1 14 15 16 17 18 Previous Next

Product Blog

582 posts

Users have found Mobile Admin incredibly useful for managing a wide-range of IT administration functions from resetting passwords in Active Directory while out to dinner to restarting VM's from their bedsides. But many SolarWinds customers have long cried out for the ability to monitor and manage their other Orion products from a user friendly native app. Well, we've listened to your requests and are now releasing Mobile Admin 8.0 with support for SolarWinds Network Performance Monitor, Server and Application Monitor, Network Configuration Manager, NetFlow Traffic Analyzer, and User Device Tracker! Now some of you may recall macnugetz great post a few months back walking you through the support for Network Performance Monitor in Mobile Admin. Well, I'm happy to let you know that we've deepened support for Network Performance Monitor while also broadening it to the other products in the Orion family.

 

Rather than describe in words all the integration that our development team has built into the product, I thought I'd demonstrate by taking a look at how integration with Server and Application Monitor can help you track down and resolve issues in your environment while on the go:

 

A Mobile Walk Through Server and Application Monitor

 

1) Once you've setup Mobile Admin to monitor your installation of SolarWinds Server and Application Monitor, go into the SolarWinds service:

12-4-2012 11-21-59 PM.png

 

2) Dive into "Applications with Problems" to....you guessed it...see your applications with problems

11-29-2012 5-41-47 PM.png12-3-2012 10-05-40 PM.png

3) I see that there is a problem with the Sharepoint 2007 server LAB-SHAREPOINT.lab.tex so I dive in for more information:

12-3-2012 10-06-00 PM.png

4) I get a little bit of information here, but I can dive even deeper by launching the menu and selecting Components:

12-3-2012 10-06-15 PM.png12-3-2012 10-06-37 PM.png

 

 

5) I see that a number of my Component Monitors are down, some of them are up and others are in an unknown state. From here I can drill down into any component monitor to get even more information. For example, if I click on the "Single-sign On" monitor:

12-3-2012 10-07-03 PM.png

6) It appears that this monitor has never collected successfully. Now, here's the magic: While in the Server and Application Monitor, I am only 1-click away from fixing the issue on the actual node having problems. I simply go back to the menu and select "Open Node in Mobile Admin"

12-3-2012 10-07-33 PM.png12-3-2012 10-07-57 PM.png

7) When you open the node in Mobile Admin, I can launch any service available to me on that node. I can restart the server, ping it to see if it's responding, run debugging or configuration scripts or simply launch RDP, Telnet, VNC, or SSH sessions to debug the machine directly. And all of this power is in the palm of your hand, from your phone or tablet (iOS, Android, BlackBerry, iPad, Kindle Fire), wherever, whenever you are.

 

Just one more thing....

 

That's just a simple example of what's available within Mobile Admin. Obviously within this limited space, I can't go through all the cool integration we've built in detail. However, one of our intrepid developers built this handy flowchart that shows all the integration at a very high level (Thanks Vacek!):

MA-Solarwinds-Integration-Map-Color.png

 

I hope you'll explore all the new features available in Mobile Admin v8.0 for yourself! Mobile Admin 8.0 is available for download now in your Customer Portal for customers on active maintenance. I'd also love your feedback on how to improve integration with other SolarWinds services in the future!

The Storage Manager product team has been hard at work these last few months adding some killer functionality to the product. Storage Manager 5.3  includes the following improvements:

 

  • Support for EMC Isilon Arrays
  • New “Add New Device Wizard”
  • An overhaul of the Administrator's Guide (user documentation)
  • Improved support for IBM SVC Arrays
  • Improved support for EMC VMAX, DMX, and Symmetrix Arrays
  • New monitoring metrics and support for tiering data for EMC VNX / CLARiiON Arrays

 

We're most excited about our new support for EMC Isilon and for our new "Add New Device Wizard" so, without further ado, let's dive into it.

 

Storage Monitoring for your Big Data Environment

 

EMC bought Isilon Systems at the end of 2010. It is now clear that Isilon is EMC's major play in the Big Data space with the recent marketing efforts we've seen around the technology. Isilon has a very unique scale-out architecture that can be expanded to literally Petabytes of storage data in a single cluster (apparently Apple purchased a 12 Petabyte system just to store iTunes video). It appears that Isilon has a bright future in the storage marketplace and now you can use Storage Manager to help monitor this impressive storage system.

 

Main Console and other views for EMC Isilon:

12-5-2012 2-48-30 PM.png12-5-2012 2-55-05 PM.png12-5-2012 2-55-26 PM.png12-5-2012 2-55-45 PM.png12-5-2012 2-56-08 PM.png12-5-2012 2-56-45 PM.png

 

Easier Setup and Configuration with the New "Add a Device Wizard"

 

We've always tried to make it extremely easy to setup and configure Storage Manager to monitor your environment, but in v5.3 we're really proud of the work we've done to improve this flow across the different array vendors we support. Although SMI-S is a "standard," it is not a technology that is ready to use out of the box. Often you have to install and then configure an SMI-S provider to communicate with your array, which can be frustrating because depending on array type or vendor sometimes it's stand-alone software, sometimes it's embedded on the array, and sometimes it's part of the vendor's management software. Even finding where to get the provider can vary from vendor to vendor. With the new "Add a Device Wizard" combined with our streamlined documentation, we're hoping to ease that setup process dramatically.

 

But rather than talking about it. I'll walk you through an example of configuring an EMC CLARiiON array in the new version of Storage Manager. We begin on the standard Getting Started page:

12-4-2012 6-35-04 PM.png

I simply select "Add More" next to Storage Arrays to add my array. For those of you familiar with previous versions of Storage Manager, you may remember that there were multiple different ways to add arrays. Well, we've eliminated the confusing variation in workflows. Now you have one place to go to add all of your arrays to Storage Manager. When I click "Add More," I'm presented with a selection box to select my array:

12-4-2012 6-36-33 PM.png

 

Once I select my array, I'm brought to a customized page for my array type. We've done the legwork for you and determined how each vendor deploys their SMI-S providers and given you guidance on how to configure the provider, the array, and Storage Manager for each array type and vendor. This should help eliminate confusion around which IP address or credentials to enter (as the Provider and Array IP and credentials tend to be different for most environments).

12-4-2012 6-36-49 PM.png

To further streamline setup, we've created custom help document links as you can see in the Yellow Text Box above. If I click on that help link, I'm brought to the page below. The help document explains what SMI-S deployment looks like for this array family. Links in the page will take you directly to guidance on how to download, install, and troubleshoot configuration of the vendor's SMI-S providers.

 

12-4-2012 6-37-38 PM.png

We've heard repeatedly from customers that the link from Storage Manager to the vendor's provider can be troublesome. Whether due to stability, problems with configuration, or just wrong credentials, we've sought to remove that issue by placing an easy "Test Connection" button right on the page. This will verify that Storage Manager can indeed communicate with the SMI-S provider with the given IP address and credentials. If for some reason Storage Manager cannot communicate with the Provider, we will give you troubleshooting steps you can take to determine the root cause of the issue and then try again.

12-4-2012 6-45-54 PM.png12-4-2012 6-46-19 PM.png12-4-2012 6-52-08 PM.png

Storage Manager can communicate with the Provider...so all is done! Well, not so fast. Storage Manager is a very scalable architecture and while we would like to think we know what's best for everyone, only you know the exact layout of your environment. This is especially important when deciding how you are going to distribute load between the Storage Manager Server and Agents and also between the Agents and the Arrays they are going to monitor. The final step in the configuration process then is to just select which agent you'd like to communicate with this SMI-S provider. Note that a single SMI-S provider can monitor multiple arrays (although this again varies by array vendor and type) so this is not necessarily 1 Agent to 1 Array. Once you select the agent you'd like to use to monitor your arrays, select assign agent, and you're done!

 

As always, make sure that you've opened the appropriate ports (4319) in your firewall between the Storage Manager Server and Agent so the agent can send data back to the server. If your Storage Manager Server is monitoring the SMI-S provider directly, make sure that ports 5988 & 5989 are clear.

12-4-2012 6-52-35 PM.png12-4-2012 6-52-55 PM.png12-4-2012 6-53-09 PM.png12-4-2012 6-53-21 PM.png

 

We hope that this dramatically simplifies the configuration of Storage Manager for both new and old customers. Of course, we'd love your feedback on how we can make it even better!

 

Try out version 5.3 of Storage Manager today! It is now live in the Customer Portal for all SolarWinds customers on active maintenance. If you are not a customer, you can always download an eval or go to our Live Demo to try it out!

Just in time for Holidays is more goodness for Virtualization Manager.  The new version is available for all customers under maintenance in the Customer Portal, but if you are not a customer, you can always download an eval or go to our Live Demo to try it out!

 

What's New in Virtualization Manager

 

  • Virtual Desktop Dashboard - a dashboard dedicated to your desktops, allowing you to quickly see top consumers in your environment.  Combined with our new per-Socket licensing, this makes Virtualization Manager a perfect fit for your VDI environments.
  • More Hyper-V data - we've added more storage data in our Host and VM views.
  • Improved speed and scalability - lots of collection improvements have increased speed and scalability of our collection and GUI.
  • Many minor improvements (see the Release Notes for more info) - one example is our sorting objects in map views and widgets by alert severity.

 

We will expand on a couple features below.

 

Virtual Desktop Dashboard

If you have a virtual desktop infrastructure (VDI) and need insight into your performance and capacity, our new dashboard is for you.  With it, you can:

  • Find out how many and what kinds of desktops are running in your VDI.

Desktop OS Breakdown.png  Desktop VM Count.png

 

  • Identify and alert on which desktops are consuming the most resources (CPU, Memory, Network, Disk)

Desktop VMs CPU Ready Latest.png  Desktop VM Memory Ballooning Latest.png

Desktop VM Network IO.png  Desktop VM IOPs.png

    

  • Identify which desktops are about to run out of space

Desktop VM Disk 95pct Full.png Desktop Datastore Low Free Space.png

 

  • Find capacity and performance issues at the datastore and cluster levels.

Desktop Cluster CPU Util Latest.png  Desktop Cluster Memory Util Latest.png

Desktop Datastore IO Latency Latest.png

 

Severity Ranking in Maps

Previously, our Map View and Map Widget would sort objects (datstore, VM, etc) in a way that could hide those with issues.  In this version, sorting is by severity so all your problems bubble up to the top.

  • Map Widget: Now your more severe issues appear at the top:

     Environment Map.png

 

  • Map:  Each widget in the map will bubble up the objects with the most severe alerts, so you can quickly find where your problems are, and who and what are being affected by them.  We also changed the object popup (see VM in image) to also show the most severe alerts first.

MapView1.png

 

That's all the goodness we have to show today, so give it a try and let us know what you think!

Customers can download Virtualization Manager from the Customer Portal, but if you want to try it, you can download an eval.

Good news, everyone! Log & Event Manager 5.5 is now available for download. Existing customers under maintenance for both LEM and SIM can download the upgrade on the Customer Portal, and if you're not yet a LEM customer, download the evaluation from our product page and check it out. There's a ton of changes especially for new and evaluating customers that'll help you get started with LEM.

 

I'll keep this post relatively short and instead send you to the previous blog post for the release candidate that covers all of the new features in detail: Log & Event Manager 5.5 Release Candidate is Here!

 

If you're new to LEM, an evaluating customer, or want to try LEM but hesitated before, you should check out version 5.5 because:

  1. You can get LEM installed and showing your syslog data faster than ever with our new connector auto-configuration/discovery
  2. You can spot issues in your data and see trends faster with our new top 10 and health widgets
  3. You can more quickly identify useful filters and track potential issues in real-time with the new default filters
  4. You want to deploy to Hyper-V on Windows 2012

 

If you've been a LEM (or SIM) customer for a while, you should check out version 5.5 because:

  1. You can mix and match real-time and historical data with the new top 10 widgets and spot agents or nodes that haven't been sending data lately with the new node health widget
  2. You can more quickly add new syslog devices and identify that new devices are logging (new "non-agent nodes" are added) with connector auto-configuration/discovery
  3. You have been confused by language and names within LEM, including things like "what's a tool or connector?" "why is it alert and not event? what's the difference?" and "what the heck is NATO5?", which is much more straightforward and consistent in this version
  4. You have experienced any issues or requested any features that are mentioned in our release notes such as:
    1. SNMP trap actions not working with thresholds
    2. SSL/TLS support for e-mail notifications
    3. Distinguishing between agent/non-agent nodes in the connected/disconnected nodes area
    4. Regularly spiking CPU on the LEM virtual appliance

 

Here's a couple of quick screenshots of the new features, borrowed from the previous post:

 

Node Health: see when an agent - or device - last sent events; and Top 10 Users: see the most frequent usernames present in your events (check out the other top 10 widgets for rules, events, and nodes)

http://thwack.solarwinds.com/servlet/JiveServlet/downloadImage/38-159713-7439/405-306/LEM-55-NodeHealth.pnghttp://thwack.solarwinds.com/servlet/JiveServlet/downloadImage/38-159713-7438/403-304/LEM-55-Top10Users.png

Connector Auto-Configuration/Discovery: quickly add new nodes and start receiving data without manual configuration steps:

http://thwack.solarwinds.com/servlet/JiveServlet/downloadImage/38-159713-7443/620-387/LEM-55-NodeScanAddConnectors.png

New Default Filters: find what you're interested in faster, in categories that make sense and came straight from customers like you:

http://thwack.solarwinds.com/servlet/JiveServlet/downloadImage/38-159713-7432/257-400/LEM-55-DefaultFilters.png

 

Be sure to check out the release notes and the previous blog post with lots of details.

 

For customers, you can find the download by going to "Choose Download" next to LEM in the Customer Portal/License Management, then selecting to download "Upgrade Package for Virtual and Hardware Appliance (includes Appliance, Console & Reports Upgrades) v5.5.0" from the grid.

 

Questions about this release? Comments about a new feature? Post them here as a reply to this post or in our Thwack discussion space: Log & Event Manager. Ideas for new features or want to put in your two cents on what you think we should do next? Post, vote, and comment over in our Thwack Ideas space: Log & Event Feature Requests.

In case you missed it, the Log & Event Manager team has recently rolled out new pricing related to monitoring workstation nodes. The goal of this addition is to make it much more affordable for you to monitor workstations together with your servers and network devices in LEM - or even by themselves, if you're solely workstation-minded. It's still the same LEM with the same features and functionality, this just makes it much more possible for you to extend your investment.

 

So, what does that really mean? What would you want to monitor from workstations? And, how do you do that with LEM?

 

Issues Specific to Workstations

Traditionally we focus a lot on servers, but realistically workstations are both the entry point to the network from a security perspective and more systems that require maintenance. As you think about moving away from reactive network/systems/security management to proactive network/systems/security management, workstations are a critical part of our enterprises.

 

Security

From a security perspective, workstations do give you an entry point to the network, and can serve as a gateway to a veritable feast of data. Helpful: your customers and users can access the network quickly and easily from their system to do their jobs well. Not helpful: they have access to so much information and systems that they can also do some serious damage.

 

Things to monitor:

  • Unexpected users logging on to workstations that are more likely to have sensitive information - C-level, VP, and IT administrators. Create a group of users that SHOULD have access to these systems and look for authentication activity (logons and failures) that are to those systems but not from those users.
  • Other forms of unexpected logon activity depending on your environment - logons to workstations after hours if you're in a fairly controlled environment, remote logons if you don't use VPN access or users don't use RDP
  • Changes (create, update, delete) to local accounts and groups, especially Local Admins and accounts that won't inherit your domain policies and settings
  • System changes, like installation of unexpected software and changes to local policies
  • Usage of removable USB disk and networking devices
  • Launch of prohibited applications (IM, games, etc)
  • Patterns of behavior that are not unusual in the one-off case but are in excess, like failed logons

 

Changes and Issues

Monitoring log data from workstations can also grant you insight into the state of the system - if a user calls and complains about something not working correctly, the event log and recent history of activity can provide a lot of useful data.

 

Things to monitor:

  • Software installation, successful and failed
  • Installation of Windows/OS updates, especially failed updates
  • Changes to system policies and configurations (enable/disable of Windows Firewall, enable/disable of audit policy)
  • Failures related to services starting/stopping
  • For Windows, "Critical", "Error", and "Warning" events in general in the System and Application logs

 

Active Responses & Workstations

Useful active responses and scenarios for workstations include:

  • Detecting suspicious (or unapproved) processes and killing them (by name or ID)
  • Disabling networking on a workstation after detecting a malware infection (to isolate from the network)
  • Detaching a USB device that's not approved - this one can be done whether the agent is connected or not with our USB local whitelisting policy
  • Detecting unexpected or inappropriate network, proxy, or file activity and sending a popup to the workstation notifying the user they've been spotted
  • Removing unapproved users from Local Admins automatically, or disabling local users if they are created

 

Combining Workstation and Network/Server Data

In some cases, data specific to workstations is actually centralized at the server or network device, but you might not have thought about specifics of things to look for for workstations or endpoint issues. There's also some cool things you can do if you correlate activity across multiple sources.

 

Centralized Events

  • Anti-Virus and DLP: It's most common for your anti-virus and DLP solutions to log centrally, rather than at the endpoint themselves. These events can provide critical insight into security issues directly at the workstation.
    • Look especially for viruses that are "left alone" (not cleaned, not quarantined) and unexpected data that has moved from the endpoint.
  • Look for Firewall/router data that indicates a workstation:
    • attempting to make outbound connections to unexpected ports
    • bypassing your proxy server for port 80 traffic
    • making excessive repeated outbound attempts to a single source/destination/port
  • If you have a web proxy, use that data to monitor repeated attempts to access blocked content, repeated download attempts for viruses or other suspicious content, downloads of executables
  • A fair amount of your domain controller and other server activity is related to access from workstations (since that's where your users are, after all). You can use this to extend your monitoring of certain types of logon activity that comes from clients and software solutions that are not directly logged at the workstation.
  • DHCP/DNS issues can surface at the DHCP/DNS server side, but indicate workstation problems. With DHCP, especially, you can track whether your server has seen a request for a lease and what the response actually was (before you break out the packet capturing tools to dig deeper).

 

Correlated Activity

  • Correlate authentication activity across servers and other workstations that indicates logon attempts from a single source, which can be symptomatic of an infection or exposure
  • If you monitor file access, monitor for excessive deletes or copies from a single system, and potentially correlate with the USB activity from the workstation itself to indicate files copied from a server all the way to a USB drive
  • Combine suspicious activity to create a more conclusive case that something's wrong - for example, combine excessive logon failures to multiple systems on the network with excessive outbound traffic or combine virus/malware activity with executable downloads

 

Where to go in LEM

If you want to be alerted when above activity occurs (via e-mail) or automatically respond to the workstation, you need to go to Rules (Build>Rules). Most of the items above are really good candidates for rules. Other areas to look in will be:

LEM-RuleLibrary.png

  • Rule Library/NATO5 Rules > Agent: Especially "Detach USB" rules, "Windows Disk Nearly Full", "Keylogger Process Launch", "Authentication Traffic but no Agent"
  • Rule Library/NATO5 Rules > Active Responses: Especially "Kill Suspicious Process", "Game Application Launch", "Remote Desktop After Business Hours", "Restart Stopped AV"
  • Rule Library/NATO5 Rules > Authentication: Especially "Logon Attempt outside of Time Restrictions", "User Logon After Hours", "User Logon but no Agent"
  • Rule Library/NATO5 Rules > Change Management: If you're interested in tracking workstation changes, many of the same rules apply here, or will indicate activity coming from workstations.
  • Rule Library/NATO5 Rules > Spyware
  • Rule Library/NATO5 Rules > Virus/Worm: Especially "AV Update Failure" and "Virus Attack - Bad State"

 

 

If you want to search for activity that has occurred based on a workstation's name and/or IP address, you want to go to nDepth (Explore>nDepth).

  • To search for any events that contain the workstation's name or IP, just type it in the search box - this searches globally.
  • To search for any events from a specific workstation, use the DetectionIP field (or InsertionIP, they'll usually be the same on workstations)
  • To search for any events that came from, were going to, or were created by, a workstation's name or IP,  use the combined IP Address field

LEM-nDepthExploreIP.png

 

If you want to monitor workstations in real time, you can use the widgets in Ops Center to view trends and anomalies, and you can use filters in Monitor to, well, monitor for different categories of activity. Good candidates for filters are things like:

  • Activity from high-profile workstations
    • Create a Tool/Connector Profile or a User-Defined Group with your workstations in it
    • Build a filter for Any Alert.DetectionIP = <group>
    • This will be fairly high-traffic depending on the number, so you might need to narrow the focus to specific types of events.
  • Logon failures only to workstations
    • Create a Tool/Connector Profile (or multiples) with your workstations grouped together
    • Build a filter for UserLogonFailure.DetectionIP = <group> (if you have more than one, OR them together)
    • If you want to look for workstations generating logon failures on other systems, use UserLogonFailure.SourceMachine = <group>
    • If you only want to monitor interactive logons (RDP or local), use UserLogonFailure.LogonType = *interactive*
  • Workstation change activity
    • Again, Create a Tool/Connector Profile (or multiples) with your workstations grouped together
    • Build a filter for [Change Management Events].DetectionIP = <group?> (if you have more than one, OR them together)

 

LEM-WorkstationFilters.png

 

Tips for Managing Workstations in LEM

  1. Deploy agents many at a time using the remote agent installer, by deploying the agent with your workstation image, or by using the local installer in "silent" mode and using it with your software distribution tools.
    1. If you're using the remote agent installer and have remote sites, a helpful tip is to copy the installer to a system (e.g. server) local to that remote site, then push out from there.
    2. KBs: SolarWinds Knowledge Base :: How to include the LEM Agent in a Windows image, SolarWinds Knowledge Base :: Using the SolarWinds LEM Agent Installer non-interactively
  2. Use Tool/Connector Profiles to group agents together. This serves the purpose of grouping AND maintaining a standard configuration template. Configure a single agent, then create a new tool/connector profile and add all of the similar agents with it.
  3. If you have mixed Windows environments, look out for configuring the "wrong" connectors for the Windows Security Log. You'll see Internal alerts that suggest you should configure the opposite connector (there's one for XP/2003 and earlier, and one for Vista and later).
  4. The Manage>Nodes grid can be sorted, sliced, and diced, to take inventory of what's connected and not. The new "Node Health" widget in our upcoming release (RC info available here) will show the last time data was received from nodes, which is helpful. There's also a couple of agent health reports in LEM Reports that can help track down agent connectivity and events.

 

The recent thwackCamp 2012 presentation on the Top 10 Things Logs Can Do for You might have some additional ideas to help spark your creativity in monitoring workstations and your enterprise holistically with LEM.

 

What about you? Do you monitor workstations? Is there anything you'd like to monitor but aren't sure how? Haven't heard about LEM Workstation Edition and want to know more about what it means? Drop a comment here or feel free to start your own discussion thread over in the Log & Event Manager space.

 

Shameless Plug: Other SolarWinds Products for Workstations

While we're on the topic, here's some other good stuff for workstations that will help extend what you get with LEM even further:

  • Patch Manager: not just help with managing your windows patches, but helping address third party patching issues. On top of the fact that Acrobat, Flash, and Java have had a ton of security issues, a lot of malware out there still exploits old holes that are fixed with patches. Keep it up to date from one place.
  • DameWare: DameWare is a handy remote management tool. Once you've identified a problem with LEM, if you want to investigate at the endpoint or respond beyond LEM's built-in active responses, DameWare can help.
  • NetFlow Traffic Analyzer: if you've got bandwidth problems with workstations, use NTA to track down who is consuming it. LEM can help on a time & frequency basis and can do some basic top talker stuff with NetFlow/sFlow, but NTA is all flow all the time.
  • User Device Tracker: UDT helps you determine what user owned an IP address/hostname/MAC address over time. If you've found a historical issue on LEM and want to trace that IP back to a user, UDT can tell you where they were.
  • LANsurveyor: map out your network and figure out the logistical layout of devices. If you've got workstations, chances are there's enough of them that you'd like to know what and where they are connected. LEM doesn't have built-in network diagrams itself, but this can help you make sense of what's out there.

It's been little more than two months since the official release of SolarWinds Server & Application Monitor v5.2. A release that was packed to the gills with tons of new features. It's hard to believe that in such a short period of time that we're here once again to kick off the next SAM Beta.

 

Being a Product Manager at SolarWinds allows me the opportunity to talk with IT folks from around the globe. Most of whom dream of a utopian world in which there was one single place where they can visualize problems as they're occurring, as well as react and resolve them in real time. The main objective of any good monitoring solution is to provide the user with actionable information. Your servers hard drive fails? Replace it. Your users hogging all the bandwidth watching YouTube? Slap a CBQoS policy on your router. Better yet, track them down and slap the offenders upside the head. On second thought, maybe not.


Got users disconnecting from Terminal Server and Citrix sessions, leaving rogue processes running amok in their wake? Services crashing on your critical application servers? Time to fire up a Remote Desktop, or better yet, a Dameware session to the afflicted server right?  Wrong!

 

Sure that might have been the way you did things yesterday, but times have changed. Now you can resolve these kinds of common issues from within the same web interface that alerted you to the problem in the first place. No more firing up the VPN, starting up your remote control application, just to launch Task Manager or the Services Control Panel to kill off a few processes or start those services back up. That power is now available to you right from within the SAM web console. Point, click, done. It's that simple. Don't believe me? Watch the videos below.

 

 

Terminate Processes with the Real-Time Process Explorer Server & Application Monitor Service Control Manager

 

The first video demonstrates SAM's ability to terminate processes from within the Real-Time Process Explorer. The video starts off with me killing off a single instance of FireFox.exe, but shortly thereafter you can see how the Real-Time Process Explorer allows you to terminate multiple processes simultaneously. Windows own Task Manager doesn't even allow you to do that!

 

The second video showcases SAMs new Service Control Manager. From within the Service Control Manager you can see all services available on this host, their current state, startup settings, as well as the services description. Stopping, starting, and restarting services instantly is a simple point and click affair, that's sure to have you and your applications back up and running quicker than ever.

 

These are just a couple of the new features we're working on for the next release. If you already own Server & Application Monitor and are currently under active maintenance, you can sign-up to download the beta today.

After the release of UDT v2.5 (and service release 2.5.1), here is what the UDT team is working on now, for the future of the product:

  • Access Monitoring
    • Define a device whitelist (based on MAC, IP, or hostname), i.e. list of devices that are allowed to connect.
    • Receive SNMP traps and syslog for updating connectivity information in “real-time”. An alert should be generated when a device is connected that is not on the whitelist.
    • Shut down a port (providing user has write access).
    • Users can be tracked in watch list.
    • Distinguish between ports that are administratively down and administratively up but disconnected.
  • IPAM Integration
    • Provide link to IPAM subnet information in the Endpoint Details resource
    • Business logic enhancements to enable integration from IPAM side.
  • Wizard to help users configure appropriate logging level on Windows servers to collect login information.
  • NTA Integration (Support NTA resources on Endpoint Details page.)
  • Windows Server 2012

 

Disclaimer:  Comments given in this forum should not be interpreted as a commitment that SolarWinds will deliver any specific feature in any particular time frame. All discussions of future plans or product roadmaps are based on the product teams intentions, but those plans can change at any time.

After the release of NCM v7.1 (and service release 7.1.1), here is what the NCM team is working on now, for the future of the product:

  • Continue moving functionality from Win32 client to Web UI
    • Job management (Windows Task Scheduler not used anymore)
    • Config management (edit, delete, set baseline)
    • Possibility to test device login credentials
    • Import config from file
  • Provide End-of-Life/End-of-Support information for managed devices.
  • The execution of Config Change Templates can be scheduled.
  • Change Approval System enhancements
    • Approved requests to be executed at specified date/time
    • Approved requests to be returned to requester for execution
    • Requesters can see a history of what they requested and was approved
    • Approvers can see a history of what they approved
  • Multiple Global Connection Profiles
    • Define multiple connection profiles (device credentials, protocol, port etc.)
    • NCM will try which of the predefined connection profile works for a device (configurable pre device)
  • More native device support
  • Inventory for Brocade devices
  • Support of AES 256-bit encryption for SNMPv3
  • Make downloaded configurations searchable for IP addresses with FTS enabled.
  • Config Change Template Extensions: 'delay' command, string <-> number conversion
  • Security enhancements of the Web UI
  • Support for database encryption using MS SQL TDE.

 

Disclaimer:  Comments given in this forum should not be interpreted as a commitment that SolarWinds will deliver any specific feature in any particular time frame. All discussions of future plans or product roadmaps are based on the product teams intentions, but those plans can change at any time.

I'm happy to announce that NPM 10.4 release is officially here. This version is literally packed with new features! All current NPM customers under active maintenance can download the upgrade from their customer portal.

In the past few months you could vote what features you would like to see in your favorite network monitoring software, NPM, vNext and we were listening. 10.4 comes with the most wanted ones:

 

Custom Property Enhancements

We migrated the custom property editor on web. Now it's part of the main Orion webconsole and accessible from NPM and other SolarWinds Orion family products. New intuitive wizard will take you through the process of creating new custom properties.You can also specify a list of pre-defined values to minimize entry errors.

 

Header  CPE.PNG 1Header 2CPE+4.png

Audit Tracking

Version 10.4 comes with user auditing feature. You can now monitor who made what action/change in NPM. New auditing functionality is fully automated, you don't need to set up rules or policies it works immediately after installing 10.4. All information is available through Message Center where you can filter, sort and see all the details. You can also see a new Top 10 resource on summary page:auditing1.png

 

Hardware Health Monitoring for your network devices

SAM users know how useful is the hardware health of their servers. NPM users didn't have out of the box support for that (they had to use custom pollers) to monitor critical hardware parts of routers or switches like Fan speeds, temperature sensors or health of power supplies.

                                                                                                                      

NPM 10.4 now allows you to prevent hardware malfunctions by monitoring your hardware with more details. We added support for Cisco, Juniper, HP, BigIP F5 and Dell networking devices. You can also set an alert to be notified if some sensor exceeds a threshold and you can track historical data

 

HWhealthActual.pngHWhealthStatistic.png

 

Looking at the hardware health historical chart reminds me that NPM network monitor has been completely migrated to the new "drag & drop" chart engine so you may use interactive features like zoom-in or switching on/off chart data on every single chart now.

 

Out of the box support for BigIP F5 devices

 

BigIP devices are widely used and they are bit special compared to other networking hardware. CPU and memory polling is not enough for F5 effective troubleshooting. The important highlevel metrics are Throughput  Connections (SSL, opened) and Failover status. If you are interested to see more details NPM can provide you with the list of Virtual Servers, Pools and Nodes. All these lists carry information about IP address and element status.

 

 

F5-HW2.png

F5-HW1.pngF5-HW3.pngF5-HW4.pngF5-HW5.pngF5-HW6.png

 

A lot of cool network management stuff don't you think? But that's not all there is decent set of another features waiting for you.

 

UI improvements - Subviews

 

We know that it's hard to make everyone happy with how we categorize and group items in our NPM webconsole menus. Sometimes you need better granularity and possibility to group particular data into some kind of tab or bookmark. NPM 10.4 now supports concept of "Subviews". This UI enhancement is there mainly for better organization of your views and gives you freedom for creating your own categories on website. It also speeds up the web by allowing you to focus on the resources you really need to load instead of loading every resource every time. Subviews are displayed as a left navigation menu that allows you to quickly go to different views for a node. You can enable Subviews by clicking Customize Page then the "Enable left navigation" button.

 

Subview+1.PNGSubview+2.PNG

 

As you can see you may create your own tabs anywhere, NPM 10.4 also comes with pre-defined subvies in order to help you with intuitive navigation.

Let's continue with another important enhancement.

 

Universal Device Poller (UnDP) improvements

 

UnDP - something that NPM users know very well. NPM didn't support multiple device pollers in a single chart. This is useful when you need to correlate trends between various metric from your device (temperature vs. CPU frequency vs. fan speed). 10.4 gives you the possibility to define new type of chart where you can put various UnDP pollers on your "Y" axis like this:

 

You can simply click "Add More" and select your existing custom poller. Then you need to define units for your data. NPM can automatically convert some kind of units into higher or lower metric (for example bytes to Kb) so you can read it on your chart without counting zeros. This chart also runs on the new engine so you can use zooming and other features.

 

UnDP+Multiple+2.PNGUNDP+Multiple.PNG

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Another useful improvement for UnDPs is UnDP Parse Transform function. This is little bit advanced feature to use. It is especially useful when you have custom pollers that return a text string and you have to parse the text string to remove the number and use it in a transform function. If you want to use it, go to the UnDP application (Windows start menu -> SolarWinds Orion -> Network Performance Monitor -> Universal Device Poller) on the NPM server. For the formula use the following syntax: parse((REGEX,{POLLER}) as you can see on the picture bellow.

UnDP+Transform+Parse.PNG

The regular expression you need will depend on the string you are trying to parse.

We also tweaked UnDP polling retention settings capabilities. If you go to the UnDP settings you may now change the polling interval for each pollers type and also define retention period for the UnDP statistic data and summaries.

UnDP+Retention+Settings.PNG

 

Those are just most visible new features in the new Network Performance Monitor. I would like to briefly mention other important and useful features:

  • Support for Microsoft Windows 8 (for evaluation purposes) and Windows Server 2012
  • Native support for HP MSM 760/765 wireless controllers.
  • De-duplication of nodes with the same IP address

 

You may also see release notes for the list of bugs we fixed.

 

As you can see, this release is really big one and I would like to thank you - our great Thwack community for your contribution and willingness to help us understand what problem do you need to solve. Thanks!

It's been a busy week or two here at SolarWinds, another release candidate is heading your way. I know, I know, you're as excited as when the new phonebooks came and your name was in print!

 

In true "You Asked, We Listened" style, Log & Event Manager (LEM) 5.5 is going to be a release focused almost entirely on YOUR feedback. We did a ton of customer interviews, Q&A, and show and tell, and have been tracking your feedback on Thwack and support cases. We took the top few items and we decided to get something into your hands sooner rather than later.

 

Spot issues more quickly with new Top 10 and Health widgets on the LEM Ops Center dashboard

 

We heard from you that you wanted it to be fast and easy to discover issues, spot trends, and have a dashboards that mix in real-time data with other information. What we've done is added new default widgets that let you spot trends and trouble faster by monitoring the most common things - nodes on your networks, users, and events - in more Top 10 and health-oriented way. We've added 5 new widgets that are right up your alley. In no particular order...

 

Node Health: sometimes it's most useful to know that a node HASN'T sent you data lately. Maybe a remote site dropped off the map, your firewall configuration disabled logging, or something's not quite right. The Node Health widget shows you a summary of node status, when the last event was received from that node, and any version/OS information we might have (from agents).

LEM-55-NodeHealth.png

 

Top 10 Events, Users by # of Events, Nodes by # of Events, and Rules by # of Rules Fired: these widgets surface information about frequency of events in the big picture, helping you spot trends and potential anomalies. Use the Top 10 widgets to see your most common type of event (filterable by different general types/groups of events), usernames that appear most frequently across events, nodes  that appear most frequently across events, and rules that are being most frequently triggered. These will help you spot items at the top that shouldn't be (why is "administrator" logging on so frequently?), sudden spikes in data (why is my server suddenly generating the most events?), and unexpected high severity events (security issues, scans, or suspicious activity).

 

LEM-55-Top10Events.pngLEM-55-Top10Users.pngLEM-55-Top10Nodes.pngLEM-55-Top10Rules.png

 

Troubleshoot node and user issues with our new Node and User Details Drill-Down Dashboards

 

We're starting to pull pieces together to enable faster common patterns that our customers use when you want to investigate problems. Those new Health and Top 10 widgets mentioned up above follow a new drill-down pattern that we're introducing on the dashboard by combining info into new dashboards. The Node Details and User Details dashboards will show a summary of the node/user and all events related to that node/user name.

 

If you've spotted an unexpected trend with a user (say, "Administrator" really is coming up a bunch and you don't know why), click on that user from the Top 10 Users widget to see detail associated with them, and most importantly their most recent events to help troubleshoot the "why". Refine the chart further to find out only certain types of data (say, only changes related to "Administrator" - changes they are making or made to them).

 

LEM-55-UserDetails.png

 

Similarly, if you've spotted a server generating an unexpected amount of error or warning traffic, you might want to check out the last 10 minutes of events to see if there's any commonalities.

 

LEM-55-NodeDetails.png

 

Automated configuration for syslog and SNMP-trap based device integrations

 

Thanks to some great suggestions from you, our support team, and our sales engineering team, we've found a way to make configuring new devices much simpler with some automated configuration. Instead of having to manually configure a connector to match your syslog device up to our connectors, we've made it possible for you to enable syslog (or SNMP trap) forwarding to the appliance and push a button to add the node. But wait, there's more! We've also made it possible for you to scan on-demand for ANY new data, in case you're not sure how many devices or what types have been configured. You'll find these new buttons in Ops Center in the new Node Health widget and in Manage > Nodes.

LEM-55-NodeScanButtons.png

If a scan is going to take a while, you'll see a notification and the scan will get backgrounded. When new nodes are found, you'll see a handy notification:


LEM-55-NodeScanConnectorsFound.png

When you click the "View Now" you'll be taken to the discovery/scan results, and you have a chance to confirm that you'd like to add new connectors to monitor the detected sources. This summary presents you information about what IP address was generating the data and what vendor/connector will be configured:

LEM-55-NodeScanAddConnectors.png

After you confirm, magic happens and these connectors are automatically hooked up to those log sources. Note: You won't see new nodes appear until data appears. In the example above, I won't see data from 10.199.19.250 for "Checkpoint Edge-X" until that IP address sends me more data. Nodes appear with the data, but we scan historical data to do the discovery magic. As those nodes appear, you'll see the yellow notification appear with a confirmation as to which IP addresses are now sending data.

 

Also handy, when new nodes appear for existing connectors, you'll get the same notification that tells you what's happened. This happens if you've already got a connector configured for, say, a Cisco firewall, and you start logging another Cisco firewall to the same facility. You don't need to configure another connector, but LEM will let you know something new is now sending you data.

 

...and more!

 

A few other things you'll notice:

LEM-55-DefaultFilters.png

  1. New Default Filters: We totally revamped our default filters to match your use cases better. Filters are grouped for Overview, Security, IT Operations, Change Management, Authentication, and Compliance, and all have some handy default widgets.
  2. More Help & Thwack Widgets: We've added a "What's New in LEM" and Thwack feed widget, along with help widget updates to help you find features that lots of people didn't know existed.
  3. Event is the new alert. After listening to you talk about LEM, we've modified our in-product language to match how you think about events. Things that come in to raw logs are called "messages", these get normalized into "events", which you can then trigger rules on, which may cause "alerts" like notifications or incidents to be fired in addition to active responses. There are still a few things that say "Alert" (e.g. SecurityAlert) that we're saving for a future update, but for the most part, Event Event Event.
  4. What the heck is a NATO5? We've also eliminated a few of the things that made your brow wrinkle, including renaming rules that are on by default "Default Rules" and rules that are templates for you to use "Rule Library." Along similar lines, we've made it clear that the thing that connects logs to the system are referred to as "connectors" in LEM as well as elsewhere.
  5. Support for Windows 8/2012, including Hyper-V 2012: We had a compatibility issue with Hyper-V on 2012 that has been resolved. Additionally, we've confirmed you can use the LEM Console in IE 10 on Windows 8, and install the agent in Windows 8 and 2012 (you'll need to run it in compatibility mode for now until we resolve an installation issue, though).
  6. Customer requests & fixes: Common reported issues include the node statusbar showing non-agent nodes as "disconnected" - now they have a separate entry from agents; refresh and edit buttons are more obvious in Ops Center and nDepth; performance improvements in rules; hotfixes from 5.4 rolled in to 5.5; and lots of new connectors. A full list will be included with the release notes.

 

Notes for Upgrading Customers

 

We didn't touch your existing filters or dashboard configuration, we didn't want to mess with your feng shui (or your "zen thing, man"). You can always add the new dashboard widgets to Ops Center by going to Ops Center's "Widget Manager" and perusing the "Additional Widgets" section. For filters, if you're interested in the new defaults, the easiest thing to do is create a new user and check them out to see if you're interested. We can either help wipe out your existing settings and revert to the default, or you can export/import only the stuff that looks good.

 

If you've got existing connectors already configured and want to try out the new connector discovery scan workflows, no worries. Anything you've already got configured will stick around and we won't configure duplicates. A very small number of you who had connectors configured for /var/log/messages or /var/log/syslog will want to run the new node scan after upgrading to pick up the new default configurations.

 

Lastly, you'll notice in some places where you had items that said "Alert" they now say "Event". We avoided changing some things (like filter names and descriptions), but others (like groups) will be updated.

 

Download, download, download! And share your feedback

 

All LEM and SIM customers under active maintenance can download the 5.5 RC by going to the Customer Portal and clicking "Choose Download" next to the RC. If you want to deploy a new system, use the new installers. If you'd like to upgrade, download the upgrade, and be SURE to check out the instructions (you'll need to extract it to a share - generally the root of a share is safest - and then go to the virtual console or SSH to get it installed).

 

LEM-55-DownloadRC.png

 

To give us feedback, join the Log & Event Manager Release Candidate group on Thwack. What do you think about the new widgets? Are there more you'd like to add? How's automated configuration treating you? Anything we missed or is confusing? Would you like to know more!?

If you are an active user of IP Address Manager and User Device Tracker, you know that having port, IP address & connected user information is important during troubleshooting. Understanding of who is using given IP address and where an IP address is physically connected is critical for IT engineers so they can focus on specific device or user if needed. It is also important if an user that is currently using such IP address is expected to use it according to your IP subnet rules. IPAM and UDT are well integrated via single web console but there is a way how you can see UDT related information directly within your IPAM subnet detail page and save your time.

 

IPAM and UDT already have this data so we prepared a small script that can help you to see port, AD account or port history link directly in one row in IPAM. So the output may look like this:

scriptImageSetup2.png

 

2012-10-22_2148.png

 

 

If you are missing a module, download links are provided for evaluation - only IPAM and UDT are required.

This script will allow you to pull data from modules other than UDT also (NetFlow for example). If you are a skilled power shell user, you may edit our script and modify the data you would like to see in IPAM. It uses custom properties so it should be something you are familiar if you have used IPAM before. IPAM custom properties are bit different than custom properties you may know from NPM or SAM. IPAM has "string" and "url" types of custom properties.

 

First, you need to meet these requirements before installation:

  1. You need the Orion SDK - download here. Please refer to SDK setup issue or how to set-executionpolicy unrestricted articles in case of issues.
    • Create ALL of the following REQUIRED custom fields/properties in IPAM exactly as you can see below:

    scriptImageSetup1.png

    Populated by - UDT

      1. 1.      Switch
        1. a.      Field Type - Text
        2. b.      Max String Length - 100
        3. c.      Description - Name of the Switch the IP is plugged into
      2. 2.      Port_Link
        1. a.      Field Type - URL
        2. b.      Link Title – Port History
        3. c.      Max String Length – 500
        4. d.      Description – Link to Port Details in UDT
      1. 3.      Interface
        1. a.      Field Type - Text
        2. b.      Max String Length - 100
        3. c.      Description – Interface name where the IP was last seen
      1. 4.      ConnectionType
        1. a.      Field Type - Text
        2. b.      Max String Length - 100
        3. c.      Description – Direct vs Indirect connection
      2. 5.      VLAN
        1. a.      Field Type - Text
        2. b.      Max String Length - 100
        3. c.      Description – VLAN the IP belongs to
      3. 6.      MACAddress
        1. a.      Field Type - Text
        2. b.      Max String Length - 100
        3. c.      Description – MacAddress for the IP
      4. 7.      SwitchIP
        1. a.      Field Type - Text
        2. b.      Link Title – Port History
        3. c.      Max String Length - 100
        4. d.      Description – IP Address of the switch
      5. 8.      IPDetails
        1. a.      Field Type - URL
        2. b.      Link Title – Port History
        3. c.      Max String Length - 500
        4. d.      Description – Link directly to the IP Details in UDT
      6. 9.      ADAccount
        1. a.      Field Type - Text
        2. b.      Max String Length - 100
        3. c.      Description – AD Account most recently logged in
      7. 10.  AccountLogonTime
        1. a.      Field Type - Text
        2. b.      Max String Length - 100
        3. c.      Description – Login Time


    Populated by - NTA

      1. 1.      NetFlowData
        1. a.      Field Type - Text
        2. b.      Link Title – IP Traffic
        3. c.      Max String Length - 500
        4. d.      Description – Link to Netflow data filtered for the IP

     

    Populated by - VNQM

      1. 1.      Extension
        1. a.      Field Type - Text
        2. b.      Max String Length - 100
        3. c.      Description – IP Phone extension in VNQM
      2. 2.      PhoneDetails
        1. a.      Field Type - URL
        2. b.      Link Title – Phone
        3. c.      Max String Length - 100
        4. d.      Description – Link Direct to IP Phone details in VNQM

    Populated by – NCM

      1. 1.      NCMID
        1. a.      Field Type - URL
        2. b.      Link Title – NCM Node
        3. c.      Max String Length - 100
        4. d.      Description – Link Direct to NCM Node Details
      2. 2.      NCMConfig
        1. a.      Field Type - Text
        2. b.      Link Title – Config
        3. c.      Max String Length - 100
        4. d.      Description – Link Direct to NCM Config


    Now it's time to open the script and fill in credentials and variables (the pink text in the image below):


    scriptImageSetup4.png

    • IPAMDBUsername – The username used to connect to the IPAM Database
    • IPAMDBPassword – The password used to connect to the IPAM Database
    • IPAMdbServer – The IP address of the IPAM Database server
    • IPAMdatabaseName – The Name of the IPAM Database
    • integratedAPIServer – The IP address of the IPAM server
    • integratedAPIUserName – Account used to login to the webconsole - with permissions to all modules
    • integratedAPIPassword – Password used to login to the webconsole


    Once you prepare your credentials you can run the script.

    You should run the script from windows command line (open the Windows Start menu -> All Programs -> Accessories -> Command Prompt). You need to run the script a couple of times to make sure all of the credentials and properties setup correctly.  Once you have done that you should be able to schedule it as a recurring windows task.

      • NOTE: The script will tell you how long it took to run… a good idea or the best idea is to not schedule it to run more frequently than the time it takes to complete.
      • EXAMPLE: If it takes 5 minutes to run, I would schedule it to run every 30.

     

    The final step is to configure the UI and display your new columns in the IP Address view. Click on the column and select new custom properties from the list.

    scriptImageSetup3.png

     

    If you want to see data from SAM or SEUM you may modify script and your custom properties accordingly.

     

    DISCLAIMER: This script offers a great sneak peek at integration we’re working on productizing and we’d love to get your feedback on this concept – see this IPAM post for more info.  HOWEVER, we must point out that this script is NOT officially supported by SolarWinds support and they will NOT take cases on this functionality.  Any bugs or problems with the script-based integration are subject to thwack forum support ONLY, so please keep that in mind when deciding if it’s something you want to try in your production environment.  Happy testing!

     

    Script download link

    Each of the products in the SolarWinds portfolio of products brings unique capabilities to the table to make I.T. management in your organization a much less painful process.

    • Server & Application Monitor (SAM) provides the ability to monitor servers and the applications running on them, and display status and generate alerts based on that status.
    • Log & Event Manager (LEM) provides the ability to collect log events from servers and network devices, and correlate those events.

    Combining these two products in a cooperative effort can have exponential impacts on reducing the effort involved in managing I.T. those improvements. Let's look at two examples of scenarios where these products can enhance each other.

     

    SQL Server performance loss

    In our first example, consider the scenario where you have configured SAM to monitor an instance of SQL Server. SAM tracks a number of state and performance values on a SQL Server instance. One of the performance values that can be tracked is the amount of time consumed in running queries. If the queries exceed the defined performance threshold, SAM generates an alert that the condition exists. This information, however, requires further action. By itself it might require involvement of additional people, other tools, and will likely take some time to track down.

     

    Adding LEM into the mix allows us to leverage the ability to correlate that performance metric with actual events that have occurred in that SQL database, SQL instance, and the server hosting the database engine. In addition to displaying the alert on the SAM console, we configure SAM to send that alert direct to LEM. LEM receives the alert, and through LEM's event log analyzer and the use of correlation rules, it can help to identify specific events that correlate to the performance degradation. In this example we discover that a configuration change made to the database by a DBA has resulted in the observed performance changes reported by SAM.

     

    Exchange server farm reliability

    In another example, consider the volume of log messages that are generated by an Exchange server farm. These log messages involve logons, logoffs, mail receipt, mail sends, distribution list expansions, and a whole host of other activities. The amount of events generated by a busy Exchange farm is really extensive. LEM allows us to use these correlation rules to identify issues on a more macro-scale than individual events. In our example the LEM correlation rule on a collection of Exchange events identifies a potential reliability issue with the Exchange server farm. LEM generates an automated alert to SAM, which results in a single Exchange monitor alert displayed on the SAM NOC view, and a technician can be dispatched to begin the investigation before the actual outage occurs.

     

    Cooperative benefits

    In both of these examples, SAM and LEM provide complimentary features that play to their own strengths. SAM has a great reporting dashboard that can focus on high-level status information, and LEM has a powerful correlation rules engine that allows for the automated interpretation of thousands of discrete events that represent trends in the state of an application or system.

    SAM-LEM Cooperation.png

    Both products are available for download today [SAM][LEM] with a 30-day evaluation. If you’re already using one of these great products, explore the benefits of enhancing your environment with the other.

    Hi all,

     

    We have officially reached release candidate (RC) phase for IPAM 3.1.

    If you are an existing IPAM customer under active maintenance, you can install the RC. RCs are fully supported and made available to existing customers prior to the official release.

     

    Our engineering teams are working on the most wanted features in order to help you with DHCP, DNS, IP address management (DDI).

    First, we added support for DNS management. IPAM 3.1 RC can manage your Microsoft DNS services. You can create, modify or delete zones directly from a web console (no more RDP connections to the server):

    DNSZone add.png


    DNSZoneAdd2.png


    Second, you can also manage your DNS records within the same web console - this is very useful when you provision new serves or if you want to look for obsolete DNS records. To do that, click on the "DNS zone" tab and then on the "DNS records" button:


    DNSrecords.png


    Then you will see a list of existing DNS records within given zone. When you click on "Add New" you will see following dialog and supported DNS record types:

    3.1 dnsRecAdd.png


    Your DNS changes are immediately propagated on your DNS servers, also you may see changes from your DNS servers in IPAM.


    Third, we extended DHCP functionality on Cisco devices - including Cisco ASA devices. That means you may manage your IP address reservations, exclusions or DHCP scopes with the same method as you were used to in previous release of IPAM for MS DHCP services. For example, to do an IP address reservation, navigate to your Cisco DHCP scope, pick an IP address that you want to reserve and change its status to "reserved". IPAM will take care of all the background communication with your Cisco DHCP device.

    CiscoASAdhcp.png




    You may also notice improved UI for IP subnets and exclusions for your scopes. This is important in case you want to understand what is the distribution of your DHCP scopes:

    3.1 scopes&split.png



    And finally we added support for split scope scenarios on your Microsoft and Cisco DHCP servers. Split scope actions are widely used for high availability and load balancing performance purposes. You may find it in both Microsoft and Cisco DHCP best practice whitepapers. Microsoft and Cisco don't offer a easy to use GUI to do that. We decided to design a brand new interactive wizard for split scope action. To create a new split scope you need to select an existing DHCP scope under the "DHCP Scopes" tab. You also have to have at least two DHCP servers (so the second server may handle newly created scope). Then you click on the "split scope" button and IPAM will show you the three step wizard for configuration. You may simply use the slider to define an IP address ratio for your existing and new scope:

    10-9-2012 15-59-04.png

    IPAM 3.1 can also poll data about existing scopes from your DHCP servers and it can also detect disabled scopes.


    We are looking for your feedback and the RC is ready for download in case you are an IPAM user under active maintenance. Please follow this link to see RC discussion or participate in the RC IP Address Manager 3.1 Release Candidate 1 available for download


    IPAM 3.1 RC also adds support for SQL 2012 and various bug fixes.


    thanks,

    Michal

    The release candidate (RC) for Web Performance Monitor 2.0 is officially here.  All WPM customers on active maintenance should have the RC waiting for them in their SolarWinds customer portal.  We'd love for you to try it out and post any feedback you have on the WPM RC forums here.

     

    The first thing you'll notice is the name change; SEUM is out, Web Performance Monitor is in.  Hopefully you'll all agree, this is a much better name and describes what the product actually does in a less esoteric context.  Now to the features.  Thanks to Mr. aLTeReGo and the WPM dev team, this release is full of exciting new features and functionality that continue to improve the product.  Let's dive in.

     

    First, we've added support for Java applications.  This means you now have the ability to measure and monitor user experience and availability of your web-based Java applications.  You can find more detail on that here from one of aLTeReGo's previous blog posts.

     

    Next, we've added waterfall charts that give you a new level of visibility into the the performance of each of step in a given transaction.  These charts provide insight into all the different elements that make up a webpage and the order in which they're rendered in the browser.  Screenshot below, and you can find more detail here.

    WPM_waterfall_charts.png


    We've also added a new All Locations resource that includes a player load indicator.  This indicator will show you current load, and we've added a resource on the Locations Detail view to show you historical load. In addition, you can now create alerts based on player load.

    WPM_player_load_indicator.png


    Another extremely useful feature we've added is the ability to edit recordings.  This will save you the hassle of having to re-record transactions when small changes or tweaks are needed for a given recording.  For example, if a minor change is made in the navigation flow for a given application or page, you now have the ability to edit the existing recording vs. having to create a new one.

    WPM_edit_recording.png


    Next, we've added the ability to install the WPM player to remote locations directly from the WPM web console.  Select 'Install location on my network' when adding a transaction.

    WPM_install_remote_player1.png

    Then specify the IP address(es) of the machine(s) where you want to deploy the player.

    WPM_install_remote_player2.png

    Last, specify the appropriate credentials.  Test to ensure the credentials are correct, then you're ready to deploy the player.

    WPM_install_remote_player3.png




    And that's not all.  We've also add the following new features and capabilities:

     

    • Improved Recorder
      • Edit previously saved recordings
      • Define content matching criteria after recording
    • Unmanage Transactions
      • Unmanage transactions from within the WPM Web Console
      • Unmanage transactions on a reoccurring basis with the Unmanage Scheduling Utility
    • Automatic Player Update
      • Centralized and automated player updating to future versions of WPM
    • Enhanced WPM Security
      • Dedicated WPM administrator role independent of Orion admin role.
    • Basic Transaction editing from WPM Web Console
    • Individual proxy settings per transaction.
    • New charting with warning & critical thresholds
    • Disable screenshots on a per transaction basis
    • Player support for proxy authentication
    • WPM support in Multi-Object Chart Resources
    • Top X Locations by Duration now supported in Custom Object Resources
    • Frequency and Description fields added to Transaction Monitor settings
    • SQL 2012 Support

     

    Again, any customers on active maintenance should already have the RC in their customer portals.  Go download and check it out; it's fully supported and we'd love to hear your feedback.  You can find the WPM 2.0 RC forum on thwack here.

    A little over a month ago we released a feature packed SAM 5.2, but the SAM team are hardly ones to rest on their laurels. In fact, they're already plugging away; ensuring the next release is even better than the last. Some of the bigger features currently on the drawing board include..

     

    • Support for Monitoring Windows Server Network Interfaces via WMI
    • Control Windows Services (Stop/Start/Restart/Pause) from within the SAM Web Console
    • Terminate Processes Running on Remote Hosts Through the Real-Time Process Explorer
    • Reboot Managed Windows Hosts Directly from the SAM Web Console
    • Certificate Based Authentication for Linux/Unix/Nagios Script Monitors
    • Native Support for Monitoring Windows Volume Mount Points
    • Windows Server 2012 Platform Support for SAM Installations
    • Microsoft SCOM Management Pack for SolarWinds Server & Application Monitor

     

    PLEASE NOTE:  We are working on these items based on this priority order, but this is NOT a commitment that all of these enhancements will make the next release.  We are working on a number of other smaller features in parallel.   If you have comments or questions on any of these items (e.g. how would it work?) or would like to be included in a preview demo, please let us know!

    Filter Blog

    By date:
    By tag: