We're pleased to announce the availability of UDT 3.2.2 in your customer portal. 3.2.2 now includes the same version of Orion Core as in NPM 11.5.1 in addition to UDT bug fixes.

Naturally, features and improvements introduced in User Device Tracker 3.2.1 are also present in this latest and greatest version of UDT.

Looking forward to your feedback!

Batman’s tool belt. Tony Stark’s workshop. MacGyver’s… well, just about anything he can get his hands on.


Working in IT, it’s easy to appreciate the benefits of having the right tools at our fingertips. In fact, that’s one of the questions I get asked frequently: Which tools do I think are ESSENTIAL, the ones that I just can’t live without?


The reality is that LOTS of tools are good, and could be viewed as “essential”. What really makes a tool really noteworthy is when it “fits” with your other tools, when it seamlessly integrates with your personal style, workflow, and collection of other tools.


Over the years, SolarWinds has grown from its humble beginnings of the “Engineer’s Toolkit”, and amassed an impressive suite of solutions that cover the gamut of monitoring needs. But which ones fit that definition of “I can’t live without it” and “it gets along with the other tools I use”?


Obviously, that list starts with Network Performance Manager (NPM), our flagship product. But where does the well-equipped IT Pro go from there?


After NPM, personal must-have list ranks NetFlow Transaction Analyzer (NTA). Just a few years ago, NetFlow was a semi-esoteric nice-to-have. Nowadays NetFlow – with its ability to display the bandwidth used by specific endpoints, protocols, or applications – extends simple network and device monitoring into the realm of bandwidth analysis, detailed problem forensics, and even security.


NCM (Network Configuration Manager) ranks neck and neck with NTA as the utilities I keep in the top drawer of my toolbox. Configuration management may not seem as glitzy as NetFlow, but in terms of the ways it can keep your infrastructure stable, it can’t be beat. We’ve all seen the statistics – over 60% of network outages are due to uncontrolled configuration changes. “Uncontrolled” can mean unplanned, untested, or un-recoverable. NCM addresses all of that. But on top of that it provides me with end-of-life audits as well as detailed reports telling me which of my devices have security flaws (and how to fix them). And it lets me roll out planned, tested, recoverable changes to my entire network with a single click.


Last on my short-list is good old Engineering Toolkit, the software that started it all. Why? Because there’s a difference between regular ongoing monitoring and detailed analysis. For the ongoing stuff, NPM, NTA, and NCM are the go-to. But for digging through your infrastructure in real-time, Engineering Toolkit does everything the other tools do faster, cleaner, and with a smaller footprint.


Best of all, these tools are all part of the united Orion Core Platform. That means you can pull off detailed custom displays like this



… with relative ease.


What does a view like this let you do? Well, it’s a good example of a “critical path” view – a trick which can cut troubleshooting down from over an hour to under 5 minutes. Using the view above it would be easy to see a CBQoS issue with the HQWAN interface, which resulted from a recent config change. The screen would then let you quickly revert that config change and resolve the issue.


If you only had NTA you would not get an alert on the outage, nor the ability to easily revert the change. That you get with NPM and NCM. With just NPM you would be warned there is an issue but wouldn’t have the QoS information nor the ability to revert the change.


And that’s why I’m excited about the Network Troubleshooting Bundle. Yes, you could buy all the pieces parts individually, but this is a single purchase, and a single installer. If you already have one (or more) of these, the bootstrapper will figure that out and just install what you need.


Unless you’re MacGyver. In which case all you need is a paperclip, a bamboo pipe, and a standard D-cell battery.

We have reached the Release Candidate (RC) status for Network Configuration Manager (NCM) 7.4. RC is the last step before general availability and is a chance for existing customers to get the newest functionality before it is available to everyone else.


Update: NCM v7.4 RC2 is available on customer portal. Please note that an NCM server host with SolarWinds NPM installed cannot install or upgrade to NCM 7.4 RC2 until the NPM is ugraded to NPM 11.5.2 RC1. More details can be found in NCM 7.4 RC2 is Available on Customer Portal.


  • Device Template Wizard
    Use the web-based wizard to create or edit a device template. NCM stores all device templates in the Orion Platform database instead of the NCM server's local file system.
  • Cisco Vulnerability Reports
    Receive alerts when the latest NIST data indicates a vulnerability in a version of Cisco device software (IOS or non-IOS) running on deployed switches, routers, and security appliances.
  • Compliance Reports
    DISA STIG, NIST FISMA, and PCI policy reports, with all necessary rules and policies already set-up, become available to run after installation.
  • Enhanced Change Approval
    Use a one tier approval workflow to allow any NCM user with the WebUploader role to submit device configuration changes to a single NCM Administrator. Use a two tier approval for non-privileged users to require two NCM Administrators to approve a device configuration change submitted by any NCM user with the WebUploader role. And use a two tier approval for all users to require two NCM Administrators to approve a device configuration change submitted by any NCM user.
  • Web-based Alerts and Reports
    Fully eliminating the NCM desktop application, NCM uses the Orion Platform alerts and reports systems, enhancing NCM's integration with other Orion Platform products.
  • Remediation of Policy Violation
    Automatically or manually remediate violations from within the Policy Report interface for all relevant blocks in a device configuration.
  • Configuration Change Auditing
    Syslog data forwarded from network devices as part of real-time change detection includes the name of the user associated with the change.


Extend and troubleshoot device templates easily

Device templates have been moved to the database. You can modify the templates in the Web UI and no longer have to replicate them accross your polling engines. Smooth thwack integration was a must!

In addition, we have integrated a wizard into NCM that helps you develop new templates or troubleshoot problems with the existing ones.


Device-Template-Management.PNG Device-Template-Wizard.PNG


Identify and manage firmware vulnerabilities

If network security is a concern in your organization, you should definitely use this new capability of NCM -- run a nightly vulnerability assessment based on recent CVE data provided by the National Vulnerability Database (by NIST). NCM will download and process the CVE data in a SCAP-compatible way and will notify you of potential vulnerabilities, provide detailed information and let you take an appropriate action. This security scan works even if your NCM server is not connected to the Internet -- you just have to download the datafiles manually. Complimentary reports are provided out of the box.

Note: Cisco IOS and ASA devices are supported as of now.



Vulnerability-Manage.PNG Vulnerability-Settings.PNG


Run your favourite regulatory compliance checks out of the box

Tired of importing the obligatory reports from thwack? No longer a problem! NCM now ships the latest DISA STIG, NIST FISMA, and PCI reports out of the box. The updates also include broader vendor coverage and more detailed checks.


Note: If you upgrade from NCM v7.2.x to v7.4 Release Candidate, these new reports will be missing. The workaround is to upgrade from 7.2.x to 7.3.2 first and then to 7.4 RC. The problem is related to upgrades from NCM 7.2.x only; upgrades from NCM 7.3.x and clean installations are not affected. We apologoize for incovenience and work on solution for the final NCM 7.4 release.




Manage your NCM reports and alerts on the web

Were you looking forward to the day when you could customize your NCM reports in the web and combine them with information from other modules? The day has come! Not only have we migrated all the existing inventory reports to the Orion reporting engine, but we have also added a decent number of new ones. The same applies to alerts.





Automatic Compliance Enforcement

Maintaining your configurations compliance has never been so easy. Just configure the remediation script to be executed automatically! Works for interfaces, too.




Ant that's not all -- check Network Configuration Manager v7.4 Beta2 is Available! for other improvements that cannot fit in this post.


RC builds are made available to existing customers prior to the formal release. These are used to get customer feedback in production environments and are fully supported. If you have any questions, I encourage you to leverage the NCM forum.


You will find the latest version on your customer portal in the Release Candidate section.

It is my pleasure to announce that Web Help Desk 12.3 has reached RC status and is available for download from the SolarWinds Customer Portal for customers on Active Maintenance through June 1st, 2015.


This release includes support for Parent/Child ticketing, allowing you to link multiple tickets to a one parent ticket. Using this feature, you can for example:


  • Model repetitive business processes, such as on-boarding new employees or scheduling maintenance tasks
  • Track your IT projects
  • Group service request tickets together for troubleshooting or create ad-hoc child tickets to fulfil requests


It also address various known feature requests, namely




The Parent/Child relationship logic incorporated within SolarWinds Help Desk is modeled after the concept of Problem/Incident management. Problem/Incident is addressing unplanned interruptions or failures (Incidents) and identifying the root cause (Problem) of one or more incidents. This process is based on ITIL best practices, but it has its limitations. Parent/Child relationships are designed to provide general links between tickets and serves many purposes. There are a few other differences, which I highlight later in this article. Fundamentally, to link a problem with an incident, you create a relationship between both entities.


Manually Linking Tickets Together

Using Parent/Child relationships built into SolarWinds Web Help Desk, you can manually link service request tickets together by clicking the Requests tab on the right side of the ticket screen, as shown below.




Here, you can link any existing ticket as a parent to your working ticket. Simply search for the appropriate tickets using the Search Requests function and click Link next to the targeted ticket.

Once you create a relationship between both tickets, click Save. After you save your child ticket, you can:


  • View the linked parent
  • View the parent ticket from the child ticket
  • Send notes to linked child tickets
  • Send notes to the linked parent ticket
  • Add attachments to the notes and propagate to parent and child tickets


Viewing a Linked Parent

Once you link your ticket to the parent ticket, the Linked Parent ticket tab appears within your working ticket, as shown below.




In this embedded tab window, you can view basic ticket information such as the ticket number, status, or subject combined with the request details. You can also unlink the ticket by clicking the Trash icon on the right side of the window. The ticket screen also includes an embedded History tab that appears in the ticket. SolarWinds Web Help Desk records all ticket actions related to the Parent/Child ticket relationship, providing you with a complete record for auditing or other IT business processes.


Viewing a Parent Ticket from a Child Ticket

When you click on the ticket number or request details of the linked parent ticket, the parent ticket appears on your screen. In the parent ticket is an embedded Linked Child Tickets tab that lists the linked child tickets and ticket summary information, such as the ticket number, status, and request details. You can freely move between the parent and child tickets as needed by clicking each ticket.


You can add a parent ticket to another parent ticket as required, but every ticket can have only one parent ticket. The Parent/Child logic built into SolarWinds Help Desk incorporates a tree structure that will not allow you to create endless loops between tickets.


Sending Notes to Linked Child Tickets

When you are in the parent ticket, you can send a note down to all linked child tickets. Simply create a note in the ticket and select the Show in Linked Child Tickets check box, as shown below.




Once you save the ticket, the note is visible to all linked child tickets.


Sending Notes to the Linked Parent Ticket

You can also send a note up to the parent ticket. When you are working in a linked child ticket, simply click the Show in Linked Parent Ticket check box. Your note is copied to the parent ticket, as shown above.


Adding Attachments to Notes

When you send notes to the child or parent ticket, you can also include an attachment. If you need to edit the note, open the original ticket of the note, edit the note, and then save it. The updated note including attachment will be immediately available to the parent ticket or down to the child tickets.


There is no limitation on ticket status for any ticket within the Parent/Child structure. You can open, close, or modify any linked ticket.


Automatically Linking Tickets Together

The Parent/Child ticketing structure built into SolarWinds Web Help Desk can help you automate repeated tasks, such as the New Hire process used to on-board a new employee. In this scenario, you can create a standardized set of tickets that are completed by various people within your organisation.


Some process tasks are dependent on others and need to be tracked separately using an action rule to trigger your New Hire process. Simply define the criteria — such as the request type or a keyword that appears in the subject — to run a task. Your defined task creates a set of tickets assigned to the appropriate department or individuals and links them to the parent ticket that initiated the action rule.




When you create a task for your automated process, select the Shared check box so you can use this task in an action rule. For every step of your process, define a task element.


Each task element creates one ticket. In the Task Elements tab window, you can decide if the newly- created ticket should be linked to the parent ticket, as shown below.




By linking tickets together, you can:


  • Pass information from parent tickets to child tickets. This process allows you to distribute selective or sensitive information to all child tickets. Typically, you would create a form using custom fields and pass your information through these fields as needed.
  • Combine information between ticket types. You can combine information from a parent ticket with new information in a child ticket. For example, the subject in a child ticket could include a description with the parent subject description appended to it, separated by a space.
  • Copy ticket attachments between ticket types. You can copy ticket attachments (but not note attachments) from parent tickets to child tickets. However, be aware that this process will duplicate the attachments in your database and consume additional storage space.
  • Trigger succeeding task elements when a targeted element is completed. Using the Generate Next Element logic, you can define when the next ticket is created based on the previous ticket element status. For example, you could create tasks that generate service request tickets to create a new employee email address and user account. When those tasks are completed, you can configure these tasks to trigger another step in the new hire process, as shown below. Alternatively, you can perform the same procedure by creating several tasks and action rules that model more complex dependencies and workflows.



Now that you have seen how Parent/Child relationships can benefit your organization, go to our customer portal and download the new version to get started today.


PS. One more thing , often you need to reference ticket from a Note, Request Details field or FAQ fields. You can do it now by simply typing "ticket <number>" or "case <number>" (it works also with keywords like request, incident or problem). WHD will automatically makes it a link.


Embedded links.png

Following recent UDT 3.2.2 Service release in which we added Web alerting and brought back the ability to manage nodes without a re-discovery, the development team is already working on new features for next release. Below is a highlight of some of these items in the pipeline.


Improved Juniper support

Web Reporting

Whitelisting improvements

Err-disabled port status in UI

Cross-product Integration

  • NTA endpoint details displayed in UDT and vice versa


Disclaimer: Comments given in this forum should not be interpreted as a commitment that SolarWinds will deliver any specific feature in any particular time frame. All discussions of future plans or product roadmaps are based on the product teams intentions, but those plans can change at any time.

SolarWinds Database Performance Analyzer (DPA) has always been the way to quickly get to the root cause of application performance problems. Now with DPA 9.1, we have extended the same great functionality to databases hosted in the Amazon cloud.  From the same screens you use today, you can monitor SQL Server and Oracle RDS databases just like any other database.  Even better, you can monitor EC2, RDS, and on-premise databases from the same installation of DPA.


Now you can easily provision a DPA instance from the Amazon Marketplace using the DPA AMI, you won’t have to wait for a box to be provisioned, you are the master of your DPA install.  Once provisioned, it is just a couple of clicks and you are collecting data through DPAs agentless architecture.


Often, I have heard that the biggest fear when moving a database into the cloud is that you can’t see what is going on outside the database (server, storage, and infrastructure). Although you can’t monitor the servers that the database is on, you can use DPA to troubleshoot if a performance issue is likely related to a resource, such as Storage, or if queries need to be tuned.


DPA is a tool that pulls back the curtains, at least enough to be able to pinpoint or even eliminate a particular area.  One of our customer’s favorite features to use when you are monitoring a database in the cloud is DPA’s ‘Storage IO’ feature that was introduced in DPA 9.0.   As in the case of Storage, you can see if there is a high latency or prove that the work is being done in memory. DPA can give you that confidence to move forward with troubleshooting performance issues.  Without DPA, RDS databases still have a bit of a black box feel to them.


DPA 9.1 can help ease your mind as you leverage the Amazon Cloud for your databases.


To see all the features of Database Performance Analyzer 9.1, see Database Performance Analyzer 9.1 Release Candidate is available now!!!!.

Coming fresh off the Virtualization Manager  (VMAN) 6.2 release in which we added management action functionality (power management and snapshot management) and AppStack support (to name just a few features) the VMAN team is already working on the next set of features. I am excited about what we have planned for VMAN as we transform it into a one stop monitoring and virtual management tool. Here are the highlights of what we have we are currently working on:.


  • New Migration management actions
    • vMotion/Live Migration - Provide the ability to migrate a VM to a different host within VMAN
    • Storage vMotion/Storage Live Migration - Provide the ability to migrate VM disks to a different datastore or shared cluster volume from within VMAN.
  • Sprawl Management Actions
    • Add/Remove CPU - Grow or shrink the amount of virtual machine CPU from within VMAN
    • Add/Remove RAM - Grow or shrink the amount of virtual machine RAM from within VMAN
    • Delete VMs - The ability to remove/ delete unnecessary virtual machines for the purpose of reclaiming resources from within VMAN
    • Delete Orphaned VMDKs - Provide the ability to delete orphaned VMDKs from the Virtualization Sprawl resource “Storage being used by Orphaned VMDKs” so that I can reclaim datastore storage from the alert.
  • The ability to act on virtual sprawl alerts from within the VMAN Sprawl page.
    • Over-allocated & Under-allocated resources - Add/Remove CPU & RAM
    • VMs Powered Off for More than 30 Days - Delete VMs
    • VMs Idle for the Last Week - Shutdown VMs
    • VMs that might benefit from decreasing vCPUs - Decrease vCPU
    • Top 10 VMs by Snapshot Disk Usage - Delete Snapshots
    • Orphaned VMDKs (New alert) - Delete Orphaned VMDK
  • Alert Remediation - Provide the ability to configure an alert to trigger a management action based on a threshold..
  • Red Hat Enterprise Virtualization support
  • Citrix XenServer Support
  • Recommendations - Recommended actions to take to ensure performance, optimal capacity, avoid potential issues, and improve uptime.
  • vCenter and Hyper-V Events
  • Improved scalability and performance of polling


Disclaimer:  Comments given in this forum should not be interpreted as a commitment that SolarWinds will deliver any specific feature in any particular time frame. All discussions of future plans or product roadmaps are base on the product teams intentions, but those plans can change at any time.


If you don't see what you are looking for here, you can always add your idea(s) and vote on features in our Virtualization Manager Feature Requests forum.

The Patch Manager team is pleased to announce general availability of Patch Manager version 2.1. All customers under active maintenance can find the download in the SolarWinds Customer Portal, and anyone interested in Patch Manager can download from solarwinds.com.


We talked about what's new in detail back in the beta days (Patch Manager 2.1 Beta 1) , but let me quickly refresh your memory.


Automated Third Party Patches


We've added the ability to automatically publish and patch third party updates similar to the way WSUS/SCCM handle Windows updates. With this feature, you can automatically download, publish, and patch third party products from our 3PUP catalog (see: Table of third party patches - updated 4/8/2015 for the latest third party patches).


Important note: there are some providers that don't allow us to automatically download and publish their updates without a click-through EULA acceptance. For now, these providers (including Oracle and Adobe patches) won't be supported through this feature. Hopefully we'll find a good solution to this in the near future - we're working with the third party vendors directly to hopefully find some options.


New Reports


Thanks to thwack feedback and discussions, we've pulled in a lot of common custom report requests and now have them included out of the box! These reports should make it easier to identify problem systems and report on updates.


Included are:

  • Custom Hardware Report
  • Installed Programs and Features Basic
  • Approved Updates Status Count by WSUS Server and Update Source
  • Computer Update Status - Locally Published Updates
  • Computer Update Status with Aggregate Counts of Install State for Approved Updates
  • Computer Update Status Counts by Classification for Approved - Not Installed
  • Computer Update Status - Approved Updates with ID and Revision


New Computer Group Scoping Options


A common request is to make it easier to find and manage computers across subnets, Active Directory OUs, or AD sites. We've added several new grouping options:

  • IP subnet or range
  • Active Directory Organizational Unit (OU)
  • Active Directory Site


...and more!


In addition to the standard bugfixes and improvements, we've also:

  • Made it easier to gather logs for troubleshooting with the support team
  • and, added support for Windows 2012 R2 and Windows 8.1 as options when selecting computer properties


As always come over to the Patch Manager space here on thwack if you've got any questions. Happy patching!

Patch Manager uses Inventory tasks to pull information from your Windows Server Update Services (WSUS) servers and managed computers so you can view and report on that information from the Patch Manager Console. The WSUS Inventory task provides detailed information about WSUS server configuration, WSUS server statistics, basic computer inventory attributes, and so on. Data from the WSUS Inventory task populates reports in two categories:

  • Windows Server Update Services
  • Windows Server Update Services Analytics


In Patch Manager version 2.1, the following reports that are available in earlier versions of Patch Manager have become obsolete:


In Windows Server Update Services:

  • Count of security updates released in 2008
  • Critical Updates released in (2006-2008)
  • Security (bulletins/Updates) released in 2008
  • Updates released in (2006-2009)
  • Windows Server (2000/2003) applicable critical updates released in (2007/2008)
  • Windows (XP/Vista) applicable updates released in 2008
  • Updates superseded by Windows XP SP3


In Windows Server Update Services Analytics:

  • Computer details for MS08-067 or MS08-078
  • Computers with failed MS08-067 or MS08-078 installations
  • Computers in a selected group with approved update status details for (June-August 2008)
  • Computers where MS08-067 MS08-078 MS09-001 (failed to install/is installed/is NOT installed)
  • Computers where MS08-067 or MS08-078 is (not) installed
  • Effective approvals by computer group for MS08-067 or MS08-078
  • Effective approvals for MS08-067 MS08-78 MS09-001


However, you have the option to download these reports and import them in Patch Manager.


To download obsolete reports and attach them to the Patch Manager Console:

  1. Close all sessions of Patch Manager.
  2. Download the attached obsolete reports to your local drive.
  3. Open the downloaded reports.
  4. Copy the reports that you want to activate.
  5. Go to Patch Manager installation folder. For example, \\Program Files\SolarWinds\Patch Manager\Server\Templates\cmdb
  6. Paste the selected reports in the Patch Manager installation folder.
  7. Open Patch Manager Console.
  8. Expand Administration and Reporting > Reporting > WSUS Reports.
  9. Check if the copied reports are now available in the appropriate reports pane.


Once these reports are visible in the Patch Manager Console, you can view, customize, and create reports for your WSUS servers and managed clients.

Hopefully you saw my Sneak Peek blog post a couple weeks back on the Active Directory integration coming with 11.2 and are excited about it as much as I am.  If you haven't read it, I highly recommend checking it out. 


Also excited that the Release Candidate, (barring no last minute issues) should be available Monday.  The Release Candidate is a fully tested and supported release and you can upgrade to the RC from your previous version of DameWare.  Should you need assistance during the installation, feel free to contact SolarWinds support

If you are interested in the release candidate, either send me a direct message or please sign up here

Looking forward your feedback!




As always, here comes a list of items we are working for the future of VNQM. We are listening and your comments will be more than welcomed.


  1. Support for SIP Trunk utilization troubleshooting and SIP protocol connectivity troubleshooting. Support for SIP and H.323 Trunk utilization monitoring Gateway / trunk Combined utilization view and alerting.
  2. End-To-End visualization of network map between two phones and connected ports & switches on a call route.
  3. Updating visuals - more attractive charts (zoom-in) + Web Based Report for VNQM , Export report from VoIP search page
  4. More out of the box reports with capacity trending. advanced VNQM reports
  5. Support for MS SQL 2014
  6. Performance improvements and more CDR data retention period (more than 1 month of the data in DB)
  7. Support for Cisco IO 15.x, ISR for IPSLA Support for IOS 15.3 on ASR
  8. Monitor PRI Utilization by Call Count Instead of % Utilization


PLEASE NOTE:  We are working on these items based on this priority order, but this is NOT a commitment that all of these enhancements will make the next release.  We are working on a number of other smaller features in parallel.   If you have comments or questions on any of these items (e.g. how would it work?) or would like to be included in a preview demo, please let us know!

I would like to share a list of items we are working for the future of Network Traffic Analyzer. We are listening and your comments will be more than welcomed.


  1. Improvements in unknown application detection in netFlow(s) - using Cisco NBAR2 (1000 apps) for understanding what's behind port 80, etc. (Support for Cisco NBAR)
  2. Network security protection using Network Behavior Analysis (using flows, not agents). Detect DDoS attack, mallware communication or any other suspicious network communication without end-point agent deployment.
    1. IP Address reputation - get warning if application/end-point communicate with potentially dangerous site, we will take care of updates and real-time IP address evaluation.
    2. SYN flood attack detection, DoS detection, unexpected TCP/UDP high volume detection, find the host-name and switch port/SSID information of the source of the traffic.
    3. Port scanning detection
  3. Improved Network Bandwidth Utilization troubleshooting - instead of showing applications from entire network, we want to point you to the most utilized interfaces (and even better, network links) and show you what are top application and top talkers responsible for that conversation.
  4. UDT Integration Integration: NetFlow and User Device Tracker
  5. Topology information within NTA - understand "what and where". See your WAN links or VPN connections and underlying border interfaces with all the traffic (applications) and top talkers on the single page.


PLEASE NOTE:  We are working on these items based on this priority order, but this is NOT a commitment that all of these enhancements will make the next release.  We are working on a number of other smaller features in parallel.   If you have comments or questions on any of these items (e.g. how would it work?) or would like to be included in a preview demo, please let us know!

Filter Blog

By date: By tag:

SolarWinds uses cookies on its websites to make your online experience easier and better. By using our website, you consent to our use of cookies. For more information on cookies, see our cookie policy.