Comments
-
Are there any plans to potentially move away from ActiveX for the Toolset integration so that it can be used in browsers that aren't IE?
-
If I recall I had submitted a feature request that basically just goes through all nodes in the Orion DB (or some specified set of nodes) and updates Topology Data. I personally think that the discovery and updating of Topology Data and Node Discovery are two separate things and should be separated within Orion.…
-
So, it looks like that discovery did encounter problems. I started to see a bunch of "Canceled by Scheduler" issues. Going forward it would be nice to see a bit more beef put behind this mechanism and maybe some parallel discovery to allow it to scan for a lot more stuff, otherwise this feature is mostly useless in larger…
-
Perfect, I think I can work with that; thanks kellytice!
-
This seems to be a regular issue for the new version, it seems to me that they really missed something here as I have had this problem several times as well. I am actually working on fixing such an issue right now by running the config wizard as suggested by SW Support.
-
Thanks Jeremy, you rock!
-
Can this be done for Basic alerts. I have set basic alerts for Volume percent used and need to trigger repeat alerts every 6 hours till the alert is cleared. Basic alerts are exactly that "basic" and don't provide nearly the flexibility that you get with advanced alerts. This is not going to be possible with basic alerts,…
-
Sorry, I should have been more specific. I meant a generic loopback address, not the loopback interface. Since you have everything from 127.0.0.1 to 127.255.255.254 available, I believe any number of fake nodes would be available to you. Yes, it is possible to do this and it is what I am currently doing. The problem is now…
-
Can you elaborate on how you would use this? Sure thing! We have a colocation facility with cabinets that customers lease. The primary services associated with a colocation cabinet are Power, Cooling, and Pipe (bandwidth). With Orion I want to be able to monitor these as they are the service that we provide. I have…
-
I was curious if there has been any more consideration on the possibility of this Lab Edition of the SW software for currently licensed customers?
-
The data that I could use is not stored historically (Details found in VIM_VirtualMachineNodes). The DRS issue shouldn't be a problem as we are polling everything via Virtual Center. The CPU and Memory details that are stored at a host level per VM are stored historically somewhere in the DB because you can look at them…
-
Yeah, don't get me wrong, I think NTA is a great product! With that being said I look at LEM as a stand-alone security appliance and having this type of data in LEM as a single pane of glass (and for those that only have LEM and not Orion/NTA) can be a huge benefit; especially if you can use it to make more automated…
-
To add a bit more to this (and a bit out of frustration with trying to utilize traps in any meaningful way with Orion) I have a great example of what isn't working. Below is a trap that I received from Orion. After investigation I found that this trap indicates a post error though by looking at the trap I am not sure how…
-
nicole pauls if you get a chance you should check out the service that the folks over at ThreatStream have put together. I just had a conversation with them today and what they have is pretty awesome. I did mention that we use LEM as our SIEM and therefore have no native ability to consume the data from their feed. They…
-
Awesome, thanks Nicole! I will go ahead and give this a try as soon as I can.
-
Based on your license levels, you shouldn't need an environment as big as ours. If at all possible try and keep your polling engine on a different physical system from your SQL database and also shoot for RAID10 for your SQL DB and as much memory as you can muster for it. If you do those two things you should be good.…
-
Ok, I see what you are getting at. I agree, the Quest tools do a good job. We were looking at their Foglight tool for VMWare but I have decided to hold off until I see what the next version of NPM/APM provide.
-
I sent you a PM with an example log; hopefully that will help!
-
Since this is a Linux system you should install net-snmp which should allow you to collect this type of data.
-
I hope this works for me too!! i am going to be doing the same thing.. move a physical primary Orion server and a physical secondary poller to brand new VM 2008 r2 servers next week.. did you have any licensing issues? how were you able to back up and transfer you licenses from the old server to the new VMs? Well, I didn't…
-
When I click on the edit button I am only presented a selection of radial gauges. This must be for some different data type because I have never seen these options before.
-
I actually have the book Tao of Network Security Monitoring sitting on my desk though have actually read very little of it... its on the list. I took a look at that beta for DPI that you linked to; however, it didn't look at all like what I would have expected. I guess when I am talking about packet inspection I am…
-
I think it is exactly what you you have both said, it's "checkbox compliance" as well as just an archive to go back to later. The folks that I talk to here just don't seem to see the potential power once you do the massaging and tweaking to get a SIEM firing on all cylinders. To me SIEM is all of the following: log…
-
We also have both NPM and NCM. I have all of our network devices send their logs to my NPM system and have alerts setup for any time a configuration change is made. I don't currently have a report setup for those logs that I run each week or month but doing something like that would be really easy to do. There is also an…
-
Hi bryron-- Not sure but this may be a feature that NPM dev is working on for the next release. See this post, look under Syslog and Traps, Items 6 and 8. Let me know if this helps. M No, this doesn't seem to be covered. With most NMS's that I have worked with, they will discover all of the IP's associated with the…
-
In the event of an edge case where I am unable to configure things this way is there anyway to solve this problem? This makes me curious why Orion doesn't associate IP's with the other interfaces it discovers on nodes, it seems it would be beneficial to do so.
-
Unfortunately this doesn't look like the same problem I encountered. From the looks of this your polling engine is getting overwhelmed and giving up.
-
What do you mean create a view? In the admin section of WebUI there is an option called "Manage Views". Here you can go in and create different views/dashboards. In those dashboards you can embed your reports as a resource. That's too bad about creating custom tabs. Seems like a great feature. Everything else is pretty…
-
Having a single button in some other location to do this would probably be a feature request. The way I described to accomplish this is the only way that I am aware of.
-
Hrm, I am guessing something like the following... If I want it to trigger only after 3 violations across a 15 minute time period that I would tell it to [check alert every 5 minutes] and [do not trigger until condition exists for more than 14 minutes] or something to that effect?
