giese

One of my fellow Head Geek’s passions is food. Of course he uses this context to explain something simply.


Mark Roberts  Dec 4, 2019 9:49 AM

The most important fact in the first line is that to make a dough that will perform well for a pizza base a known amount of flour is necessary. This is the baseline, 1 pizza = 3.5 cups. If you needed to make 25 pizzas you now know how to determine how much flour you need 25 x 3.5 = A LOT OF PIZZA


Dale Fanning Dec 4, 2019 11:54 AM

Why metrics are important—those who fail to learn from history are doomed to repeat it. How can you possibly know what you need to be able to do in the future if you don’t know what you’ve done in the past?


Ravi Khanchandani  Dec 4, 2019 8:08 AM

Are these my School Grades

Metrics are like your Report cards—giving you grades for the past, present & future (predictive grades).

Compare the present ratings with your past and also maybe the future

Different subjects rated and measured according to the topics in the subjects


Day 4: NetFlow—Joe Reves

What is remarkable about the Day 4 entry is not Joe’s mastery of everything having to do with NetFlow, it’s how he encouraged everyone who commented to help contribute to the growing body of work known as “NetFlowetry.”


Dale Fanning Dec 5, 2019 9:27 AM

I think the hardest thing to explain about NetFlow is that all it does is tell you who has been talking to who (whom? I always forget), or not, as the case may be, and *not* what was actually said. Sadly when you explain that they don’t understand that it’s still quite useful to know and can help identify where you may need to look more deeply. If it was actual packet capture as something you’d be buried in data in seconds.


Farhood Nishat Dec 5, 2019 8:43 AM

They say go with the flow

but how can we get to know what is the current flow

for that we pray to god to lead us towards the correct flow

but when it comes to networks and tech

we use the netflow to get into that flow

cause a flow can be misleading

and we cant just go with the flow


George Sutherland Dec 4, 2019 12:23 PM

NetFlow is like watching the tides. The EBB and flow, the high and low.


External events such as the moon phases and storms in tides are replaced by application interactions, data transfers, bandwidth contention and so on.


Know what is happening is great, but the real skill is creating methods that deal with the anomalies as they occur.


Just another example of why our work is never boring!


Day 5: Logging–Mario Gomez

Mario is one of our top engineers and every day, he finds himself explaining technically complex ideas to customers of all stripes. This post shows he’s able to do it with humor as well.


Mike Ashton-Moore  Dec 6, 2019 10:08 AM

I always loved the Star Trek logging model.

If the plot needed it then the logs had all the excruciating detail needed to answer the question.

But security was so lax (what was Lt Worf doing all this time?)

So if the plot needed it, Lt Worf and his security detail were on vacation and the logs only contained no useful information.


However, the common thread was that logs only ever contained what happened, never why.


Michael Perkins Dec 5, 2019 5:14 PM

What’s Logging? Paul Bunyan and Babe the Blue Ox, lumberjacks and sawmills, but that’s not important now.


What do we do with the heaps of logs generated by all the devices and servers on our networks? So much data. What do we need to log to confirm attribution, show performance, check for anomalies, etc., and what can we let go? How do we balance keeping logs around long enough to be helpful (security and performance analyses) with not allowing them to occupy too much space or make our tools slow to unusability?


George Sutherland Dec 5, 2019 3:18 PM

In the land of internal audit

The edict came down to record it


Fast or slow good or bad

It was the information that was had


Some reason we knew most we did not

We collected in a folder, most times to rot


The volume was large, it grew and grew

Sometimes to exclusion of everything new


Aggregation was needed and to get some quick wins

Thank heavens we have SolarWinds


Day6: Observability—Zack Mutchler (MVP)

THWACK MVP Zack Mutchler delivers a one-two punch for this post—offering an ELI5 appropriate explanation but then diving deep into the details as well, for those who craved a bit more.


Holly Baxley Dec 6, 2019 10:36 AM

To me—monitoring and observability can seem like they do the same thing, but they’re not.


Monitoring -

“What’s happening?”
Observability -

“Why is this happening?”

“Should this be happening?”

“How can we stop this from happening?”

“How can we make this happen?”


The question is this...can we build an intelligent AI that can actually predict behavior and get to the real need behind the behavior, so we can stop chasing rabbits and having our customers say, “It’s what I asked for, but it’s not what I want.”


If we can do that—then we’ll have mastered observability.


Mike Ashton-Moore  Dec 6, 2019 10:15 AM

so—alerting on what matters, but monitor as much as you’re able—and don’t collect a metric just because it’s easy, collect it because it matters


Juan Bourn Dec 6, 2019 9:16 AM

So observability is only tangible from an experience stand point (what is seen by observing its behavior)? Or will there always be metrics (like Disney+ not loading)? If there are always metrics, then are observability and metrics two sides of the same coin?


Not too long ago, a copy of Randall Munroe’s “Thing Explainer” made its way around the SolarWinds office—passing from engineering to marketing to development to the Head Geeks, and even to management.


Amid chuckles of appreciation, we recognized Munroe had struck upon a deeper truth: as IT practitioners, we’re often asked to describe complex technical ideas or solutions. However, it’s often for an audience requiring a simplified explanation. These may be people who consider themselves “non-technical,” but just as easily, it could be for folks deeply technical in a different IT discipline. From both groups (and people somewhere in-between) comes the request to “explain it to me like I’m five years old” (a phrase shortened to “Explain Like I’m Five,” or ELI5, in forums across the internet).


There, amid Munroe’s mock blueprints and stick figures, were explanations of complex concepts in hyper-simplified language achieving the impossible alchemy of being amusing, engaging, and accurate.


We were inspired. And so, for the December Writing Challenge 2019, we hope to do for IT what Randall Munroe did for rockets, microwaves, and cell phones: explain what they are, what they do, and how they work in terms anyone can understand, and in a way that may even inspire a laugh or two.


At the same time, we hope to demonstrate a simple idea best explained by a man who understood complicated things:

“If you can’t explain it simply, you don’t understand it well enough.” – Albert Einstein


Throughout December, one writer—chosen from among the SolarWinds staff and THWACK MVPs—will be the lead writer each day. You—the THWACK community—are invited to contribute your own thoughts each day, both on the lead post and the word itself. In return, you’ll receive friendship, camaraderie, and THWACK points. 200 to be precise, for each day you comment on a post.*


You’ll find each day’s post on the December Writing Challenge 2019 forum. Take a moment now to visit it and click "Follow" so that you don't miss a single post. As in past years, I’ll be writing a summary of the week and posting it over on the Geek Speak forum.


In the spirit of ELI5, your comments (and indeed, those of the lead writers as well) can be in the form of prose, poetry, or even pictures. Whatever you feel addresses the word of the day and represents a way to explain a complex idea simply and clearly.


To help you get your creative juices flowing, here’s the word list in advance.


Everyone here on THWACK is looking forward to reading your thoughts!

  1. Monitoring
  2. Latency
  3. Metrics
  4. NetFlow
  5. Logging
  6. Observability
  7. Troubleshoot
  8. Virtualization
  9. Cloud Migration
  10. Container
  11. Orchestration
  12. Microservices
  13. Alert
  14. Event Correlation
  15. Application Programming Interface (API)
  16. SNMP
  17. Syslog
  18. Parent-Child
  19. Tracing
  20. Information Security
  21. Routing
  22. Ping
  23. IOPS
  24. Virtual Private Network (VPN)
  25. Telemetry
  26. Key Performance Indicator (KPI)
  27. Root Cause Analysis
  28. Software Defined Network (SDN)
  29. Anomaly detection
  30. AIOps
  31. Ransomware


* We’re all reasonable people here. When I say “a comment,” it needs to be meaningful. Something more than “Nice” or “FIRST!” or “Gimme my points.” But I’m sure you all knew that already.

In my last post I gave some background on one of my recent side projects: setting up and then monitoring a Raspberry Pi running Pi-Hole. In this post, I’m going to dive into the details of how I set up the actual monitoring. As a reminder, you can download these Server & Application Monitor (SAM) templates from the THWACK content exchange:



Also, the SolarWinds legal team has persistently insisted I remind you that these are provided as-is, for educational purposes only. The user agrees to indemnify the author, the author’s company, and the author’s third grade math teacher of any unexpected side effects such as drowsiness, nausea, ability to fly, growth of extra limbs, or attacks by flightless water fowl.


Setting Up Monitoring

As I said at the start of this series (**LINK**), on top of enjoying what Pi-Hole was doing for my home browsing experience, I also wanted to see if I could collect meaningful monitoring statistics from an application of this type.I started off with the basics—getting the services monitored. There weren’t many, and it looked like this once I was set up.



In the end, the services I needed to monitor were:

  • pihole-FTL
  • lighttpd
  • lightdm
  • dhcpd


Because monitoring services is sort of “basic blocking and tackling,” I’m not going to dig too deep here. Also, because I’ve provided the template for you to use, you shouldn’t have to break a sweat over it.


Next, I wanted to capture all those lovely statistics the API is providing. The only way I could do this was by building a script-based component in SolarWinds SAM. Now I’m no programmer, more like a script-kiddie, but I can sling code in a pinch, so I wasn’t overly worried…


…Until I realized I didn’t want to do this in Perl. It’s one thing to shoehorn Perl into making JSON calls because I wanted to prove a point. But since I wanted to put this template on THWACK for other folks to use, I had to do it in a scripting language that hadn’t celebrated more anniversaries than my wife and I had (31 years and going strong, thank you very much. My marriage, I mean, not Perl.). So, I took a good, hard look in the mirror and admitted to myself it was finally time to hunker down and write some code with PowerShell.


Jokes aside, for a project where I knew I’d be interacting with web-based API calls to return XML style data, I knew PowerShell was going to give me the least amount of friction, and cause others who used my code in the future the least amount of grief. I also knew I could lean on Kevin Sparenberg, Steven Klassen, and the rest of the THWACK MVP community when (sorry, if) I got stuck.


I’m happy to report it didn’t take me too long to get the core functionality of the script working—connect to the URL, grab all the data, and filter out the piece I want. It would look something like this:

$pi_data = Invoke-RestMethod -Uri "http://mypihole/admin/api.php" 
$pi_stat = $pi_data.domains_being_blocked 
Write-Host "Statistic: " $pi_stat

Now I needed not only to pretty this up, but also to add a little bit of error-checking and adapt it to the conventions SAM script components expect. Luckily, my MVP buddies rose to the challenge. It turns out Kevin Sparenberg had already created a framework for SAM PowerShell script components. This gem ensured I followed good programming standards and output the right information at the right time. You can find it here.


As I began to pull my basic script into the SAM template, I immediately ran into a problem: Raspberry Pi doesn’t run PowerShell, but the script was attempting to run there anyway.


After a bit of digging, I realized the problem. First, I was monitoring the Raspberry Pi itself using a SolarWinds agent. When you do that, SAM “presumes” you want to run script components on the target, instead of the polling engine. In most cases, this presumption is true, but not here. The fix is to change the template advanced options to run in agentless mode.


Once that was done, the rest was simple. For those reading this who have experience building script components, the process is obvious. For those of you who don’t have experience, trust me when I say it’s too detailed for this post, but I have plans to dig into the step-by-step of SAM script monitors later!


Looking Ahead

At the time I was playing with this, script monitors were the best way to get API data out of a system. HOWEVER, as you can see on the SAM product roadmap page, one of the top items is a built-in, generic API component.


I think I just found my next side project.

If you’ve read my posts for any length of time, you know I sometimes get caught up in side projects. Whether it’s writing an eBook, creating a series of blog posts about custom SolarWinds reports, or figuring out how to make JSON requests in Perl, when my ADD and inspiration team up to conspire against me, I have no choice but to follow. The good news is I usually learn something interesting along the way.


That’s what this series of posts is going to be about—yet another trip down the technical rabbit hole of my distractibility. Specifically, I implemented Pi-Hole on a spare Raspberry Pi at home, and then decided it needed to be monitored.


In the first part of the series (today’s post), I’m going to give some background on what Pi-Hole and the Raspberry Pi are and how they work. In the next installment, I’ll cover how to monitor it using SolarWinds Server & Application Monitor (SAM).


If you’re impatient, you can download all three of the templates I created from the THWACK content exchange. The direct links are here:


Please note these are provided as-is, for educational purposes only. Do not hold the author, the author’s company, or the author’s dog responsible for any hair loss, poor coffee quality, or lingering childhood trauma.


What Is a Raspberry Pi?

This is a whole computer on a 3.5” x 2.25” board. For those who haven’t had exposure to these amazing little devices, a Raspberry Pi is a small, almost credit-card-sized full computer on a single board. It has a CPU, onboard memory, GPU, and support hardware for a keyboard, mouse, monitor, and network connection.While most people use the operating system “Raspbian” (a Linux Debian variation), it also supports several other OS options built off variants of Linux, RISC, and even Microsoft Windows.


What Is Pi-Hole?

Pi-Hole software makes your home (or, work, if your IT group is open-minded enough) network faster and safer by blocking requests to malicious, unsavory, or just plain obnoxious sites. If you’re using Pi-Hole, it’ll be most noticeable when advertisements on a webpage fail to load like this:


BEFORE: pop-overs and hyperbolic ads.



AFTER: No pop-overs, spam ads blocked


But under the hood, it’s even more significant:


BEFORE: 45 seconds to load



AFTER: 6 seconds to load



Look in the lower-right corner of each of those images. Load time without Pi-Hole was over 45 seconds. With it, the load time was 6 seconds.You may not think there are many of these, but your computer is making calls out to these sites all the time. Here are the statistics from my house on a typical day.



The Pi-Hole software was originally built for the Raspberry Pi, but has since extended to run on full computers (or VMs) running Ubuntu, CentOS, Debian, or Fedora; or on docker containers hosted on those systems. That said, I’m focusing on the original, Raspberry Pi-based version for this post.


What Is This API?

If you’ve already dug into APIs as part of your work, you can probably skip this section. Otherwise, read on!An Application Programming Interface is a way of getting information out of (or sometimes into) a program without using the normal interface. In the case of Pi-Hole, I could go to the web-based admin page and look at statistics on each screen, but since I want to pull those statistics into my SolarWinds monitoring system, I’m going to need something a bit more straightforward. I want to be able to effectively say directly to Pi-Hole, “How many DNS queries have you blocked so far today?” and have Pi-Hole send back “13,537” without all the other GUI frou-frou.SHAMELESS PROMOTION: If you find the idea of APIs exciting and intriguing, then I should point you toward the SolarWinds Orion Software Developer Kit (SDK)—a full API supporting the language of your choice (Yes, even Perl. Trust me. I tried it.). There’s a whole forum on THWACK dedicated to it. Head over there if you want to find out how to add nodes, assign IP addresses, acknowledge alerts, and other forms of monitoring wizardry.


How Does the Pi-Hole API Work?

If you have Pi-Hole running, you get to the API by going to http://<your pi-hole url>/admin/api.php.There are two modes to extracting data—summary and authorized. Summary mode is what you get when you hit the URL I gave above. It will look something like this:




If you look at it with a browser capable of formatting JSON data, it looks a little prettier:

Meanwhile, the authorized version is specific to certain data elements and requires a token you get from the PiHole itself. You view the stats by adding ?”<the value you want>” along with “&auth=<your token>” to the end of the URL, so to get the TopItems data, it would look something like this:


And the result would be:

You get a token by going to the Pi-Hole dashboard, choosing Settings, clicking the “API/Web Interface” tab, and clicking the “Show Token” button. Meanwhile, the values requiring a token are described on the Discourse page for the Pi-Hole API.


Until Next Time

That’s it for now. In my next post of the series, I’ll dig deep into building the SAM template. Your homework is to repurpose, dust off, or buy a Raspberry Pi, load it up with Pi-Hole, and get it configured. Then you’ll be ready to try out the next steps when I come back.And if you want to have those templates ready to go, you can download them here:


Recently, I was building out a demonstration and realized I didn’t have the setup I needed. After a little digging, I realized I wanted to show how to track changes to containers. This meant I needed some containers I could change, which meant installing Docker.


If this sounds like the usual yak shaving we IT professionals go through in our daily lives, you’d be right. And even if I told you I’d never spun up my own containers—or installed Docker, for that matter—you’d probably still say, “Yup, sounds like most days ending in ‘y.’”


Because working in IT means figuring it out.


I’d like to tell you Docker installed flawlessly; I was able to scan the documentation and a couple of online tutorials and get my containers running in a snap; I easily made changes to those containers and showcased the intuitive nature of my Docker monitoring demo.


I’d like to say all of those things, but if I did, you—my fellow IT pros—would know I was lying. Because figuring it out is sometimes kind of a slog. Figuring it out is more often a journey from a series of “Well that didn’t work” moments to “Oh, so this is how it’s done?” Or, as I like to tell my non-techie friends and relatives, “Working in IT is having long stretches of soul-crushing frustration, punctuated by brief moments of irrational euphoria, after which we return to the next stretch of soul-crushing frustration.”


That’s not to say we who make our career in IT don’t get lucky from time to time. But, as Coleman Cox once said, “I am a great believer in Luck. The harder I work, the more of it I seem to have.”


As we work through each day, solving problems, shaving yaks, and generally figuring it out, we amass to ourselves a range of experiences which—while they may be a bit of a slog at the time—increase not only our knowledge of how this thing (the one we’re dealing with right now) works, but also of how things work in general.


While it’s less relevant now, back in the day I used to talk about the number of word processors I knew—everything from WordStar to WordPerfect to Word—close to a dozen if you counted DOS and Windows versions separately. At the time, this was a big deal, and people asked how I could keep them straight. The answer was less about memory and more about familiarity born of experience. I likened it to learning card games.


“When you learn your first card game,” I’d point out, “it’s completely new. You have nothing to compare it to. So, you learn the rules and you play it. The second game is the hardest because it completely contradicts what you thought you knew about ‘card games’ (since you only knew one). But then you learn a third, and a fourth, and you start to get a sense of how card games in general work. There’s nothing intrinsically special about an ace or a jack or whatever, and card games can work in a variety of ways.”


Then I’d pull it back around to word processors: “After learning the third program, you realize there’s nothing about spell check or print or word-wrap unique to MultiMate or Ami Pro. And once you have a range of experience, you’re able to see how WordPerfect’s ‘Reveal Codes’ was totally unique.”


Which makes a nice story. But there’s more to it than that. As my fellow Head Geek Patrick Hubbard pointed out recently, those of us who mastered WordPerfect discovered learning HTML was pure simplicity, specifically because of the “reveal codes” functionality I mentioned earlier.

Image: https://2.bp.blogspot.com/-3B6KHm5x3JQ/WrrSvt1pIAI/AAAAAAAABvw/wQLhAE28Aak8AkI13Ylg0M8iJmZofgV5ACLcBGAs/s400/2-revealcodes.png


Anyone who knows HTML should feel right at home with the view on the bottom half of the screen.


Having taken the time to slog through WordPerfect (which was, in fact, the second word processor I learned), I not only gained skills and experience in using the software, but I unknowingly set myself up to have an easier time later.


And this experience was by no means unique—meaning I personally experienced many times when a piece of knowledge I’d struggled to acquire in one context turned out to be both relevant and incredibly useful in another; and my experience in this regard is not unique to IT professionals. We all have them. The experiences we have today all feed into the luck we have tomorrow.


So, on this IT Pro Day, I want to salute everyone in our industry who shows up, ready to do the hard work of figuring it out. May the yaks you must shave be small, and the times you find yourself saying “Wait, I already know this!” be many.

The summer is full of important dates, from national holidays to family vacations to birthdays and anniversaries big and small.


In a few short days, one such birthday is coming up—an event noted and even celebrated by people across the globe. I’m speaking, of course, about July 31—Harry Potter’s birthday.


In considering the legacy of the Harry Potter stories, there are many lessons for the IT practitioner. Examples include:

  • The importance of robust physical security of our most precious on-premises assets, like data and philosopher’s stones
  • The need for security protocols to detect and trap bugs within the system
  • How a strong core team with diverse skills can help overcome threats both big and small


But one lesson stands out for me, here in the days after news broke about the latest internet fiasco, FaceApp. I’ve written before about the many poor choices made by social media companies and app developers – especially when it comes to security, privacy, and transparency. On a personal note, because of those concerns, I left the Facebook platform completely about a year ago.


With those two things out in the open, I’d like to suggest that, of all the Harry Potter characters, it’s the humble but capable Mr. Weasley who exemplifies both how we got to this point, and how we might make better choices in the future.


As for how we got here: of all the people we meet in the Potterverse, it’s Arthur Weasley who most strongly embraces technology. From his tricked-out Ford Anglia to his willingness to try using “stitches” as part of his recovery from a near-fatal snake bite, Arthur’s enthusiastic openness to innovation and alternative solutions puts him on the cutting edge within the wizard community.


But, as his obsession with collecting plugs (and his fascination with things that run on “eckeltricity,” as he calls it) shows, he often doesn’t fully understand how the technology he’s so captivated by works. I’m sure anyone who has worked on a help desk for more than 15 minutes can tell similar stories.


While this lack of understanding doesn’t lead to any serious consequences for Mr. Weasley—and thankfully, the same can be said for most end users in most organizations on most days—we who work in the IT trenches can certainly see where the dangers lie. And it explains how FaceApp, and similar breaches over the past few years, happen; and keep happening; and happen seemingly overnight (I say “seemingly” because FaceApp itself has existed since 2017 and this was not its first controversy). Like Arthur Weasley, some folks are open to new things, and willing to enthusiastically embrace advances allowing them to live on the cutting edge. But their lack of familiarity with the underlying technology causes them to misunderstand the risks.


And all of this leads up to why I think it’s so wonderfully ironic for Mr. Weasley himself to give the simple, yet effective lesson on how to keep our digital lives safe in these uncertain times.

“What have I always told you? Never trust anything that can think for itself if you can’t see where it keeps its brain?”

J.K. Rowling, Harry Potter and the Chamber of Secrets


After discovering how his daughter has been pouring out her heart (and, it turns out, her life essence) all year to a sentient diary possessed by an evil wizard, Mr. Weasley offers up the commonsense rule we all should keep in mind when considering installing a shiny new app; clicking the funny online survey to see which type of dog you are; or tapping the mesmerizing button offering a download of the movie not yet out of theaters.


It’s why understanding where “it” keeps its brain—whether the “it” in question is an app or website or vendor—is so important. As we saw with Cambridge Analytica; Google listening to audio recorded by Google Home devices; weather apps selling user data to the highest bidder; a Facebook API bug exposed photos of 6.8 million users;  and now this latest issue with FaceApp, there is no reason to expect the industry to finally step up and be more careful.


For those reading this and fretting over whether it’s too much to ask simple end users to become expert technologists, I would underscore how the FaceApp issue wasn’t even where or how the data—the “brain”–was being kept. It was in the terms of service.


What I’m talking about is more than another case of the adage “if it seems too good to be true, it probably is.” It’s also the reality that (as another adage goes) “If you’re not paying for it, you’re not the customer, you’re the product.”


So, even if the end user can’t determine where it keeps its brain, we must always remember we know where WE keep OUR brain, and we should use it conscientiously before adding the next shiny new eckeltricity plug app, to our collection.

Looking back across the months since SysAdmin Day 2018, it’s obvious we’re all dealing with a remarkably different (in some ways exciting, in others, horrifying) IT landscape than the one we had a year ago.


Sure, all the familiar landmarks are there: routers still route, switches still switch, and servers still serve (even the serverless ones!). We continue to get pulled into way too many meetings and yet management continues to consult us far too little or far too late for us to effectively help and direct the business to make good technical choices. “123456” and “password” continue to be the most commonly used (and hacked) passwords.


But at the same time, the tools, techniques, and technologies shaping (and often interrupting) our days are different in ways that can catch us up short. Ransomware attacks have more than doubled since this time last year, targeting larger organizations and demanding significantly larger payouts. The inexorable push to the cloud is made more challenging by the continuously changing list of cloud providers, offerings, and options. And, while we don’t have to worry about being enslaved by our robot overlords (yet), the increasing sophistication (not to mention commoditization) of solutions leveraging machine learning mean we’re constantly having to reevaluate our vendors and solutions to ensure they’re keeping up with the latest business-enhancing capabilities.


Closer to home, our environments ain’t getting any simpler. Technologies both real (SDN, IoT), nascent (5G, AI), and imaginary (flying cars) vie for our attention. Vendor updates, upgrades, patches, and hotfixes continue to demand our attention. And I swear, if one more exec asks me if a problem could be solved by incorporating blockchain...


Speaking of executives, businesses are relying on IT more than ever—hoping and even demanding technology provide ever-greater lift to the bottom line. To be sure, we’ve seen how the proper application of IT wizardry can create incredible advantages in the marketplace, but “why can’t we do our own ‘Prime Day’-type thing” is becoming the new version of “but that’s how Netflix does it.”


Meanwhile, the users (remember them?) require more of our support—and system resources—than ever. I’m old enough* to remember when BYOD was a contentious issue. “How will we support every hardware platform and software configuration under the sun?” we asked. Little did we know we’d also be supporting anything with a screen.


I don’t say all this to make you feel worse, but to point out a simple reality: we SysAdmins need to (and, if we’re honest, have always had to) find ways to do a lot with a little. The only way it gets done is when we augment our individual abilities. At the end of the day, the two most effective ways to do this are with a team of like-minded SysAdmins, and with the very thing we provide to the rest of the organization: tools and technology.


Having a solid team (squad, posse, gang, etc.) gets a decent amount of press, so I’m going to leave that aside for a moment and focus on tools. No matter whether you’re blessed to be part of an amply staffed department, or if you’re an army of one, “y’all” (as we’re wont to say here at SolarWinds) are a finite resource. If you want to have a hope of wading through the pile of tickets in your queue, you’re going to have to find something that is, as the military puts it, a “force multiplier.”


Need to know what changed and when on all your switches? You can do the telnet-tango all night, or you can have automation rip through every router in an hour. Don’t have enough eyeballs to see when a server is sawtoothing? I bet there’s a server monitoring solution that’s got your back. And if you haven’t automated application restarts, you’ll be scheduling carpal tunnel surgery long before your list is down to even the low hundreds.


Whether the tools to fit your needs are free (“Free as in beer,” in the words of Richard Stallman), freemium, or full-price is up to you. What I’m offering is my humble opinion that, if you do a task more than once, you should already be thinking about how you’d automate it, and if a system fails the same way twice, you should already have a plan to monitor it.


Where do you find out how to do this? How to even get started? That brings us back to the topic of teams. Great news: the answer is (electronically) all around you, even if you’re a lone wolf in the data center. We SysAdmins are a worldwide community, a tribal affiliation transcending geography, culture, language, or operating system. You can find other members easily on social media and online forums. Jump on any of those, explain the work you’re trying to stop doing, and almost before you hit “send,” the suggestions will be rolling in. Yes, I even have a few of my own.


But WHICH tool you choose isn’t as important as this simple fact: when you find you’re falling behind, stuck on a process or issue, you should be asking yourself, “I wonder if there’s an app for that.”


*To be fair, my high-school-aged son is old enough to remember this too. Mostly because there was a point in time when I’d come home from work and complain about it almost nightly.

THWACKcamp is Back! - YouTube


Here at SolarWinds, convention season is just beginning to heat up. Whether you’re lucky enough to travel to these shows or are just following our exploits online, you’ll see us across the globe—from London (Info Security Europe) to New York (SWUG), Vegas (Black Hat) San Diego (Cisco Live!), San Francisco (VMworld, Oracle World), and Singapore (RSA)—demoing and discussing the best monitoring features, whether they’re brand-new or just new-to-you.


But there’s one conference that, for us, is circled in red marker on our calendar: THWACKcamp 2019, which is so very happening October 16 – 17, 2019.


Running the Numbers

Now in its 8th year, THWACKcamp has grown in both quality and quantity each year. Last year, we saw more than 2,300 people attend, consuming 22 hours of content accompanied by real-time discussions in live chat. On top of that, people kept coming back for more, and viewed the recordings of those same sessions over 16,000 more times after THWACKcamp 2018 ended.


This coming year promises to be our most ambitious one yet—and not just because we expect more attendees, more content, or more amazing giveaway prizes.


Brand New Formula, Same Great Taste!

First, I want to talk about the things that AREN’T changing.


THWACKcamp 2019 is still 100% free and 100% online. That means you don’t have to beg your boss for budget, risk one of TSA’s “very personal” pat-down procedures, fight flocks of other IT pros thronging to the next session, or deal with less-than-optimal hotel options.


The event is still going to be two full days packed with content and live segments. A legion of SolarWinds folks ranging from Head Geeks to engineers to product managers will be on chat to field questions, offer insights, and take conversations offline if needed.


And of course, we’re still going to have some awesome prizes to give away throughout the event. (Look, we know you come for the information, but we also know the prizes add a whole ‘nother level of fun to it and we’re not about to give that up either. We have as much fun brainstorming what cool swag to give away as you do winning it. That said, this thread on THWACK.com will let you offer your ideas on what you’d like to see us give away:  https://thwack.solarwinds.com/message/419618#419618


SO... what about the “new and improved” part of THWACKcamp?

The thing you’ll notice most is every session is going to take the time it needs, rather than conforming to a standard 30- to 40-minute window. This allows us to intersperse deep-dive topics with quick 10-minute how-tos, and even a few funny “commercials” to make sure you’re paying attention.


The second thing you’ll notice is that we’ve broken out of the studio. We love our set and still have a bunch of the sessions there, but you’ll also see us in discussions in lounge areas, outside, and maybe even on-location at events. IT professionals are rarely “at rest” and THWACKcamp reflects that this year too.


Both of those elements allowed us to make one other big improvement: a single track of sessions each day. We’ll be able to cover more topics and ensure that everyone is in the right “room” at the right time to hear all the THWACKcamp-y goodness.


And the last thing you’ll notice is how THWACKcamp will be even more interactive than ever. During the sessions, we’re adding an interactive question-and-answer system called Sli.do. If you’ve attended a SWUG (and if you haven’t, you really should! http://THWACK.com/swug), you know exactly how this works. We’ll use it to get your feedback in real-time, find out how many people prefer one feature over another, and you’ll be able to post your own questions for our staff to answer, where it won’t get lost in the mad banter of the live chat window. Speaking of chat, it’ll still be there, in a THWACKcamp “watercooler” section, where you can talk about your experiences with SolarWinds modules, ask for tips on configuring ACLs, or debate the supremacy of the MCU vs. DCU.


Take My Money!

By this point, I hope you’re shouting at your screen “BUT LEON, HOW DO I SIGN UP???” If this is you, maybe have the barista bring you a decaf on the next round. And while you’re waiting, head over to the THWACKcamp Registration page THWACKcamp 2019. You’ll be able to sign yourself up for the event and see the full schedule of sessions.


But you’ll also gain valuable insight and information between now and October 16. We’ll be sharing exclusive blog posts, videos, and even behind-the-scenes images to give you insight into how an event of this magnitude goes together, and prepare you to get the most out of the THWACKcamp experience.


Also exclusive to folks who register will be “Ask Me (Almost) Anything” sessions. After you complete your registration, you’ll get access to that same Sli.do system I mentioned earlier. Once again, using Sli.do, you will have an opportunity to submit questions or upvote questions from other folks. We’ll host five live on-camera sessions between now and October 16 to answer those questions for you. But remember, you only get access to that after you register.


So, what are you waiting for? Go register now: THWACKcamp 2019! And don’t be selfish, either. Share that link with coworkers, colleagues, and friends in IT who may be thinking “No way am I going to make it to a conference this year.” Sure you are. Here at SolarWinds we’ve got a solution for you, just like we do for so many of your IT challenges.

Filter Blog

By date: By tag:

SolarWinds uses cookies on its websites to make your online experience easier and better. By using our website, you consent to our use of cookies. For more information on cookies, see our cookie policy.