I recently upgraded to NPM 12.2. We love the new VPN report however it is only retaining data for 3 days. How can I change this.
Additionally, there appears to be duplicate entries for for each access.
I changed ours to 90.
I also am using this query to create a report that will eliminate the duplicate handshakes from each connection.
SELECT SessionID
,UserName
,IPAddress
,SessionGroup
,DATEADD(hh,-5,ConnectedTime) AS ConnectedTime
,DATEADD(hh,-5,DisconnectedTime) AS DisconnectedTime
,ClientInfo
,CAST(OutTotalBytes/1048576.00 AS DECIMAL (16,2)) AS MB_Sent
,CAST(InTotalBytes/1048576.00 AS DECIMAL (16,2)) AS MB_Received
FROM SolarwindsOrionDatabase.dbo.ASA_RemoteAccessSessions
WHERE IPAddress <> ''
AND ClientInfo NOT LIKE 'DTLS%'
AND DisconnectedTime < DATEADD(dd,-1,GETDATE())
Any luck with this wickedoz? I am also seeing the same issue currently. I will start working on it and let you know if I come up with anything. I will probably look to the hotfixes first.
I opened a ticket with Solarwinds on this issue. It appears that the value is not manageable in the Polling Setting and is in the database with a value of 3. I am doing a remote session with them later this week to see if we can edit the value in hopes of getting longer retention. Hopefully they release a fix down the road that will make the value available for setting in the Polling Settings page.
The duplicate issue appears to be due to the different handshakes that occur when a user VPNs into the network.
Thanks for the update before I headed into the rabbit hole. I assume another hotfix is in order. I do see the different handshakes in the 30 day report. I am not sure if a report is going to help unless I run it every day and then just add them together.
Thanks for the update, I guess we will wait and see.
It would be great if we can get the retention period to be longer, however we may end up looking at extracting the info from the ASA_RemoteAccessSessions table. We may be able to come up with a solution that could filter out the additional handshakes from the VPN sessions.
The retention period needs to be changed in the settings table where the SettingsID = 'NPM_Settings_ASA_RemoteAccess_RetainDownTunnels_Days'.
I wonder why the default for this is set to 2? Did you change yours? What did you set it to? There is a canned report for VPN Remote Access Tunnel History that is set for 30 days. I might change mine to 30 for now. I am trying to see if there is a downside to editing the value.
Thanks for finding that,
Kyle
