Advanced syslog parser is dead... long live to Log Analyzer

A Log Summary dashboard, along with updated Node Details resources is something we are currently working on. I'll second Marc's comment above - if you could provide some screenshots of what you'd like to achieve it'd be great. Equally, if you'd like to set up a quick call to discuss further, just let me know.

Syslog and Trap widgets on nodes details page are not working after upgrading to OLV. Below are the names of widgets.

- Node Related XX Syslog Messages

- Last XX Syslog Messages

- Last XX Trap Messages

Does Solarwinds team have a plan to modify these widgets to use new log database?

Yes, we do intend to create some new out of the box widgets based on the new tables... In the meantime you can use a custom query widget and the example query below on your node details page. (stolen from wesleykparker​ in another thread)

SELECT TOP 100 -- Edit this number for how many messages you want to load to widget (you can modify the widget for how many messages to page)

let.Name AS [Message Type]

,Level AS [Severity]

,TOLOCAL(DateTime) AS [Log Time]

,SUBSTRING(Message,1,100) AS Message -- Edit the last number for how many characters of the message you want to see

,CONCAT('YOURORIONURLHERE','/ui/orionlog/logviewer/now/1hours/',${NodeID},'/syslog') AS _linkfor_Message --Replace YOURORIONURLHERE with the address ex:  'https://orion.abc.com'

FROM Orion.OLM.LogEntry le

JOIN Orion.OLM.LogEntryType let ON le.LogEntryTypeID = let.LogEntryTypeID

WHERE NodeID = '${NodeID}'

--AND le.Message LIKE '%${SEARCH_STRING}%' -- Remove The -- From beginning for the "Search SWQL Query" Box

ORDER BY DATETIME DESC

I actually happened to be loading up my custom widgets for this use case into a client environment when I noticed this thread got updated.  This is the SWQL I use, a little bit less leg work for the end user and it attempts to clean up some of what makes traps super ugly

SELECT MessageDateTime

, let.Name as Type

,substring(Message,1,charindex('sysuptime',message)-2) as Message

, '/ui/orionlog/logviewer/now/24hours/${nodeid}/'+let.Name as [_linkfor_Message]

FROM Orion.OLM.LogEntry le

join orion.olm.logentrytype let on let.logentrytypeid=le.logentrytypeid

join orion.olm.MessageSources ms on ms.MessageSourceID = le.MessageSourceID

where le.nodeid=${nodeid}

and messagedatetime > addday(-1, getdate())

--and message like '%${SEARCH_STRING}%'

order by MessageDateTime desc

Just what I was looking for!

When?  its been months since you posted this and still nothing....  LA is terrible