Skip navigation
1 2 3 4 5 Previous Next

Product Blog

649 posts

New NCM utility helps you quickly find vulnerable, obsolete, and unsupported hardware on your network


The care and feeding of your network involves more than managing configuration changes. To keep devices healthy and end-users happy, you must tend to a list of important things that usually get put off because you are just too busy. Let’s take a look at that list now and discuss why it’s so important.


Device failure

Network devices fail for a number of reasons, including human error and hardware and software defects. Many times, there are warranty fixes and technical workarounds, but determining whether you have a defective device isn’t exactly easy. Do you have a reliable way to identify defective devices in your network?

Out-of-support devices

Paying for support is like buying insurance. You don’t want to spend too much for it, but when you need it, you’re glad it’s there. So when devices are mistakenly excluded from support agreements, or you pay for a device that has been taken out of service, you have the problem of either not having sufficient coverage or paying too much for the support you have.  Are you over insured or under covered? How do you know?

Device vulnerabilities

Security is a never-ending cat-and-mouse game. When the bad guys find a vulnerability to exploit, you need to address it, and fast. If you don’t know about the vulnerabilities on your network, you can’t do anything about them.  Do you know what vulnerabilities are lurking in your network?

Device end-of-Life

Devices that have reached obsolescence are a particular problem because they are no longer supported. This means no technical support, no alerts or notifications, no engineering defect or security fixes. Once a device goes EoL, it’s a ticking time bomb. In this case it’s no longer a matter of if, but when they can be replaced with the least amount of disruption. Do you have the foresight, budget, plans and other preparations needed to make a smooth transition? 

Network evolution

Chances are the network you manage now is not the same network you built five years ago. Devices you installed and configured even a year ago may not have the capability to handle the new services your organization now demands.  Which devices can support the change?  Which devices require an upgrade?  Which devices are just too old?  What new devices should replace obsolete devices?  When the boss comes asking, will you have the answers?

The problem

The problem here is two-fold. First, we need to know about potential problems with our devices. Second, we need to know who these problems affect. Vendors publish notices on things like warranty-covered defects, security alerts, and obsolescence, so it’s important that you have a convenient way to receive and review such notices. This can be difficult because you have to have an understanding of your devices, whether they are in use, their number, which version they are, and how they are configured. Due to the tediousness, many network engineers and admins reluctantly admit that it’s a difficult situation to manage.

The solution

Luckily, there is a solution. SolarWinds and Cisco® have worked together to offer a network health check. This health check can tell you quickly and easily whether you have unsupported, defective, vulnerable, or obsolete devices in your network. This health check utilizes SolarWinds® Network Configuration Manager and Cisco SmartAdvisor reports.


SolarWinds NCM knows a lot about your network, including which devices are in use, their model numbers, hardware and software revisions, and how they’re configured. A free connector we developed delivers this information to Cisco, where your network data is expertly analyzed and returned to you in the form of six insightful SmartAdvisor reports. Using your Cisco CCOID and SmartNet subscription, you can access these reports conveniently and as often as you like. By conducting this network health check regularly, you can receive important information about problems that exist on your network before they have a chance to negatively impact end-users.

To learn more about this powerful network health check, visit If you already use SolarWinds NCM, you can download the free connector by visiting the SolarWinds Customer Portal.

SolarWinds Server Health Monitor Quick Reference Guide

The SolarWinds® Server Health Monitor (SHM) is a free diagnostic tool that provides basic-level health status server monitoring for up to five servers in a corporate enterprise. You can download it from SolarWinds pages here.

Using Simple Network Management Protocol (SNMP), Windows Management Instrumentation (WMI), and Common Information Model (CIM) calls to your network frameworks and application servers, the tool polls the basic system components in each configured server (such as the power supply, temperature, and fan) and displays a server health overview of all monitored servers in the Dashboard tab. The tool is supported on selected VMware® hypervisors and Dell™, HP®, and IBM® servers.

If you need expert-level health status server monitoring for over 200 applications and 1000 servers in a corporate enterprise, see the SolarWinds Server and Application Monitor.



Installation requirements




Operating system

Microsoft® Windows® 7

Windows 8

Windows 10

Windows Server® 2008 R2  Windows Server 2012 R2

System details

Processor: 2 GHz


Disk Space: 100 MB

.Net: 4.0


Systems supported for monitoring





Dell PowerEdge™ HP ProLiant™

IBM eServer™ xSeries

Blade enclosures

Dell PowerEdge M1000e Blade Enclosure HP BladeSystem c3000 Enclosure

HP BladeSystem c7000 Enclosure


VMware vSphere® ESX Hypervisor  VMware vSphere ESXi™ Hypervisor


Hardware monitoring agent software

Each computer hardware vendor installs hardware monitoring agent software on their systems, which includes a Web server that operates on a unique port.

Remote servers include the hardware monitoring agent software for both SNMP and WMI.

Note: The blade enclosures do not use hardware monitoring agent software.

To ensure that the hardware monitoring agent software is installed on your system, open a Web browser and navigate to the following URL:


where remote_ip_address is the remote server IP address and Port is one of the following ports:


HP: 2381

Dell: 1311

IBM: 423


Install the tool


  1. Download and install the SolarWinds Server Monitor from the SolarWinds Free Tools website.
  2. Double-click the installer icon. The SolarWinds Server Health Monitor Setup Wizard appears.
  3. Click Next.
  4. Follow the prompts on your screen to complete the installation.


Add your monitored servers


  1. Click the Configure tab. The Configure Tab screen appears.
  2. Click  . The Server and Credentials box appears.
  3. In the top field, enter the IP address or host name of the server you want to monitor.
  4. Click the drop-down menu and select the method used to poll the server and gather health monitor details.
  • You can poll the following servers using SNMPv2 or SNMPv3.
    • Dell PowerEdge servers
    • HP ProLiant servers
    • Note: Array and Battery information requires WMI polling.


  • You can poll the following servers using WMI:
    • Dell PowerEdge M1000e Blade Enclosure
    • HP BladeSystem c3000 and c7000 Enclosures
    • HP ProLiant servers
    • IBM eServer xSeries


  • You can poll the following hypervisors with no required polling setup:
    • VMware vSphere ESX
    • VMware vSphere ESXi
    • These hypervisors use the CIM protocol that should be enabled by default after you install the ESX or ESXi hosts.

Configure polling using SNMPv2


  1. Ensure that SNMP is enabled on the monitored server. See your server or VMware documentation for information about configuring SNMP.
  2. Click the drop-down menu and select SNMPv2.
  3. In the Community String field, enter your SNMP credentials.
  4. Click . The monitored server connection is configured, and the tool automatically polls the server for server health data. The polling process may require several minutes to gather the server data.

Configure polling using SNMPv3


  1. Ensure that SNMP is enabled on the monitored server. See your server or VMware documentation for information about configuring SNMP.
  2. Click the drop-down menu and select SNMPv3. The Server and Credentials box appears.
  3. In the Username field, enter the IP address or user name of the server you want to monitor.
  4. In the Context field, enter your SNMP credentials.
  5. In the first drop-down menu, select an encryption algorithm for the polling connection. MD5 (Message Digest) provides a 128-bit hash algorithm. SHA1 (Secure Hash Algorithm) provides a 160-bit hash algorithm.
  6. Click the second drop-down menu and select an encryption cipher for the polling connection.
  7. In the Password field, enter an authentication password.
  8. Select the Password is a key check box to select the algorithm of the encryption. Note: If you select this check box, leave the Context field blank.
  9. Click . The monitored server connection is configured, and the tool automatically polls the server for server health data. The polling process requires one to two minutes.

Configure polling using WMI


  1. Ensure that WMI is enabled on the monitored server. See your server or VMware documentation for information about configuring WMI.
  2. Click the drop-down menu and select WMI. The Servers and Credentials box appears.
  3. In the Username and Password fields, enter your WMI user name and password.
  4. Click . The monitored server connection is configured.



View your server health

When you click the Dashboard tab, the tool polls the monitored servers and displays a health status overview of all servers. The overview includes a pie chart, node count, and summary information of all monitored servers.

The polling process requires up to two minutes to complete, depending on your network configuration. During the polling process, Processing appears at the bottom of the window.

The Node Count lists the number of monitored nodes and the corresponding status. The Summary lists all monitored servers and their corresponding status.

The following table provides descriptions of each status.







All monitored components are functioning properly.


One or more components are in working condition, but a failure may exist.


One or more components failed, requiring imme- diate attention.


One or more components have a status that the tool cannot recognize.


View server details

When you click an IP address (or host name) in the Dashboard tab, the Server Details window appears. This window displays the IP address (or host name), current health status, and additional information about the selected server.


The Current Server Health section lists the sensors polled by the tool. Maximize a sensor name to view the status and corresponding value. The server and current health details listed in the window may vary for each server.

To return to the Dashboard tab, click Back to Summary.

Update the polling interval

The Update Polling Interval setting in the Configure tab allows you to select the time interval (between 5-60 minutes) when the tool polls the monitored servers for health status information.




View additional resources

The Resources tab provides links to resources for managing your corporate enterprise.


Troubleshoot error messages

The following table lists error messages that may appear after you configure your devices in the Configure tab.




Error Message

Description and Resolution

Unable to resolve the host name. Please use the IP address

The host name is spelled incorrectly or DNS could not resolve the host name to an IP address.

To resolve this issue, ensure that:


  • The host name in the Configure tab is correct.
  • The DNS server is configured properly with corresponding host name and IP addresses.
  • The IP address is entered in the correct format.

An unknown error occurred.

The tool experienced an issue with monitoring the targeted server.

To resolve this issue:


  1. Open the %ALLUSERPROFILE% directory.
  2. Navigate to the following directory: SolarWinds\ServerHealthMonitor
  3. In the directory, locate the followin file. ServerHealthMonitor.log
  4. Open the file in a text editor (such as Notepad) and search for an error (for example, a disabled WMI service).

Not a supported server type. For a list of sup- ported server types, see Help for details.

The targeted device is not supported by this tool.

See Hardware requirements for a list of supported servers, blade enclosures, and hypervisors.

Different polling method required.

The tool could not poll the device based on the selected polling method specified in the Configure tab.

To resolve this issue, select a different polling method that is appropriate for the targeted device.

The user credentials are wrong.

The user does not have remote access to the computer through a DCOM

The tool does not have Distributed Component Object Model (DCOM) permissions to access the targeted Windows server. WMI uses the DCOM protocol to communicate directly over a network with Windows-enabled servers.

To resolve this issue, ensure that:


  • The server credentials are entered correctly in the Configure tab.
  • DCOM is enabled on the targeted server.

See the Microsoft TechNet website for information about enabling and disabling DCOM on servers running Windows Server 2008 R2 and Windows 2012 R2 operating systems.

The computer really doesn't exist.

The Windows Firewall is blocking the connection.

To resolve this issue, ensure that:


  • The targeted server is running and connected to the network.
  • The Windows Firewall is deactivated on the targeted server.

Polling of chassis (CIM_Chassis class) failed. Unable to estab- lish session with all provided credentials.

The VMware credentials are incorrect.

To resolve this issue, ensure that the VMware server credentials in the Configure tab are correct.

Polling of chassis (CIM_Chassis class) failed. Unable to con- nect to the remote server.

The selected polling method is not supported on the targeted server.

To resolve this issue, ensure that the selected polling method in the Configure tab is correct. If the

issue still exists, change the polling type method and poll the server.

Unable to find the server type. Could be due to incorrect cre- dentials or the server type is not supported.

The credentials in the Configuration tab are incorrect or the server type is not supported.

To resolve this issue, ensure that:

  • The server credentials in the Configure tab are
  • The server is listed in the hardware requirements as a supported server.






Copyright © 2015 SolarWinds Worldwide, LLC. All rights reserved worldwide.

No part of this document may be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the written consent of SolarWinds. All right, title, and interest in and to the software and documentation are and shall remain the exclusive property of SolarWinds and its respective licensors.



other SolarWinds marks, identified on the SolarWinds website, as updated from SolarWinds from time to time and incorporated herein, are registered with the U.S. Patent and Trademark Office and may be registered or pending registration in other countries. All other SolarWinds trademarks may be common law marks or registered or pending registration in the United States or in other countries. All other trademarks or registered trademarks contained and/or mentioned herein are used for identification purposes only and may be trademarks or registered trademarks of their respective companies. Microsoft®, Windows®, and SQL Server® are registered trademarks of Microsoft Corporation in the United States and/or other countries.

Understanding network bandwidth content is one of the essentials for each IT admin who needs to ensure the business traffic has always the priority over someones private Youtube streaming during a lunch break. SolarWinds Network Traffic Analyzer has been used many years for its ability to finger point at IP address which was behind suspicious high-volume data transfer. NTA historically used widely used port-based application detection known as NetFlow (used in protocols NetFlow v5, v9, IPFIX, sFlow, jFlow, Huawei Netstream).


As many of you know, port-based application detection works effectively if each application you care about communicates via its own, specific, port (SNMP, SQL, DNS, etc.). As a natural reaction to block unwanted traffic you may create firewall rules and allow specific ports only. This works unless the owner of the application change its protocol to HTTP or even better HTTPs and port-based categorization is not as useful anymore (as firewall rules based on ports only). Most of the traffic will look like "WEB" or "Encrypted".

At the end of a day, it's still better than knowing nothing but it leads to the further inspection by using firewalls and logs or user browsing history or Wireshark hunt.


But we all would like to have better visibility into the corporate network traffic and understand if business traffic or video call is not negatively impacted by somebody's web browsing or media streaming. Many network-gear vendors are aware of that problem with "tunneling" over ports 80 or 443 to various cloud storage apps, SaaS or social networks. Cisco, Citrix or PaloAlto introduced "Application Flows" known as NBAR2, Citrix AppFlow and Palo Alto App-ID in IPFIX. All these names have one common element - advanced application classification technique using application signatures database and deep packet inspection. This is all done directly within your network gear (Routers, some L3 switches, firewalls and Wireless Controllers).


The advantage of "AppFlow" technology is obvious. It gives you better application classification even though applications are using the same port (for example port 80). It gives you visibility (even though limited) into encrypted traffic (port 443) and it gives you that without need of additional probes, spanning ports and other complicated things. Palo Alto, Cisco and Citrix keep their application signature databases up to date and usually offer new device updates every month as a classic software update for your gear. As example look at this page NBAR2 (Next Generation NBAR) Protocol Pack FAQ - Cisco which list NBAR2 supported devices and also typical Protocol Pack update time-lines.


Many of you already have Cisco ASR 1000 or ISR-G2 devices and if you haven't, you can use SolarWinds NTA (beta) now and get better application visibility of your bandwidth. NTA 4.2 beta brings support for Cisco NBAR2 as a first (but not last) implementation of Application Flow information. NTA still uses flow-based technology to read app-flow and is quite easy to enable NBAR2 on your devices and let NTA to tell you who deals to much with Youtube over SSL, Google cloud application or torrents.


I know you're interested to try this out and takes you just few steps:


1) Enable NBAR2 as part of Flexible NetFlow (if you haven't yet)


flow record SolarwindsNetflow

match ipv4 tos

match ipv4 protocol

match ipv4 source address

match ipv4 destination address

match transport source-port

match transport destination-port

collect transport tcp flags

collect interface input

collect counter bytes long

collect counter packets long

collect timestamp sys-uptime first

collect timestamp sys-uptime last

collect application name


flow exporter SolarwindsNetflow


source GigabitEthernet0/1

transport udp 2055

template data timeout 60

option application-table timeout 60

option application-attributes timeout 300


flow monitor SolarwindsNetflow

exporter SolarwindsNetflow

cache timeout active 60

record SolarwindsNetflow

2) Configure the interface from where you want to monitor Netflow (with NBAR2) - this part is the same as you do when configuring classical port-based NetFlow (in my example GigabitEthernet 0/0/1)


interface GigabitEtherent 0/0/1

ip flow monitor SolarwindsNetflow input

ip flow monitor SolarwindsNetflow output


3) Check NBAR2 support & configuration by runing  "show ip nbar version" command


You should get output similar to this:

NBAR software version:  20

NBAR minimum backward compatible version:  20


Loaded Protocol Pack(s):


Name:                            Advanced Protocol Pack

Version:                         14.0

Publisher:                       Cisco Systems Inc.

NBAR Engine Version:     20

Creation Time:                 Wed Mar 25 13:17:24 UTC 2015

File:                                flash0:pp-adv-isrg2-154-3.M2-20-14.0.0.pack

State:                             Active



4) Subscribe to NTA 4.2 Beta program (available for those who have NTA commercial license)



5) Install NTA Beta on the non-production server and add NetFlow source Node into NTA (same process as you adding classical NetFlow source).


Once you start getting the data in NTA you will see a switch in a top right hand corner on a summary page in the "Top 5 Applications" resource. Use it to select between NetFlow - port based and NBAR2 - AppFlow data view. This switch is available everywhere in NTA for the charts which show some application classification. NBAR2 is automatically detected and if device doesn't support NBAR2 you'll be not able to use that switch.


Let's demonstrate the added value of App-Flow NBAR2 comparing classical NetFlow v5 and NBAR2 data classification for the situation where some IP address watch Youtube over SSL:


NBAR2NetFlow v5


I would very happy if you - SolarWinds users - can try this beta and help me to collect feedback on two main questions:


1) What version of your protocol pack you have on your devices (step #3 from the list above)

2) Does NBAR2 in NTA helps you to see better data than the current port-based flow?


As always, I appreciate all your effort and enthusiasm you spent with this Beta version of NTA. I'd like to hear to any other comments and feature request you may have around this theme such as reports, alerts, etc.


We do not want to end support with NBAR2 on ASR or G2 devices, but also working on WLC support and to the future Citrix and PaloAlto AppFlows. If you have other app-flow capable device, let us know.



I’m thrilled to announce that Dameware 12.0 is now publicly available. In this release we focused all our efforts to finalise the remote support story with unattended over the internet sessions. Dameware now allows to assist remotely without presence of the end-user, who is not in the intranet but travelling. Technicians can now support end-user in company network as well as in Internet anytime.


This release brings several bigger and smaller improvements, so let me highlight a few of them:


  • Over the Internet (OTI) unattended sessions for Dameware Centralized users
    • Allows you to remotely support users on the move, and assist remotely without the presence of the end user
    • Deploy agents with OTI unattended support to end-points
    • Manage agents for OTI unattended sessions to maintain high security and control
  • Search Hosts in Mini Remote Control
  • Support for Windows 10
  • Ability to switch between the Standalone and Centralized versions without reinstallation
  • And many other improvements and bug fixes


Dameware 12.0 is available for download on your customer portal for those customers under current maintenance.


If you are not a Dameware user yet, now go and download new version from now!

We’ve all been there. Your day has been going swimmingly– until suddenly – it’s not. Something’s gone wrong, your CIO is bearing down on you like his hair caught fire, and you need Support pronto.

Well, first up – we’re here to help. It’s a point of pride for us Support Geeks (and we know you love it too), that when you need to contact SolarWinds Support, you’re directly on to a Technical Engineer.

I’d like to briefly explain our support structure, give you a better understanding of what we do, how we can help you, and how you can get the best support experience. For full detailed information on our Support Team and your entitlements as a customer, please see our reference guide here: SolarWinds Customer Support Information - SolarWinds Worldwide, LLC. Help and Support


So, who are we?

SolarWinds Support is made up of two teams:


Customer ServiceTechnical Support
SolarWinds Customer Service is available to assist you with the general operation of your account, 24 hours a day, 5 days a week (Monday - Friday).SolarWinds Technical Support is available to assist you with technical product issues 24 hours a day, 7 days a week, 365 days of the year.
  • Any license related issues: resets, registration, merging
  • Logging into your customer portal
  • Updating customer account information, contact information or billing address
  • Checking the status of orders or invoices
  • Reporting issues with the website
  • Follow-the-sun model – cases can be transferred to a close geographic location to best match your work hours
  • Assist with any Technical Product related issues
  • Specialized in a number of products


First off, there are two ways to contact Support – you can Call our Support Line, or you can submit an Online Support Ticket. We ask that you use your judgment here and reserve calls for when you have an urgent issue, or when your system is down. This in turn helps to keep the queue clearer – so when you do have an urgent issue or your system is down, we can get to you faster.


Speaking of case priorities – we allow for five different priority levels when you create a ticket with us, outlined in the table below. If you need to increase the ticket priority after submitting it, you can easily do so by responding to the case to let your Support Engineer know, by calling us, or by mailing where a Technical Support Manager will action your request.


PriorityBusiness Impact
System DownProduct is nonfunctional and/or has unrecoverable service failure. Critical Business Impact.
UrgentProduct is functional but with major issues. Significant business impact.
HighProduct is functional but with consistent issues or one product area is nonfunctional. Functionality is degraded. Some business impact.
MediumProduct is functional with minor or intermittent issues. Occasional functionality degradation. Minimal business impact.
LowProduct is functional with no apparent issues. Requests for upgrade documentation, feature requests, technical information, how to questions, product use questions. No business impact.


Before opening a case with us, check out the wide range of self-help options we have available. You may find yourself pleasantly surprised by how quickly your issue gets resolved this way!

  • The SolarWinds Success Center contains all documentation, knowledge base articles, training videos, getting started guides and more, and it is easy to search.
  • Don’t forget the fine folks of Thwack, in particular, the Alert Lab and Report Lab denizens who are nothing short of logic gurus – no matter how awkward your alert or report requirements, they’ll probably have figured that logic out for someone else already.


Before you submit the ticket, please gather the following details for us, as it will help us to resolve your issue as quickly as possible:

  1. Clearly define the issue, providing symptoms, screenshots, how often the issue occurs, steps to reproduce the issue, any recent changes made, any steps you’re already tried when troubleshooting this yourself, and the business impact this has for you (if any). The more information you can provide, the faster we can get to the root cause - and to a solution.
  2. Provide environmental and product information, including the product version you are running, whether you are using multiple pollers or not, OS version, server details such as CPU & RAM, and any infrastructure details you believe may be relevant.
  3. For Orion products gather diagnostics and any other relevant logging (error details, memory dumps, trace files – whatever is relevant to that particular issue)
    1. To gather diagnostics, open SolarWinds Orion -> Documentation and Support -> Orion Diagnostics in the Start Menu. Click Start to kick it off, and it will produce a zip file.
    2. If you’re concerned that your issue could be environmental or permissions related, run the Orion Permission Checker tool as a Local Administrator – this checks a list of system folders to ensure the system accounts we’re using have the correct level of access. Click Check, and click Repair if you spot any failures.
  4. When you submit the ticket, you’ll get an automated email response with your ticket number. You can reply back to this to attach any small files to the case (<5MB), but anything larger, you’ll need to upload them to us:
    1. Open LeapFile and upload your file (or files), using your ticket number as the subject and as the recipient.
    2. Ping an email through to your support ticket to let us know you’ve got files uploaded already for us – we’re not automatically notified. It will make your Support Engineer’s day.

Once you’ve submitted your case, you can check its status and update it from the Customer Portal. Log in, and click Support Cases, then ‘Review all Cases’ to view and update your ticket. You’ll also receive our responses to your case by email, directly to your inbox.


How to Upgrade to SAM 6.2.1

Posted by cdoyle Support Sep 21, 2015

Interested in upgrading to SAM 6.2.1? Here’s all the information you might need to upgrade, and the steps you’ll need to take to do it quickly and easily.


Prepare your Upgrade

1. Check the Release Notes for Orion SAM 6.2.1

2. Review the system requirements and ensure your server is up to spec.

3. Back Up your Database (Microsoft KB Links: 2005, 2008, 2008 R2, 2012)

4. Check your upgrade path

    • For a quick shortcut if you have only SAM installed, this is the standard upgrade path:  SAM 5.0 SAM 6.1 SAM 6.2
    • To confirm which version of SAM you’re currently running, check the footer of any page on your Orion SAM Web Console.
    • If you’re running NPM or any other modules with SAM, use the Product Upgrade Advisor tool to get an exact upgrade path to ensure you maintain compatibility while you upgrade.

5. Download the required versions from the customer portal


To download the current version, and any previous versions you require, you’ll need to log into the customer portal. Once you’ve logged in, use the License management menu to select ‘My Downloads’.


Next, select the product you want to download


And under the Server Downloads section, you’ll see the latest release selected by default. If you need an earlier version for your upgrade path, you can select it from the drop-down menu.




Complete your Upgrade

  1. Log into your Orion SAM server using the Local Administrator account to perform the upgrade.
  2. Run the installations, in order, to upgrade your product - the upgrade can be installed 'on top' of your existing older version.
    1. If you’re unsure of what order to use for the upgrade use the Product Upgrade Advisor tool for guidance.
    2. You’ll find the upgrade instructions for Orion SAM here, and a wealth of documentation, including upgrade and installation guides for all our products here.
  3. Always complete the configuration wizard before moving on to the next step!
  4. Got additional polling engines? You'll need to upgrade each of them at each step in the upgrade path to ensure they maintain compatibility. Make sure you upgrade your main poller at each step first, then update the additional pollers to match, for that step of the upgrade. Again, always complete the configuration wizard before moving on to the next step or the next polling engine.



If you run into any trouble during your upgrade, call us in Support on our toll-free numbers or submit a ticket – we’re happy to help!




Got a question that wasn’t covered here? Try these resources for help:

Orion SAM Product Page

Orion SAM Product Training

Upgrading SolarWinds Orion when FailOver Engine is installed

Migrating SAM to another server

Manual License Registration

I'm happy to announce that Storage Resource Monitor (SRM) v6.2 is now available in the SolarWinds Customer Portal for customers on Active Maintenance. This version includes the following new features and improvements:


  • Additional Device Support for Storage Resource Monitor's Orion Module :
    • EMC® Isilon®
    • Hitachi® Data Systems AMS, USP VM, USPV, VSP G1000, G200/400/600, HUS 100 Block-Side, HUS VM
    • HP® StorageWorks XP
    • IBM® Spectrum™ Virtualize (Vxxx and SVC)
  • Hierarchical Storage Pools


More details can be found in the Release Notes and in the RC blog post: More array support for Storage Resource Monitor in 6.2 RC.

We have all been waiting for this, and now it's here: the Dameware 12.0 Release Candidate is now ready for you on the Customer Portal! Don’t wait, just download it while it’s still fresh and hot. However, if you want to learn a bit more about the new features, continue reading.


This release brings several bigger and smaller improvements, so let me highlight a few of them:


  • Over the Internet (OTI) unattended sessions for Dameware Centralized users
    • Allows you to remotely support users on the move, and assist remotely without the presence of the end user
    • Deploy agents with OTI unattended support to end-points
    • Manage agents for OTI unattended sessions to maintain high security and control
  • Search Hosts in Mini Remote Control
  • Support for Windows 10
  • Ability to switch between the Standalone and Centralized versions without reinstallation
  • And many other improvements and bug fixes


The #1 feature which I want to talk about is the ability to use unattended over the Internet sessions. You already have been able to remotely connect to a computer, but it required the assistance of the end-user, and she might not have always been available or you simply didn’t want to bother the user. Now you can connect to her computer anytime.


To start off, deploy a new agent with unattended OTI capabilities to the computer. The agent will register itself automatically with the proxy. The deployment is as easy as it always has been. The new version of the agent contains support for unattended OTI. It can be configured in the General tab of agent settings, where you can limit the agent only to local connections, or direct and remote connections. These settings can be found for example during agent deployment when you are prompted to confirm the deployment under Install Options… > Configure > General.




Right after deploying the agent, it will be visible on the Admin Console for the Central Server, and will be waiting for your approval (if you have just upgraded and are not using an evaluation copy, which has auto-approvals enabled). This gives you control over who can use remote unattended sessions, but it also gives you control in case you have several thousands end-points and you don’t want to remote to them all over the internet.


As soon as you approve the agent, it becomes available for remote sessions.


Another option is to configure auto-approvals under Central Server > Settings by setting the value of the Remote Host Auto-approve property to true. This setting will automatically display a notification banner in the admin console.



After the approval of the agent for Internet sessions, it will also appear in the new Remote Host List of the MRC console, so any technician can start to make unattended connections from this list right away.

You can also drag & drop the host from Remote Host List to your Personal Host List or Saved Host List (see below screenshot). From any of these lists you can initiate unattended OTI connections. If you already have the computer in the Personal Host List before, it will appear in the list twice and its icon will indicate direct LAN connection (red arrow in the screenshot) or unattended OTI connection (green arrow on the screenshot).


You are probably also curious about searching for a host in MRC. Simply click on Find icon in Remote Connect menu of MRC console and type hostname or IP address.



I’d love to hear from you, so if you have any feedback, please let me know in a comment or use DameWare DRS Release Candidate forum.

Now go to your customer portal and download new installer!

One of the things that we wanted to do for this release was to split out the Windows Filtering Platform (WFP) from the Windows Security log connector.


Why are we splitting this out into a separate connector?

This is being split out because customers frequently call into support after being completely overwhelmed with the sheer volume of data upon enabling the Windows Security Log connector. While on the other hand some customers still want to collect this data.


What does this mean?

It means that upon connector upgrade this behaviors will change. Anyone that wants to collect Windows Filtering Platform events will need to configure that connector specifically once they get the latest connector update.

To receive updates on the Engineers Toolset roadmap, JOIN thwack and BOOKMARK this page.


When the v11.0 with new Toolset on the Web was introduced, it brought some fresh air to the Engineer’s must-to-have collection of tools and therefore we decided to continue with this trend also in the upcoming v11.1.

Out of all changes planned for the v11.1, a native web-based SSH client tool is the most significant addition so here is a small summary what it can do.



Web-based SSH client


Included in the Toolset drop down and available for every Orion managed Node/Element, SSH tool is available within a click anytime you need it.


Focusing on the simplicity, the main SSH client page allows you to connect to any Orion managed node and utilize the existing connection profiles created in toolset or NCM (if installed on the same server). Naturally, you can connect also to non-managed devices and specify your own credentials.



Natively supporting colors, exit characters and basically everything you would expect from the SSH client…

To simplify the credential management and keep everything under your control, administrators are allowed to create, manage Connection Profiles and assign them to devices globally but also individually to each and every user. This way, new users can have SSH access to some of the devices even without a need to know the password.


For more security sensitive organizations and/or troubleshooting purposes, auditing will be enabled by default so you can see when and who connected to what device using which credentials. When installed on the same machine with NCM, Toolset SSH client respects the more granular NCM roles of admin/engineer/uploader/etc and adjusts who can use pre-defined connection profiles.

Unlike with other real-time tools on the Web, there won't be limitation of 3 active tabs per browser so you will be able to connect to as many devices as you will need to.


Looking forwards to hear your feedback

Peter Ksenzsigh

Toolset team



To receive updates on the WPM roadmap, JOIN thwack and BOOKMARK this page.


With the official release of WPM 2.0.1 the WPM team is working hard to build several new and exciting features including:


  • Improvements in integration with Orion based products to improve ease of troubleshooting
    • Linking of Transaction to Application(s), which are providing services to monitored web application
    • Linking of Transaction to Nodes(s) on which is the web application running
  • Simple Conditional logic in transactions
    • Handling of random pop-ups
  • Improved recognition of node status
  • Positive and Negative matches (for text and images)
  • Adopting new reporting engine
  • Allow change of user agent string
  • Ability to inject cookies into transaction
  • Custom properties for transactions
  • Allow users multi-select steps in recorder for easier editing
  • Multi-variant text input
  • Support for IE 11

Server & Application Monitor 6.2 included a boatload of great new features that are going to be difficult to top, but that isn't going to stop us from trying. Here is a sneak peek at just a few of the items the team is diligently plugging away on.


  • Cloud Infrastructure Monitoring
    • Amazon AWS
  • Optional Agent for Linux Applications and Servers
    • Allows for polling host and applications behind firewall NAT or proxies
    • Polling node and applications across multiple discrete networks that have overlapping IP address space
    • Allow for reliable and secure encrypted polling over a single port
    • Support low bandwidth, high latency connections
    • Full end to end encryption between the monitored host and the Orion poller
    • Store and forward capabilities allowing the agent to operate independently of the Polling engine when network connectivity is lost
  • Numerous AppStack Environment enhancements
  • Real-Time Performance Analysis
  • Native Log File Monitoring
  • Web Interface design improvements
  • Active Directory Discovery
  • Application Template Assignment to Groups (Static or Dynamic)
  • Automated Network Sonar Discovery Import
    • Automatic monitoring of newly found nodes, interfaces, volumes, and applications based on discovery profile criteria
  • Web Based SSH Client

I'm excited to announce that the Log & Event Manager (LEM) 6.2 Release Candidate is now available for download by customers on active maintenance! If you're too eager to read the entirety of this post and want to jump right in, head on over to your customer portal to get started. The LEM team has been hard at work on features that will make your lives both safer and easier, and we can't wait to see what you think of them. So, with that, here's a quick overview of what goodness LEM 6.2 is delivering.



New Feature: Threat Intelligence Feed


I already wrote a lengthier blog post about this feature, so I won't go too much into the details, but I will say that this a feature that we're really excited about. You asked for it and now we have it ready for you. With this new feature, we focused on ease of implementation and immediate value, and we hope you'll agree that a check box to get it up and running is pretty good. It's as easy as the screenshot below.


LEM sources its threat intelligence feed data from command and control lists such as Zeus and Freodo, and drop nets such as Spamhaus and Dshield top attackers, among other sources.



New Feature: Automatic Connector Updates


LEM's connectors are one of its greatest assets. However, we realize that in the past we have made it somewhat cumbersome to get the newest connectors for the newest devices. So with LEM 6.2, we have created a feature that we're really excited about - automatic connector updates. With this feature enabled, you will no longer have to worry about manual updates - and you can rest assured that your LEM will always be up to date with the newest connectors.


Best of all, it's easy to use. Just enable it in Manage Appliances, and you'll be kept up to date. And if you want to force an update at any time, you're just another click away. See below.

enable auto updates.png


Improvement: Virtual Appliance Details from LEM Manager


For the purpose of ensuring reliable performance and simplifying troubleshooting, it's important for LEM users to be able to view their host appliances' resource settings. Because we know how important this information is, we wanted to ensure that LEM users have easy access to it. So with LEM 6.2, you now have access to this critical information directly from your LEM Manager. You'll be able to quickly view details regarding CPU, memory, and more.

vm details.png


And of course -- bug fixes!


We make sure that every release addresses your customer issues, and LEM 6.2 is no exception. To name a few:

  • NTLMv2 authentication support for effective resource allocations
  • File Audit Event report bug fixes and enhancements
  • New connectors for Kerio, Blue Coat, Proofpoint, GENE6, and more!


So what do you do next?


Head over to your customer portal to download and get started.


Once you have it up and running, if you have any questions/comments/concerns/feedback, head over to the LEM RC forum and let us know!


- the LEM Product Team


Disclaimer: Comments given in this forum should not be interpreted as a commitment that SolarWinds will deliver any specific feature in any particular time frame. All discussions of future plans or product roadmaps are based on the product team's intentions, but those plans can change at any time.

I'm excited to announce general availability of  Kiwi Syslog Server 9.5! The new Kiwi Syslog version is packed with great new features and improvements.


This release contains various improvements such as


  • SNMP v3 Trap support
  • SNMP Trap Forwarding (with ability to retain source address for IPv4)
  • Trap fields to VarBinds Elements in Output
  • Logging to Papertrail cloud
  • IPv6 Support
  • Statistics email reports based on different interval
  • Ability to create more than five web console users


Kiwi Syslog v9.5 is available for download in your customer portal for those customers under current Kiwi Syslog maintenance.


If you are not a Kiwi Syslog user yet, now go and download new version from now!

Storage Resource Monitor (SRM) v6.2 Release Candidates is now available in the SolarWinds Customer Portal for customers on Active Maintenance.  Release Candidates can be installed on your production systems and are fully supported. The Product Team is eagerly awaiting your feedback in the Storage RC Forum.


Additional Device Support for Storage Resource Monitor's Orion Module :

This release adds additional device support to the Orion Module, allowing customers to monitor more devices on the Orion Core Platform and take advantage of the AppStack Environment View.

  • EMC® Isilon®
  • Hitachi® Data Systems AMS, USP VM, USPV, VSP G1000, G200/400/600, HUS 100 Block-Side, HUS VM
  • HP® StorageWorks XP
  • IBM® Spectrum™ Virtualize (Vxxx and SVC)


Hierarchical Storage Pools:

In addition to more device support in the Orion Module, we are adding support for Hierarchical Storage Pools.  This allows customers to see multiple pool layers when a storage array has more than one logical storage container (pool) from which a LUN can be created.  This is possible with HP 3PAR and EMC VMAX.  Following are some screenshots showing Hierarchical Storage Pools and a *couple of new arrays supported. 


Srm62RcObjectsTreev2.jpgEMC Isilon - File Share Details - Summary.pngHDS(AMS2100) - Array Details - Summary.png


Devices Supported by SRM Orion Module in Previous Releases of Storage Resource Monitor

  • SRM 6.1
    • EMC VMAX
    • Dell Compellent
    • HP StoreServ 3PAR
    • HP P2xxx/MSA
    • Dot Hill AssuredSAN 4xxx/5xxx
  • SRM 6.0 - first release with the SRM Orion Module
    • EMC VNX / CLARiiON family
    • EMC VNX NAS Stand-alone Gateway / Celerra
    • Dell EqualLogic PS Series
    • NetApp E-Series (LSI)
    • IBM DS 3xxx / 4xxx / 5xxx
    • Dell MD3xxx
    • NetApp Filers running Data OnTAP 8 in:
      • 7-mode
      • Cluster-mode (aka Clustered Data OnTAP)

Filter Blog

By date:
By tag: