Hi
any one know what they try to sell?
http://launch.solarwinds.com/180515NALogManagerWebinar_RegistrationPage.html?CMP=THW-BAD-SWI-180523_NA_LogManager_Webina…
Full Circle?
Late last year, jhynds posted a survey asking what Logging software is in use out there. There were many comments, among them was this one from sja, which I find amusing...
"Not serious ..Orion is not log management tool never was never will be..Solarwinds should be clear on that"
"Not serious ..
Orion is not log management tool never was never will be..
Solarwinds should be clear on that"
I take it that sja is highly motivated for such functionality, as am I. From posts in that survey, and in this thread, it seems that Solarwinds has understood the need to incorporate better log management in Solarwinds, and this Product Announcement is the result.
Jamie -- when you give the presentation, or in some link, could you please address licensing for registered holders of Kiwi Syslog. Both are Solarwinds products, and it would be nice if Orion integration came to Kiwi instead of requiring a separate product and license purchase. Don't you agree?
Kind Regards, Eric
sja From the screenshot on that page, as well as the description, it looks like some sort of tool similar to what Splunk does.
wluther
That help ..."similar to what Splunk does" Splunk can do many things..
Is that LEM level or Kiwi (simple syslog/trap reciver) ..
Is that part of Orion ???
My guess would be that if you attend the webinar you will find out
that's what i try to evade...
sja I was simply going off a few words in the description, and the only image available, and Splunk's basic log/data correlation/search functionality was the first thing that came to mind. I do not know what this product will actually be, or what it will actually do, it's just my guess with the picture and description.
Whatever it is, and whatever it does, I reckon we can only speculate until they announce it.
I wouldn't think it is LEM based or at the same level as LEM since a new version of LEM was just released and it doesn't indicate anything about an Orion integration. I would think it is either a new module/feature or an improvement to the built in syslog/trap system already in Orion.
I just hope that tool will take them closer to
:-)
While a new module would still be a nice thing to have, I am hoping for it to simply be an improvement to the existing platform.
From what I have heard it is going to sit somewhere between the Loggily product currently in the Cloud portfolio and LEM, so it will consolidate SysLog/Traps, and other event logs. I believe it will be SolarWinds approach to cut into the Splunk market, but to what extent I wouldn't guess. Wednesday is going to be exciting, I'm surprised they've kept it so under wraps for so long.
Hi All - my name is Jamie Hynds, the Product Manager for this exciting new log management product!
I'm looking forward to walking you through the product on the webinar later this week
I'm unable to attend during that time. Will the webinar be available for viewing afterward?
Thank you for any information.
If the word 'correlation' was somewhere in this blurb, the Splunkishness would be harder to dismiss.
I will be happy to “revert statement”
If that is truely part of Orion...
sounds interesting.. there's lot of talk about better log management, hopefully this one it is..but we'll have to wait till Webinar starts...
You can add me to that list, jhynds
Yes, if you can't attend the webinar, just make sure you have registered. You will then get a follow up e-mail with a link to the recording
Thank you much!
This is about SolarWinds Log & Event Manager becoming an Orion product.
SolarWinds is converting the flash based LEM to HTML, with SWIS built in. This makes it possible to integrate it with Orion.
I'd like to clarify that Log Manager for Orion is an entirely separate product from LEM. Log Manager for Orion is a brand new product, developed from scratch, which provides a unified view of log data and performance data within the Orion console (when integrated with other modules such as NPM). This unification of performance and log data can be used to assist with identification and troubleshooting of issues which may be affecting the performance and/or availability of your network.
LEM is a SIEM tool which geared towards regulated industries which need to comply to standards such as PCI, HIPPA, SOX and more, as well as providing an array of security features such as Active Response, Threat Intelligence, File Integrity Monitoring and more. We are continuing to migrate LEM away from Flash (LEM 6.4 Release Candidate shipped recently), but this not connected to Log Manager for Orion.
Thanks for the update. So SolarWinds will have two log management products that do more or less the same thing? Could you please touch on the differences in the webinar later on?
Thanks in advance.
Absolutely - will be happy to touch on the differences during the webinar
On that topic, for anyone who is interested in attending the webinar, but has yet to register you can do so here.
AAARRRRGGGGHHHH!!!!!!!!!
Missed it due to issues....
We have Kiwi and LEM and could REALLY use to have something for troubleshooting that is not as difficult as the LEM. LEM is great, but for simple searching or alerting its a bit much...
Looking forward to the recording!!
Think of this as the Orion-ification of Kiwi (which does not go away). Not a SIEM like LEM, but good for correlating the syslog for operational tasks into your other Orion monitoring. If you signed up they will send you links to a recording and other materials.
I'm still trying to wrap my brain around the price... $1500 for 10 NOdes... There's no way that can be right... right?
They still don’t get it....
I need good and simple notifications service that integrate with advance alerts ...
And No that should be part of the core software
I hope there are plans to increase the capacity to more than 1000 events per second for the entire instance, which seems very low for customers who are large enterprises and have large amount of syslog volume from routers, switches, and firewalls. Would be nice if it scaled better and each additional polling engine supported at least 5000 events per second.
sja and others here who want to alert on Syslog entries: I have some questions for you.
1. What sorts of alerts would you configure?
2. How would you identify which nodes to alert against (example, by Host IP address, for 5 hosts), or would you search against all nodes?
3. What would you search on (example, string "service recommended" in Message text)?
4. How often would you want to check these search parameter for possible triggers?
Hi ebradford
1.Syslog & TRAP that you can not poll or it does not make sense to poll that data
2.CP node_type
3.Message text
4.The point of syslog/trap that its not poll base its events base.
sja, This thread topic has changed a bit, so I'm going to start a new thread. I have a SQL search which I use to find specific syslog entries, because I find it difficult using Orion's Log front end to find specific entries. I'll create a new thread, then edit this message to post a link to it.
Link: SQL: How to search syslog for specific messages
So, I was able to get Solarwinds Orion to alert on Syslog content, and send out an e-mail based upon finding a specific string in the syslog. Go to the link the check it out (3rd message down in that thread).
What are the plans for Log Manager and Kiwi?
Will Log Manager eventually replace Kiwi?
From past experience I would say that Kiwi will continue to get enough development to keep it running as it does now, basically bug fixes and such, in line with how it has been the last couple years. On the other hand LM for Orion will be the place where the new activity is focused, since that better aligns with the single pane of glass and web based direction that SWI has been going for years. I don't expect them to stop supporting Kiwi any time soon as it does server a specific use case that is useful for many people, but if you want anything beyond what it is now then you may ultimately end up moving yourself over to LM.
