Comments
-
Check out Orion.OLM.ProcessingRule and Orion.OLM.ProcessingRuleActions. Not totally sure how they relate or what else might be involved.
-
https://github.com/solarwinds/OrionSDK
-
The first one was too simple, considering I've been a member since then!! 😁
-
The limit will probably be on your database server rather than your SWOSH environment. With the old licensing if you pushed the limit on whatever server was receiving your flows, you had to purchase APEs (Additional Polling Engines). With the new licensing model you can deploy as many APE's as you want. Since the flows are…
-
I got it installed this morning and am seeing some stuff on the dashboard. A bit weak IMHO, but has some useful stuff. It has a "Routing Summary" with some good stuff, another one on "Routing Tables" that lumps all of your routing tables together. Kind of ugly, has to be a better way. Then a "Routing Neighbors" tab that…
-
Have you upgraded to the latest? Supposedly there is a new routing dashboard they just put in that is really nice. Haven't done it myself yet, in production at least.
-
"Always on availability" is an SQL concept. It depends on how available you want the data to be as to the number of nodes in the cluster? I've never actually seen anyone go to the trouble for a Solarwinds instance, It really depends on how critical the data is and how much you want to spend to get a little more…
-
No, you have to use either SWQL Studio, or put it in a resource. I personally have something similar in a resource in one of my pages. Easier than loading SWQL Studio. Edit a page, go to page settings, add a resource to one of the columns of the type "Custom Query". Then preview the page and make the title you want and put…
-
Wow, very little info here. But, wild guess. Problem with a rule on the firewall.
-
So, you want them both to be bad, or both to be good? You should note that there is a couple arrows in the middle of the link, pointing at each other. These are signifying that one side of the link is outbound from one interface, while the other side is showing outbound on the other side of the link. Neither interface…
-
Well, it depends on what you want in the alert. Using Variables, you can do things like have the name of the node dynamically change and have just one alert for a given trap. You can probably even have the name of the trap as a variable and stick that in there, and do one alert for all of them? However, trap names are…
-
Maybe one of these might help? https://documentation.solarwinds.com/en/success_center/whd/content/helpdeskconfigureoutgoingemailaccounoffice365.htm
-
I don't think we're having that issue? So you have configured the Netflow on the device to send to the VIP and not the primary poller, right? Do you have firewall rules that might prevent it? Are both of your HA pair on the same subnet?
-
Well, unless you have the HA device managed via an OOB interface, its probably not going to be managed well. That does depend on the brand and how they implement it though. If you do manage it through an OOB interface, you can always add the connections manually if they don't show up? Not sure how useful it is though.
-
Is SAML an option? Much easier to work with if so…
-
Configure the firepower device to ignore traffic like that from the SW server. Just pass it through.
-
Try reading through this article. Odds are that Solarwinds hasn't seen the devices to add them. https://solarwindscore.my.site.com/SuccessCenter/s/article/Add-MIBs-to-the-SolarWinds-MIB-database?language=en_US
-
It does, but not in the NPM part of Solarwinds. That uses simple SNMP polling to download very simple bandwidth usage. For getting QoS based information, you need to be configuring and using the NTA module, or "Network Traffic Analysis" and configure up Netflow or something similar on your devices. You should be able to…
-
Yes, there is absolutely no easy way to take a DISA STIG file and import it into Solarwinds, neither now or in the past. @CourtesyIT did a ton of work to get the STIGS into Solarwinds Compliance rules for us. That being said, you really don't want simple DISA STIGs imported anyways. ie: a DISA STIG rule says you should…
-
Hmm… Do you mean one physical device that is split into multiple virtual devices? Or something like a firewall redundancy HA setup where you have two physical devices where only one is active at any given time? No idea on either, but a bit confused as to what you're really asking about?
-
Solarwinds is very browser oriented, and for some auditors who want to just be able to click on a link and have it open their preferred SSH tool rather than some funky HTML5 SSH client like Solarwinds uses, I created a simple resource that is just a simple link that a browser can open. It goes to "ssh://<IP ADDRESS>" and…
-
Here is an update for you! You can no longer say that the last post was from 2023, there is now a post from May 2026 entitled "Any Updates - ANYBODY????". 😁😜
-
It also depends on what you do with each service? ie: We send the vast majority of our syslogs to a Splunk instance, which is really beefed up, we only send config logs to SW so it can do RTCD. So, putting our logs on a separate database doesn't make a lot of sense. Same with Netflow, if you only have a few things going to…
-
Doing direct CAC authentication, or leveraging SAML to get you in? We use SAML, so far haven't had any issues, but I haven't upgraded all of our environments yet.
-
I don't envy you! Just a quick FYI - agents are MUCH easier and probably even safer…
-
But, don't forget to go to the http and error logs on the destination system also. I think the odds are the error is there from the error message you're getting. It should give you guidance as to what you need to solve…
-
Ok, so here is the fixed query with that change… SELECT n.Caption AS [Node], i.InterfaceName AS [Interface], i.InterfaceTypeName, i.PortStatus AS [Port Status], m.PortType AS [PortMode_Code], 'Access' AS [PortMode_Interpretation] FROM NCM.Interfaces i JOIN Orion.Nodes n ON n.NodeID = i.node.CoreNodeID JOIN…
-
Oops, used a bad field to use for "Interface". I used "InterfaceAlias". Try changing that to "InterfaceName" and it should work better!!
-
Yea, I think this one is more accurate, converted to using the NCM.Interfaces table, and had to use the implicit join to the NCM.Nodes to get to the "CoreNodeID" which is the name as Orion.Nodes.NodeID. Looks to be a bit more accurate for me, but as I said, will have to test some things!! SELECT n.Caption AS [Node],…
-
Oh, I think I already see the glaring issue. You're starting with your base table as Orion.NPM.Interfaces, which only has interfaces that are monitored by NPM, and we don't monitor hardly any access ports as we don't want to be bothered by them? UDT of course doesn't have all of them either, just the ones its monitoring.…
