BaldFeegle · Monitoring Engineer · ✭✭✭✭✭

So I think I've worked out how to identify groups that don't contain a "Local Nodes" group, but I'm getting all of the sub-groups returned. How can I just return the top-level groups? SELECT c.NAME FROM Orion.Container c WHERE c.Name NOT IN ( SELECT c.name FROM Orion.ContainerMemberDefinition cm JOIN Orion.Container c ON…

I should add that the "Local Nodes" query gets added just to the top level groups, so I also need a way to identify top level groups.

I'd configure the alert to restart the first service upon detection. Then add an escalation level with a wait time of 2 mins and an action to restart the 2nd service. You can use a SWQL variable to get the component ID of the service you want to restart. We do this if memory usage by the Netflow service gets too high it…

I find that once you've made your way past 1st line it's not so bad.

Turns out I just needed a conditional count. SELECT Nodes.Caption, Nodes.NodeID FROM Nodes JOIN CustomPollerStatusTable cps ON cps.NodeID = Nodes.NodeID WHERE cps.pollerid = 'example_poller_id' GROUP BY Nodes.Caption, Nodes.NodeID HAVING COUNT (CASE WHEN cps.RowStatus = 1 THEN 1 END) = 0

SELECT COUNT (concat(NodeID, rowstatus)), NodeID FROM [SolarWindsOrion].[dbo].[CustomPollerStatusTable] WHERE pollerid = 'EXAMPLE_POLLERID' AND rowstatus != 1 group by NodeID I feel like I'm edging closer with this which returns the count of nodeid's that have rowstatus != 1 but can't work out how to compare that to the…

Yeah tnc is my go to for port testing. Telnet is pretty much banned,. The situation just got me thinking. One of the biggest challenges we have in this industry is working out where traffic is being blocked, especially in very large environments like mine which have multiple vendors in charge of different bits of the…

In the end we decided we didn't want an alert per peer, but rather an alert when we got 50 events ending "peer-new-state:down" in ten mins because that indicates a major SDWAN problem. The powershell script makes sense. Off the top of my head though I don't know how I'd use that powershell to pull the appropriate syslog…

Thanks Adam. That's helpful.

Thanks for this, unfortunately it doesn't help unless I've missed something. I should have made it clearer that this happens at the node level, rather than the global level. So one device might accidentally get the password changed, but when that device comes to be backed up, it locks the account out so nothing is backed…

For some reason the account we were using had lost access to the API. After deleting and recreating the account in SolarWinds it's working now. 

Yes they're in the store and work for other powershell SAM monitors where we use the credentials to get through the internet proxy server.

Yes they're fixed.

Yup

I reviewed that yesterday and we've got everything open. I'm thinking its a bug.

Those are allowed too. 

I'm running tnc from the main polling engine. 

Yeah. There's a log engine licensing fix that I K ow is in 2023.3 but isn't on the release notes. Gonna check em again next week. 

Create a Solarwinds credential entry for the user account you want to be used. In the SAM Powershell monitor select that account from the Credential for Monitoring dropdown Include ${CREDENTIAL} in the Script Arguments field In your powershell script assign that to a variable. E.g. $ServerCreds = $args[0] #assuming…

The JobEngine bug that causes the polling issue you're referring to is fixed in 2023.3. I'm just waiting for any big bugs present in 2023.3 to surface before I decide to take the plunge. 2023.3 has a lot of bugfixes and not many new features which makes me hopeful it'll be more stable than 2023.2.

Any workaround we can apply in the meantime? 

Hey there, the case ref is 01398522. It'd be great if it was fixed. 

Yeah, finding that as a known issue was quite the surprise.

Our workaround was to set the nodes to ICMP only for now.

We have the answer. It was a bug that caused API pollers to fail if the node was set to external. Fixed in 2023.2.1. SAM 2023.2.1 Release Notes (solarwinds.com)

Sure, it's 01394024.

We have about 70 API pollers for various uptime checks in Pingdom. Each one brings back 4 metrics. Response code, response time, last response date/time, and status message.

It's not a problem with Pingdom, when I'm in the API poller I can hit Send request and it pulls the data back. Other API pollers like RabbitMQ are running so this update has somehow broken Pingdom API pollers.

We have a support case open already but sometimes the community knows more than support about bugs like this. The known issue doesn't fit our symptoms, but we tried the workaround anyway. No effect.

Looks like the popup windows is actually a Windows Security dialog box which I think is the reason WPM isn't picking it up.