What is the Syslog table where all messages are saved in the SolarWinds database?
I would like to check which devices are generating Syslogs versus the one that do not have any Syslog.
The typical configuration is to have 3 separate databases in any SolarWinds deployment.
1. NetPerfmon Database
2. Netflow Database (in older versions if you dont have NTA this is not required) - in the latest version by default you will have this if you have Observability
3. Syslog Database
Ideally these 3 databases are different - you wont find syslog info on your default database (NetPerfmon DB).
If you are using SQL Server Management Studio (or similar) and connecting to your database you should be viewing Syslog Database - look under it. All tables related to Syslog will be in this database.
Hope this helps.
Thanks Vinay. I am trying to query information based on the Syslog messages?
I dont see any Syslog database instance in my SolarWinds database
How are you connecting to your SolarWinds database is it through DB Manager ? and do you have just one database ?
I'm not currently using it bit it may be the table below, give it a try in SWQL Studio
SELECT TOP 100 LogEntryID, LogEntryTypeID, LogEntryLevelID, NodeID, MessageSourceID, DateTime, MessageDateTime, Message, Level, LevelKey, DisplayName, Description, InstanceType, Uri, InstanceSiteIdFROM Orion.OLM.LogEntry
It's as @bobmarley wrote. There you have all the syslogs and traps.
To know what devices are sending log you can start with below query that shows how many messages that are sent per device. (Remove "TOP 20" to see all devices)
-- Traps and syslogs per nodeSELECT TOP 20 COUNT(L.LogEntryID) AS NrOfMessages ,L.LogMessageSource.Caption AS NodeName ,L.LogMessageSource.MachineTypeFROM Orion.OLM.LogEntry AS LGROUP BY L.LogMessageSource.Caption,L.LogMessageSource.MachineTypeORDER BY Count(L.LogEntryID) DESC
