Skip navigation
1 15 16 17 18 19 Previous Next

Geek Speak

2,328 posts

By Joe Kim, SolarWinds Chief Technology Officer


We are in the process of wrapping up our next federal cybersecurity survey and we are eager to see the results. I fully expect foreign government threats to be near the top of the list, and I thought this would be a good time to remind folks of some security fundamentals, presented by my colleague Mav Turner, SolarWinds Senior Director, Product Management.



When we think of cyberattacks, we generally picture a lone wolf hacker or Anonymous-type organization. But foreign governments are also formidable threats. Scan recent headlines and you’ll see articles explaining that cyber hacks on Sony Pictures Entertainment and the Democratic National Committee—among many others—have been attributed to North Korea and Russia.


Last year’s SolarWinds federal cybersecurity study revealed foreign governments pose some of the most serious risks for cyberattacks. Results indicate an uptick in reported government-backed threats over the past few years, with reports increasing from 34 percent in 2014 to 48 percent last year.


As publicity surrounding breaches grows, the public's demand to attribute breaches to a specific government or nation-state and the expectation of an explanation grows as well. This "pressure cooker" climate complicates and sometimes politicizes decision-making for agencies.


While there is no magic bullet, concentrating on three fundamentals—process, people, and tools—can create a good foundation for a well-designed security posture. Here’s how agencies can make them work together.


Develop a Sound Security Process


Agencies must develop proactive, well-formulated plans that outline exact steps that must be taken in case of an intrusion, taking into account which employees have access to what information, and the solutions the agency will employ to monitor networks. A step-by-step management approach will help ensure that no data is left unguarded.


Invest in People and Education


All personnel—not just IT—should be informed about the varying types of existing threats. They should also know that their organizations could be targeted at any time. IT personnel who react to frontline security breaches must have an especially deep understanding of the tools used to manage and thwart threats.


The need to invest in people is underscored by the release of the federal cybersecurity work force strategy, an action plan from the White House’s Office of Management and Budget to find, develop, and expand the nation's cybersecurity talent in the public and private sectors.


Deploy the Proper Tools


Patch management and network automation software add layers of security, and use standardized device configuration and deployment automation to reduce configuration errors. The best-in-class network security tools also use change monitoring, alerts, configuration backups, and rollbacks to improve network reliability. 


Just as foreign governments use teams of people to attack, domestic agencies find strength in their numbers. Social media, networking groups, and threat feeds provide great tools for sharing information about the latest threats, and educating peers on ways to fortify networks. IT personnel should use them to stay ahead of potential attackers.


Organizations should band together. The most strategic defense against cyber breaches will come when federal, state, and local agencies—including law enforcement and other security personnel—across the United States share resources and work together to fight foreign intrusion into U.S. cyberspace.


Find the full article on Signal.



March madness brings April Awesomeness. It’s April, which means we’re getting close to the exciting and dramatic finish to Bracket Battle 2017! Round 3 had me hitting the refresh button and kept me guessing on who would win each matchup.


Let’s see who from the elite eight will move on to the final four:


  • Round 3: Groot vs Hermione Granger Watching these two battle for the lead was like watching a quidditch match. Hermione used every spell in the book, but it was Groot who won this match in the end. bigmclargehuge gave some insight into the struggle between Groot vs Hermione, “ This is a tough call for me. Hermione was a great companion in the story, but Groot was an integral team player. I voted against Groot vs. Ford Prefect, but I gotta go with Groot here. He just seems like the better sidekick!
  • Round 3: Dr. Watson vs Samwise Samwise fought the good fight, but now he’s headed back to shire to eat some po-ta-toes. stevenastem commented, “I like Watson's approach to Holmes better than Sam's approach to Frodo.  Plus I think you can argue that Sam is actually the hero with Frodo his simpering sidekick.  Sure Frodo is 'in charge' but I think that was a mistake.”
  • Round 3: Pinky vs Garth Algar Garth’s Cinderella story finally came to an end this round. He was the underdog in the play-in round and managed to party all the way to the elite eight. Excellent. Pinky is definitely the underdog (er mouse) taking on Chewbacca, the favorite to win in the next round.
  • Round 3: Chewbacca vs Agent K  Chewbacca continues his streak with another landslide win! ecklerwr1 is already predicting Chewbacca will win the whole thing, “Chewbacca is going ALL THE WAY!!!!!



Were you surprised by any of the round 3 outcomes? Comment below!


To quote our friend Garth, it’s time to “live in the now” and move on to the next round of bracket battle. Check out the updated bracket & start voting for the ‘Distinguished’ round now! We need your help to determine who will move on to the finals in the ultimate sidekick bracket battle!


Access the bracket and make your picks HERE>>



Great Scott! Round 2 was full of surprise upsets and matches that were almost too close to call! Bracket Battle 2017 continues to be wildly unpredictable—this might come down to a photo finish folks!


Let’s see how our sidekicks did in this round:



  • Round 2: Groot vs Dr. Emmett Brown  There was a lot of support for Doc Brown in the comment section, but it was Groot who won this round by a splinter! amore1329 explained, “Well, inventing the Flux Capacitor was impressive, but we are talking about an intergalactic space plant, with anger issues and an extremely limited vocabulary...who just happened to save his entire team from certain death and then came back as a cute dancing tree who has great taste in music.”

  • Round 2: Shaggy Rogers vs Garth Algar This match-up had us all on the edges of our seats! Shaggy had the early lead then Garth pulled ahead and then Shaggy again. From downtown with the buzzer shot it was... Garth FTW! It all came down to 5 votes!
  • Round 2: Pinky vs Donkey  Pinky proved to us all that it’s not how big you are, it’s how big you play. Donkey will be okay though, he informed us that he’s going to wake up tomorrow and make waffles. sparda963 totally predicted the outcome of this match, “I think this one will be a nail-biter for sure! I had to give it to Pinky though. If it wasn't for him, Brain would have taken over the world easily! So Pinky saved us all over and over again.”



  • Round 2: Hermione Granger vs Bucky Barnes  tinmann0715 called this one early on, “ I predict blowout. Seriously... however close this ends up it shouldn't even have been that close.” familyofcrowes summed up this match in 3 words “magic beats bionics....”
  • Round 2: Wilson vs Dr. Watson  Wilson really dropped the ball this round and was voted off the island. ecklerwr1 commented, “Whew I can't even believe that the volley ball won the first round. Thank goodness Dr. Watson has the ball literally "on the ropes" lololol!”
  • Round 2: Samwise vs Gromit  Samwise manages to stay in this battle because he knows how to be a loyal team player.
  • Round 2: Chewbacca vs Tonto  danielv said what we were all thinking, “Expected this to be a landslide - not surprised by the results!”
  • Round 2: Ford Prefect vs Agent K  This was a tough loss for all the true geeks out there. Good effort guys. Ford lost by almost 42% mcam wrote, “true geeks would be Ford all the way K was cool just because of TLJ and no other reason. Ford was part of the team that got us 42 - I mean, come on now”


Were you surprised by any of the outcomes for this round? Comment below!


It’s time to check out the updated bracket & start voting for the ‘Honorable’ round! We need your help & input as we get one step closer to crowning the ultimate sidekick!


Access the bracket and make your picks HERE>>

.Spring is here! Well, for some of us, I guess. It's still cold and rainy here, that's why I'm looking forward to going somewhere warm next week: Telford! I will be SQLBits next week delivering a full day training session with datachick as well as our popular Database Design Throwdown. If you are near Telford...ok, *no one* is near if you are able to get to Telford, stop and say hello, we'd love to talk data with you.


As always, here's a handful of links from the intertubz I thought you might find interesting. Enjoy!


The Fictiv Open Source Motorcycle

I'm not certain how I feel about building a motorcycle out of 3D printed parts, but I will admit to being intrigued about the possibilities that 3D printing will bring to everyone.


2038: only 21 years away

For those of us that remember the money we made with Y2K "issues", here's a reminder that time runs out on Linux systems in 21 short years.


Why American Farmers Are Hacking Their Tractors With Ukrainian Firmware

I'm certain this will end well. What's the worst that can happen?p>


Secret colours of the Commodore 64

I had the Commodore VIC-20, my friends had a 64. None of us thought about stuff like this.


Dishwasher has directory traversal bug

One day I hope we find a way to make manufacturers accountable for such awful security practices.


Senate Puts ISP Profits Over Your Privacy

The crazy things our elected officials do with our privacy, and with our beliefs and expectations that we have any.


Laptops, tablets and other gadgets banned from cabin on some US-bound flights

As someone who travels frequently, this has me concerned. I'm not likely to travel without my laptop, and I don't trust to put my laptop into my checked bag.


Looking forward to another great SQL Bits event next week:


By Joe Kim, SolarWinds Chief Technology Officer


I recently presented at our Federal User Group meeting in Washington, DC and hybrid IT was the hottest topic at the event.  It reminded me of a blog written last year by our former Chief Information Officer, Joel Dolisy, which I think is still very valid and worth a read.



It’s really no surprise that agencies are embracing hybrid clouds given that federal IT is balancing the need for greater agility, flexibility, and innovation, with strict security control. Hybrid clouds provide the perfect alternative, because they allow agencies to become more nimble and efficient while still maintaining control.


In today’s IT, there’s no room for barriers. Things exist in many places; applications, for example, must be stateless, mobile, and easily scalable to accommodate periods of peak demand.


Hybrid clouds offer three specific benefits that on-premises or hosted solutions cannot offer.


Lockdown Security


The hybrid model can help alleviate agencies’ cloud security concerns. Agencies can opt to keep extremely sensitive data on-premises in private clouds, while using public clouds to run applications.


That said, some agencies have begun placing contractor-owned and operated cloud offerings directly onto their networks. The contractors are providing physical security and boundary protection based on agency requirements. This helps solve acquisition challenges and allows agencies to more readily adopt innovative new commercial technologies.


Better Disaster Recovery


Systems may simply go down due to events that are beyond anyone’s control – power outages, hurricanes, and other phenomena. These situations require disaster recovery programs, and hybrid clouds can play a part in their implementation.


Hybrid clouds make disaster recovery far easier to implement and manage, and far more cost-effective. First, there’s no intensive physical installation, because everything is software-defined. Second, the hybrid cloud model can be more financially beneficial to an organization, especially agencies experiencing tight budgetary purse strings.


Greater Efficiency


With big data, processing time can sometimes take weeks, which may as well be a lifetime. Integrating existing on-premises computers with off-site hosted cloud resources can shave that time down to minutes.


Hybrid architectures make this possible. An organization can spin up hundreds of extra processors as necessary, for a specified period of time. This can help ensure that applications remain fully accessible and functioning, and speed up the dissemination of critical information.


There are other types of savings that can be had, specifically in terms of space. Data center consolidation has been in full swing since 2010, when the Federal Data Center Consolidation Initiative (FDCCI) was first introduced. A hybrid approach can help agencies in this effort by allowing them to save an enormous amount of space currently dedicated to compute resources that can be virtualized.


There are many benefits to hybrid cloud deployments, but they still have to be monitored closely. I wrote about the need for network monitoring, and the same rule of thumb can be applied to the cloud. Administrators must monitor their servers and applications – preferably with an agentless tool – that exist within both their on-premises and hosted environments. While hybrid clouds do offer the best of both worlds, agencies will want to always make sure the workloads they’re running within those worlds remain fully optimized. It’s also important to note that hybrid cloud deployment should be the goal, not just a transitional state.


Find the full article on our partner DLT’s blog, Technically Speaking.



Holy round one upset Batman! Our fifth annual bracket battle has already proven to be the most unpredictable we have ever seen. Maybe it’s the wide range of characters who span decades of pop-culture, but the community seemed pretty torn on most match-ups in the “noteworthy” round.


Let’s take a look at how our sidekicks fared in this round:



  • Robin Vs Groot: For many, Robin is the quintessential sidekick, however, he was no match for Groot who gained fame in the Guardians of the Galaxy. ecklerwr1 offered one possible explanation for this huge upset: “I think this is a little age related to be honest. Many younger users probably didn't watch all the batman and robin movies and cartoons.”

  • Goose Vs Chewbacca:  No surprises in this match-up, the Wookiee warrior easily takes down the Top Gun Wingman. ajmalloy “Goose drew the worst possible first round opponent”

  • Samwise Vs Tina Ruth Belcher:  Easily one of the biggest shutouts this round! It appears that loyalty and sacrifice were more valued attributes in a sidekick than an obsession with zombies and working hard at the family restaurant. tallyrich “Samwise - that's a sidekick that will do what it takes.”

  • Shaggy Rogers Vs Morty Smith KMSigma explains how this was a loyalty vote for him (and everyone else apparently) “Sorry man - loyalty wins.  I do love me some Morty and can't wait for the next season, but we have, what, 20 episodes of R&M and have had Norville "Shaggy" Rogers since 1969?  And originally voiced by Casey Kasem?  Sorry, but Summer's stuttering little brother doesn't compare for me.”

  • Willow Rosenberg Vs Dr. Emmett Brown: Great Scott! This was no contest. The time traveling mad scientist easily beat out the vampire-slaying sidekick.

  • Rick Jones Vs Hermione Granger: Hermione used her magic to run away with the win. Maybe Rick would have had better luck if he were a more loyal sidekick. tinmann0715 “Points lost from Rick because he was a sidekick to so many different characters. In my eyes a sidekick is to be loyal.”

  • Bob, Agent Of Hydra Vs. Bucky Barnes: Neither sidekick seemed very popular in this match-up, nevertheless Bucky managed to win this round in a landslide.

  • Genie Vs. Dr. Watson: Magic lamps & wishes were surprisingly no match for the mystery solving sidekick, Dr Watson.

  • Pinky Vs Barney Rubble: chippershredder summed up this match-up perfectly “So Brain, What are we going to do today?” “Same thing we do every day, Pinky.  Use SolarWinds to take over the world!”

  • Barney Fife Vs Agent K: Unfortunately, the deputy sheriff of Mayberry was no match for the MIB.

  • Ford Prefect Vs Keenser: Ford Prefect FTW in this intergalactic shutout!



  • Jiminy Cricket Vs. Wilson: This match-up came down to the wire, but in the end it was the Castaway companion who came out ahead. For a match-up between a cricket and a volleyball, it was decidedly heated. jeremymayfield “How can a bloody volleyball be beating the legend, an icon?  Its just not right people.   The ball didn't even make it through the entire movie, he washed away. Jiminy appears in many more cartoons over the years.”

  • Dwight Schrute Vs. Gromit: Choosing between a goofy office sidekick and a life-saving dog was tough for everyone. In the end Gromit came out ahead. silverwolf “Gromit definitely! He saves everyone waaaayyyy tooo many times.

  • Bullwinkle Vs Donkey: Another battle of the generations, but the voters who grew up with Shrek decided the winner in this match-up!

  • Luigi Vs Garth Algar: Garth is on a winning streak! First, he beats Spongbob and now Luigi! Mamma Mia!

  • Tonto Vs Short Round: Without a doubt the closest match-up of this round. ecklerwr1 was all of us when he said “Wow can't believe this is close... Tonto FTW!”


Were you surprised by any of the shutouts or nail bitters for this round? Comment below!


It’s time to check out the updated bracket & start voting for the ‘Admirable’ round! We need your help & input as we get one step closer to crowning the ultimate sidekick!


Access the bracket and make your picks HERE>>

Troubleshooting efficiency and effectiveness are core to uncovering the root cause of incidents and bad events in any data center environment. In my previous post about the troubleshooting radius and the IT seagull, troubleshooting efficacy is the key performance indicator in fixing it fast. But troubleshooting is an avenue that IT pros dare not to walk too often for fear of being blamed for being incompetent or incorrect.


We still need to be right a lot more than we are wrong. Our profession does not give quarters when things go wrong. The blame game anyone? When I joined IT operations many a years ago, one of my first mentors gave me some sage advice from his own IT journey. It’s similar to the three envelope CEO story that many IT pros have heard before.

  1. When you run into your first major (if you can’t solve it, you’ll be fired) problem, open the first envelope. The first envelope’s message is easy – blame your predecessor.
  2. When you run into the second major problem, open the second envelope. Its message is simply – reorganize i.e. change something whether it’s your role or your team.
  3. When you run into the third major problem, open the third envelope. Its message is to prepare three envelopes for your successor because you’re changing company willingly or unwillingly.  


A lifetime of troubleshooting comes with its ups and downs. Looking back, it has provided many an opportunity to change my career trajectory. For instance, troubleshooting the lack of performance boost from a technology invented by the number one global software vendor almost cost me my job; but it also re-defined me as a professional. I learned to stand up for myself professionally. As Agent Carter states, "Compromise where you can. And where you can’t, don’t. Even if everyone is telling you that something wrong is something right, even if the whole world is telling you to move. It is your duty to plant yourself like a tree, look them in the eye and say, no. You move." And I was right.


It’s interesting to look back, examine the events and associated time-series data to see how close to the root cause signal I got before being mired in the noise or vice-versa. The root cause of troubleshooting this IT career is one that I’m addicted to, whether it’s the change and the opportunity or all the gains through all the pains.


Share your career stories and how troubleshooting mishap or gold brought you shame or fame below in the comment section.



On Day Zero of being a DBA I inherited a homegrown monitoring system. It didn't do much, but it did what was needed. Over time we modified it to suit our needs. Eventually we got to the point where we integrated with OpsMgr to automate the collection and deployment of monitoring alerts and code to our database servers. It was awesome.


The experience of building and maintaining my own homegrown system combined with working for software vendors has taught me that every successful monitoring platform needs to have five essential components; identify, collect, share, integrate, and govern. Let's break down what each of those mean.



A necessary first step is to identify the data and metrics you want to monitor and alert upon. I would start this process by looking at a metric and putting it into one of two classes: informational or actionable. Metrics that were classified as information were the metrics that I wanted to track, but didn't need to be alerted upon. Actionable are the metrics where I needed to be alerted upon because I was needed to perform some actions in response. For more details on how to identify what metrics you want to collect, check out the Monitoring 101 guide, and look for the Monitoring 201 guide coming soon.



After you identify the metrics you want, you need to decide how you want to collect and store them for later use. This is where flexibility becomes important. Your collection mechanism needs to be able to consume data in varying formats. If you build a system the relies on data being in a perfect state, you will find yourself easily frustrated the first time some imperfect data is loaded. You will also find yourself spending far too much time playing the role of data janitor.



Now that your data is being collected, you will want to share it with others, especially when you want to help provide some details about specific issues and incidents. As much as you might love the look of raw data and decimal points, chances are that other people will want to see something prettier. And there's a good chance they will want to be able to export data in a variety of formats, too. More than 80% of the time your end-users will be fine with the ability to export to CSV format.



With your system humming along, collecting data, you are going to find that other groups will want that data. It could also be the case that you need to feed your data into other monitoring systems. Designing a system that can integrate well with other systems requires a lot of flexibility. It's best that you think about this now, before you build anything, as opposed to trying to make round pegs fit in a square hole later. And it doesn't have to be perfect for every possible case, just focus on the major integration method used the world over that I already mentioned: CSV.



This is the component that is overlooked most often. Once a system is up and running, very few people consider the task of data governance. It's important that you take the time to define what the metrics are and where they came from. Anyone consuming your data will need this information, as well. And if you change a collection, you need to communicate the changes and the possible impacts they may have for anyone downstream.


When you put those five components together you have the foundation for a solid monitoring application. I'd even surmise that these five components would serve any application well, regardless of purpose.

March madness is upon us! I'm not just talking about the NCAA tournament here in the United States, I'm also talking about the Bracket Battle 2017 here on THWACK®. As a former basketball player and coach, I love March. Not only do we get treated to some of the best basketball games, but spring arrives to help us forget all about the winter months.


Anyway, here's a handful of links from the intertubz I thought you might find interesting. Enjoy!


Netflix is launching a simplified rating system to improve its suggestions

This sounds great until you realize you use your profile to watch movies with your kids, and that's why you keep seeing "Goosebumps" in your recommendations.


GitHub - bcicen/ctop: Top-like interface for container metrics

Not a post, but a link to GitHub where you can find a project on "ctop," which is running the top command, but for containers. Yes, I find this fascinating.


Star Trek Ransomware Boldly Encrypts

It was only a matter of time before the ransomware folks got around to using Star Trek in some cute attempt to make their crimes seem less horrible.


Password Rules Are BS

A nice reminder about the disservice we've done to ourselves with password rules.


The most detailed maps of the world will be for cars, not humans

The amount of data behind autonomous cars is staggering. Here's hoping we don't have to wait for them much longer.


Thieves are pickpocketing wallet apps in China

Yet another reason to not enjoy QR codes: they are now being used for theft. It won't be long before this crime becomes common here, I expect. This is also the time to remind you that QR codes kill kittens.


From a walk in Brussels a few years ago, I think something got lost in translation:


By Joe Kim, SolarWinds Chief Technology Officer


We all know that network monitoring is absolutely essential for government IT pros to help ensure IT operations are running at optimal performance. That said, with so many tools available, it’s tempting to monitor everything. But be careful: monitoring everything can quickly turn into too much of a good thing.


Having an excessive number of monitoring tools and alerts can result in conflicting metrics and data, overly complex systems, and significant management challenges all working together to undermine an administrators’ ability to accurately identify true network problems.


Understanding why, and for whom, systems are monitored, will help IT pros implement the needed tools and be the most useful for enhancing agency IT operations.


The Importance of Monitoring


Remember, monitoring is critical. The cost of downtime alone makes monitoring operational metrics a necessity. In fact, the value of monitoring is sometimes the driver for “over-monitoring." Some IT pros may think, “The more tools I have, the more insight I get.”


The countless number and type of monitoring tools available have increased from monitoring bandwidth, security systems, servers, code management, and implementation metrics, all the way to high-level operational metrics.


Unfortunately, most of these tools work independently, and agencies will patch several tools together -- each providing different metrics -- to create a massive monitoring system. With this complex system, monitoring becomes a task in and of itself, taking up IT pros’ valuable time instead of providing a seamless foundation of accurate and actionable monitoring data.


Agencies must make smart decisions to remain nimble and keep pace, and that means avoiding mammoth, costly monitoring systems. Solutions that neatly aggregate an agency’s preferred metrics deliver better availability, security, and performance.


Find an ideal monitoring solution by evaluating the response to two questions:


For whom am I monitoring? Are metrics more important to the operations engineer, the project manager, or agency management? There may be a wide array of monitoring needs, even within the engineering contingent. Determine in advance your monitoring “customer.”


What metrics do I really need? What is required to keep things running smoothly, without drowning in alerts and data? Too many alerts and too much data is a frighteningly common problem. Even worse, investing in a separate tool for each is costly and inefficient.


In a nutshell, agencies should identify the most valuable audience and metrics to avoid the need for multiple tools.


Focus on the Data


Remember, the point of monitoring is to inform operational decisions based on collected data. This should be the point that drives monitoring decisions, and the reason to consider investing in a comprehensive monitoring tool.


With an increasing demand for a more digital government, maintaining insights into the infrastructure and application level of the IT operations within the agency is critical. Focusing on the audience and the agency’s specific needs will help ensure a streamlined monitoring solution that that helps drive mission success.


Find the full article on Government Computer News.



They’re usually not the ones in the spotlight, although some steal the show.

They’re not the captains; they don’t decide which way to go.

They’re the unsung heroes, the ones in the shadows.

They’ve got your back when you’re battling your foes.

Sidekick is their title; they don’t need to gloat.

One will be the winner after you cast your vote!

Bracket battle is back and bigger than ever.

By the time we’re done, we’ll crown the best sidekick once and forever!


Starting today, 33 of the most popular sidekicks will battle it out until only one remains and reigns supreme as the ultimate sidekick. We’ve handpicked a wide range of sidekicks from TV, movies, comics, and video games to make this one of the most diverse bracket battles yet. The starting categories are as follows:

  • What are we going to do tonight, Brain?
  • You can be my wingman any time.
  • Holy ____, Batman!
  • Let your conscience be your guide.


We picked the starting point and initial match ups; however, just like in bracket battles past, it will be up to the community to decide who they would want as their partner in crime.



Bracket battle rules:

Match up analysis:

  • For each sidekick, we’ve provided reference links to wiki pages—to access these, just click on their NAME on the bracket
  • A breakdown of each match up is available by clicking on the VOTE link
  • Anyone can view the bracket and match ups, but in order to vote or comment, you must have a THWACK® account and be logged in



  • Again, you must be logged in to vote and trash talk
  • You may vote ONCE for each match up
  • Once you vote on a match, click the link to return to the bracket and vote on the next match up in the series
  • Each vote earns you 50 THWACK points! If you vote on every match up in the bracket battle, you can earn up to 1,550 points!



  • Please feel free to campaign for your favorite sidekicks and debate the match ups via the comment section (also, feel free to post pictures of bracket predictions on social media)
  • To join the conversation on social media, use hashtag #SWBracketBattle
  • There is a PDF printable version of the bracket available, so you can track the progress of your favorite picks



  • Bracket Release is TODAY, March 20th
  • Voting for each round will begin at 10 a.m. CDT
  • Voting for each round will close at 11:59 p.m. CDT on the date listed on the bracket home page
  • Play-in battle opens TODAY, March 20th
  • Round 1 OPENS March 22nd
  • Round 2 OPENS March 27th
  • Round 3 OPENS March 30th
  • Round 4 OPENS April 3rd
  • Round 5 OPENS April 6th
  • Ultimate sidekick announced April 12th


If you have any other questions, please feel free to comment below and we’ll get back to you!

Which one of these sidekicks would you want as your copilot?

We’ll let the votes decide!


Access the bracket overview HERE>>


When I head out to conventions, especially the bigger ones like Cisco Live, I always expect to find some darling technology that has captured imaginations and become the newest entry in every booth denizen's buzzword bingo word list. And most of the time, my expectation is grounded in experience. From SDN to IoT, and on through cloud, container, and BaaS Blah Blah as a Service (BaaS), each trend is heralded with great fanfare, touted with much gusto, and explained with significant confusion or equivocation.


Not this year.


Chalk it up to the influence of Berlin's tasty beer and solid work ethic if you want, but this year the crowd was clearly interested in "the work of the work," as I like to call it, or "less hat, more cattle," as my friends in Austin might phrase it.


Don't get me wrong. The sessions were engaging as ever. The vendor floor was packed. The attendees came early and stayed each day to the end. The DevNet area was bigger than ever before. It was, by every measure, a great conference.


More about DevNet: While there were a lot of younger faces, there was no shortage of folks who clearly had put their years in. Patrick was the first to notice it, and it's worth highlighting. Folks with depth skills in a technical area were taking time to begin training on the "new thing," a set of skills that are up-and-coming, which do not match, in any way, the techniques they use right now, which may not even bear a resemblance to their current job. But they were there, session after session, soaking it in and enjoying it.


But as I commented to patrick.hubbard and ding, I hadn't yet found "it." And they both pointed out that sometimes the "it" is simply thousands of people spending time and money to come together and share knowledge, build connections, and enjoy the company of others who know what they know and do what they do.


Meanwhile, a steady stream of visitors came to the SolarWinds booth asking detailed questions and waiting for answers. Sometimes they had several questions. Often, they wanted to see demos on more than one product. They ooh'ed and ah'ed over our new showstoppers like NetPath and PerfStack (more on those in a minute), but stuck around to dig into IPAM, VNQM, LEM, and the rest.


After speaking to someone for a few minutes, visitors were less apt to say, "Can I have my T-shirt now?" and more likely to say, "I would also like to see how you can do ______." For a company that staffs its trade show booths with an "engineers-only" sensibility, it was deeply rewarding.


But there was no "trendy" thing people came asking about. There simply was no buzz at this show.


Unless - and I'm just throwing it out there - it was US.


You see, about a month before Cisco Live, SolarWinds was identified as the global market share leader for network management software (read about it here: Now that's a pretty big deal for us back at the office, but would it matter to in-the-trenches IT pros?


It mattered.


They came to the booth asking about it. To be honest, it was a little weird. Granted, a kind of weird I could get used to, but still weird.


So it turns out that Cisco Live didn't feature a buzz-worthy technology, but instead we found out that we got to be the belle of the ball.


PostScript: Next year, Cisco Live will be in Barcelona, Spain. Espero ver tu alli y hablar con tu en ingles y español.


As we come to the end of this series on infrastructure and application data analytics, I thought I'd share my favorite quotes, thoughts, and images from the past few weeks of posts leading up to the PerfStack release.


SomeClown leads the way in The One Where We Abstract a Thing


"Mean time to innocence (MTTI) is a somewhat tongue-in-cheek metric in IT shops these days, referring to the amount of time it takes an engineer to prove that the domain for which they have responsibility is not, in fact, the cause of whatever problem is being investigated. In order to quantify an assessment of innocence you need information, documentation that the problem is not yours, even if you cannot say with any certainty who does own the problem. To do this, you need a tool which can generate impersonal, authoritative proof you can stand on, and which other engineers will respect. This is certainly helped if a system-wide tool, trusted by all parties, is a major contributor to this documentation."


Karen:  Mean Time To Innocence! I'm so stealing that. I wrote a bit about this effect in my post Improving your Diagnostic and Troubleshooting Skills. When there's a major problem, the first thing most of us think is, "PLEASE DON'T LET IT BE ME!"  So I love this thought.


demitassenz wrote in PerfStack for Multi-dimensional Performance Troubleshooting


"My favorite part was adding multiple different performance counters from the different layers of infrastructure to a single screen. This is where I had the Excel flashback, only here the consolidation is done programmatically. No need for me to make sure the time series match up. I loved that the performance graphs were re-drawing in real-time as new counters were added. Even better was that the re-draw was fast enough that counters could be added on the off chance that they were relevant. When they are not relevant, they can simply be removed. The hours I wasted building Excel graphs translate into minutes of building a PerfStack workspace."


Karen:  OMG! I had completely forgotten my days of downloading CSVs or other outputs of tools and trying to correlate them in Excel. As a data professional, I'm happy that we now have a way to quickly and dynamically bring metrics together to make data tell the story it wants to tell.


cobrien  NPM 12.1 Sneak Peek - Using Perfstack for Networks


"I was exploring some of the data the other day. It’s like the scientific method in real-time. Observe some data, come up with a hypothesis, drag on related data to prove or disprove your hypothesis, rinse, and repeat."


Karen:  Data + Science.  What's not to love?


SomeClown mentioned in Perfstack Changes the Game


"PerfStack can now create dashboards on the fly, filled with all of the pertinent pieces of data needed to remediate a problem. More than that, however, they can give another user that same dashboard, who can then add their own bits and bobs. You are effectively building up a grouping of monitoring inputs consisting of cross-platform data points, making troubleshooting across silos seamless in a way that it has never been before."


Karen: In my posts, I focused a lot on the importance of collaboration for troubleshooting. Here, Teren gets right to the point. We can collaboratively build analytics based on our own expertise to get right to the point of what we are trying to resolve.  And we have data to back it up.


aLTeReGo in a post demo-ing how it works, Drag & Drop Answers to Your Toughest IT Questions


"Sharing is caring. The most powerful PerfStack feature of all is the ability to collaborate with others within your IT organization; breaking down the silo walls and allowing teams to triage and troubleshoot problems across functional areas. Anything built in PerfStack is sharable. The only requirement is that the individual you're sharing with has the ability to login to the Orion web interface. Sharing is as simple as copying the URL in your browser and pasting it into email, IM, or even a help desk ticket."


Karen: Yes! I also wrote about how important collaboration is to getting problems solved fast.


demitassenz shared in Passing the Blame Like a Boss


"One thing to keep in mind is that collaborative troubleshooting is more productive than playing help desk ticket ping pong. It definitely helps the process to have experts across the disciplines working together in real time. It helps both with resolving the problem at hand and with future problems. Often each team can learn a little of the other team’s specialization to better understand the overall environment. Another underappreciated aspect is that it helps people to understand that the other teams are not complete idiots. To understand that each specialization has its own issues and complexity.


Karen: Help desk ticket ping pong. If you've ever suffered through this, especially when someone passes the tick back to you right before the emergency "why haven't we fixed this yet" meeting with the CEO, you'll know the pain of it all.


SomeClown observed in More PerfStack - Screenshot Edition


"In a nutshell, what it allows you to do is to find all sorts of bits of information that you're already monitoring, and view it all in one place for easy consumption. Rather than going from this page to that, one IT discipline-domain to another, or ticket to ticket, PerfStack gives you more freedom to mix and match, to see only the bits pertinent to the problem at hand, whether those are in the VOIP systems, wireless, applications, or network. Who would have thought that would be useful, and why haven't we thought of that before?"


Karen: "Why haven't we thought of that before?" That last bit hit home for me. I remember working on a project for a client to do a data model about IT systems. This was at least 20 years ago. We were going to build an integrated IT management systems so that admins could break through the silo-based systems and approaches to solve a major SLA issue for our end-users. We did a lot of work until the project was deferred when a legislative change meant that all resources needed to be redirected to meet those requirements. But I still remember how difficult it was going to be to pull all this data together. With PerfStack, we aren't building a new collection system.  We are applying analytics on top of what we are already collecting with specialized tools.


DataChick's Thoughts


This next part is cheating a bit, because the quotes are from my own posts. But hey, I also like them and want to focus on them again.


datachick in Better Metrics. Better Data. Better Analytics. Better IT.


"As a data professional, I'm biased, but I believe that data is the key to successful collaboration in managing complex systems. We can't manage by "feelings," and we can't manage by looking at silo-ed data. With PerfStack, we have an analytics system, with data visualizations, to help us get to the cause faster, with less pain-and-blame. This makes us all look better to the business. They become more confident in us because, as one CEO told me, "You all look like you know what you are doing." That helped when we went to ask for more resources."


Karen: We should all look good to the CEO, right?


datachick ranted in 5 Anti-Patterns to IT Collaboration: Data Will Save You


"These anti-patterns don't just increase costs, decrease team function, increase risk, and decrease organizational confidence, they also lead to employee dissatisfaction and morale. That leads to higher turnover (see above) and more pressure on good employees. Having the right data, at the right time, in the right format, will allow you to get to the root cause of issues, and better collaborate with others faster, cheaper, and easier.  Also, it will let you enjoy your 3:00 ams better."


I enjoyed sharing my thoughts on these topics and reading other people's posts as well. It seems bloggers here shared the same underlying theme of collaboration and teamwork. That made this Canadian Data Chick happy. Go, everyone. Solve problems together.  Do IT better.  And don't let me catch you trying to do any of that without data to back you up. Be part of #TeamData.

There are many books, websites, and probably self-help videos devoted to teaching or explaining the art of troubleshooting. Most are specific to an industry, and further to a problem domain within that industry. Within each problem domain, within each industry, within each methodology, there are tools of the trade designed to help you solve whatever problem is vexing you at that moment. The specificity of all of this, however, can be abstracted out of these insular, domain-specific modalities to affect a greater understanding of the role of troubleshooting in general.


It goes without saying that you cannot find something that you do not know you are looking for, and yet this is what a lot of neophyte engineers instinctively try. “The phones are down” may seem like the problem you need to fix, but counterintuitively that is only a symptom of the real problem. The real problem, the one causing the phones to be down, lies elsewhere. While you run around trying to figure out what’s up with the phones, what you should be thinking is, “For what reason(s) is/are the phones ‘down’?” and move from there. For example, are all the phones down? Some? Are there other symptoms? And what has changed recently, if anything? Once you’ve worked through some of this, which may only take seconds or minutes for a seasoned engineer, you’re more prepared to move onto the next steps.


Analyzing the problem(s), or problem statements, will help you to form some hypothesis as to where the problem is likely to lie. Now, how can you begin testing your ideas to see if you are on the right track? Well, in the IT world that we all live in (I know, I said abstracted…), you’re going to need information. Information gathering can be a manual process, and in many cases must be, but having good tools at your disposal can certainly help the process along the way, especially when you are shooting in the dark, so to say. Again, if you don’t know what you don’t know, an automated and impartial tool can help.


Tool impartiality is often overlooked as a step in the discovery phase of troubleshooting any problem. Plumbers have scopes to look inside of pipes that they cannot see; electricians have multi-meters to help them test connectivity, resistance, etc.; and you as an IT professional have tools like PerfStack. A tool like this happily gathers information from all of your systems, jumping to no conclusions, and can call out abnormalities in the steady state of a system. Where many engineers skip straight to the “trying to fix anything they suspect is the problem” phase, PerfStack simply presents what it sees in an impartial and authoritative manner. From its dashboards, an engineer can begin his/her search from a position of knowledge. Combine that with the wisdom that comes from experience, and you have a very strong team.


Mean time to innocence (MTTI) is a somewhat tongue-in-cheek metric in IT shops these days, referring to the amount of time it takes an engineer to prove that the domain for which they have responsibility is not, in fact, the cause of whatever problem is being investigated. In order to quantify an assessment of innocence you need information, documentation that the problem is not yours, even if you cannot say with any certainty who does own the problem. To do this, you need a tool that can generate impersonal, authoritative proof you can stand on, and which other engineers will respect. This is certainly helped if a system-wide tool, trusted by all parties, is a major contributor to this documentation.


A tool like PerfStack will certainly help in getting buy-off from the pointy-haired bosses as to what needs to happen to fix whatever needs fixing. Most organizations have a change control process--though likely an amended one during any kind of outage—and documentation is always a part of that. And all of this stuff, this paper trail from beginning to end, flows together nicely right into the final package that many organizations require for a post-mortem. Engineers and management can get through an after-the-fact incident meeting much quicker, and with likely consensus, with a clean and robust set of documents.


At the end of the day, troubleshooting is an art no matter what you do, where you do it, or in what industry you live. The methodologies are largely the same at a macro level, as are the need for quality tools. Can a great engineer find the root cause of a problem without a comprehensive tool like PerfStack? Sure. A cobbled together band of point tools has always been a part of the engineer’s toolkit and likely always will be, at least until our new sentient robotic overlords obviate the need for that. But a full-scale, system-wide solution like PerfStack should also be a part of any well-stocked engineering team’s process. After all, it can help find those things you do not yet know you are looking for.

The Ides of March are upon us. And with the Ides comes one of my least favorite things: Daylight Saving Time. I'm one of those "UTC forever" fanboys, because I've suffered having to work with systems that fail to consider how to track, or properly convert, datetimes. On the other hand, I do recognize the trouble by trying to convert everyone to UTC. The link at the end is a nice thought experiment for anyone who has to work with datetimes.


As always, here's a handful of links from the intertubz I thought you might find interesting. Enjoy!


Spammergate: The Fall of an Empire

One dozen people, 1.4 billion emails a day. Nice summary of how a handful of groups came together to take this spam empire offline.


The WikiLeaks CIA hacking documents include spy tools literally from sci-fi

Most of the articles about the CIA spy hacks last week were like this one: clickbait. The details in the Wikileaks appear to be quite dated, resulting in Apple, Google, and Microsoft to all declare that the vulnerabilities have been patched long ago.


Artificial intelligence: Cooperation vs. aggression

A nice reminder that computers will do what we tell them to do. If we tell them to shoot people, we shouldn't be surprised when they shoot people.


DevOps has reached critical mass, CIOs need to get on board

I dislike the marketing term DevOps, but I *love* how it helps describe a modern software development lifecycle. It's hard to believe that there is any CIO out there that isn't subscribing to such methods.


Serverless is the new Multitenancy

A quick summary of the future of SaaS. Server-less architecture is going to allow cloud providers the ability to scale further than they do now. I suspect that for the end-user we won't have to worry about creating such functions, we will just click buttons and the plumbing will be handled for us.


30 Questions to Ask a Severless Fanboy (or Fangirl)

Because if server-less gets brought into a discussion you are having, you should be prepared to ask a few basic questions.


So You Want Continuous Time Zones

Someone had a bit of time on their hands, pun intended. This thought experiment was worth the time, and has a wonderful conclusion: "The sad, ultimate truth of modern timekeeping is this: it's not perfect, but it doesn't honestly get a whole lot better."


With the Perfstack™ launch this week, I am reminded how much I love working here at SolarWinds, and this image best describes why:


Filter Blog

By date: By tag: