Comments
-
That sounds correct to me!
-
Not a fan of these "Catch up's", we should be able to do old questions!! Had to use one for yesterdays, noticed that they used the work "does" instead of "dies". Doesn't really make sense otherwise!!
-
Yea, I think maybe this table might do it for you. Haven't checked for sure, but here is a quick query… SELECT TOP 25 N.SysName, ConfigTitleBefore, ConfigTitle FROM Cirrus.CacheDiffResults CDR JOIN NCM.Nodes N ON (N.NodeID = CDR.NodeID) WHERE CDR.DiffFlag = 1
-
Wait, I was just joking about the NDAs and such, not about you being out!! Ok, just kidding, they will make us fill out NDAs most likely…
-
Oh, I totally forgot one huge takeaway from this!! ⚡️DON'T RUN THE CONFIG WIZARD IF YOU'RE ALREADY ON 2026.2.1. ⚡️ It obviously changed my Alerts database and erased the values I had set in "CreatedBy". No idea why, but most of the other NCM issues I'm having are also after running the config wizard after the initial…
-
Of course at this point, you've only been invited, its not official until Solarwinds announces it and they'll probably have us fill out NDA's and such first. But, since you violated a rule by announcing it early, you'll probably lose your invite now. JK! 😀😁😉
-
So, some interesting updates. Setting the "CreatedBy" to a valid account brought back those alerts ok. However, running the config wizard again broke it again!! So, I went in to fix it again and one rule wasn't showing up all that quickly for me, just happened to be our version of "Node is down". So, I went in to check and…
-
So, I don't really know what you're asking for sure. Are you looking to manually figure out what changes have been made using SWQL, or are you just wanting a list of those that have changed? The way configs are stored and how SWQL works isn't really all the conducive to figuring out whether changes have happened or not.…
-
Ok, so I was having some issues loading a "Violation Details" in a compliance report, getting a "Website Error" after a long delay. So, I went ahead and ran the config wizard on the main box. Going through the AWS, it was still an issue post config-wizard, so I ran the config wizard on the AWS's. Fixed the issue briefly on…
-
I put this on a resource on a page that I do Solarwinds checks from. It will tell you what nodes are not responding to SNMP for more than 2 hours. You can use it, or use bits of it to fit your need. NCM backups have pretty much nothing to do with SNMP, so a bit confused on that. NCM inventory uses SNMP though… SELECT…
-
Changing credentials is harder than adding a new one to the devices, migrating to it, then removing the old credential. That way nothing should ever fail…
-
Check your scheduled reports maybe?
-
Didn't wait long enough! Changed the timeframe I was looking at from 1 hour to 15 minutes, and it appears to be working like a champ!!
-
There is a built in section in the Netflow Settings for IP address groups. You can create your own groups and add your IP ranges, single IPs and subnets. One group can have multiple ranges or whatever. Then, in Netflow Traffic Analyzer Summary page, click on the "Flow Navigator" in the left side. Go down to "IP Address…
-
Have you looked to see if there is an OID that corresponds to this value that you can poll instead? Much easier than parsing that table if it exists… Set up a Custom Poller at that point and go that route.
-
At that point you're just using SW as a SIEM, if it was a low # of logging entries, you might find the built-in logging to be sufficient, but I wouldn't want to do DC's without their SEIM product. Security Event Manager I think? But, you could just as easily use any other SIEM, like Splunk or whatever.
-
Not quite sure what you're asking? If you're talking about backing up configuration archives, you should back up what is in the "Config Archive Folder Locations" to wherever you want? You'll want to set up a windows job to actually copy them, you'll have to probably set up a service account so permissions are correct for…
-
40,000 lines? If I had to guess I'd say Forticr*p? I don't believe there is a maximum lines setting, there is a minimum though. I think it will eventually time out if a config download is idle, but if its still transferring I think you'll be ok. I couldn't find a setting for it, but if it exists it would be under NCM…
-
Assign the devices to groups and restrict it that way? Group assignments can be done dynamically based on quite a few different things, make sure you look into that. The restrictions are implemented in the Users account under "Account Limitations", you should look through that to see if an easier way than creating a group…
-
Or, open a ticket and they'll help you with it…
-
You'd first have to enable the audit policies in event viewer on the DC to make sure that events are created for login success/failure, and audit credential validation for failure. Then you'd get events in Event Viewer that correspond to that. You could see them there, or if you're sending logs from the DC, you could…
-
Yea, I'm was off on Friday, so I missed that question, and have no chance to go back? Should at least be available for one business day after the mission closes…
-
I haven't, but I'll keep my eye out to see if I do..
-
Check out Orion.OLM.ProcessingRule and Orion.OLM.ProcessingRuleActions. Not totally sure how they relate or what else might be involved.
-
https://github.com/solarwinds/OrionSDK
-
The first one was too simple, considering I've been a member since then!! 😁
-
The limit will probably be on your database server rather than your SWOSH environment. With the old licensing if you pushed the limit on whatever server was receiving your flows, you had to purchase APEs (Additional Polling Engines). With the new licensing model you can deploy as many APE's as you want. Since the flows are…
-
I got it installed this morning and am seeing some stuff on the dashboard. A bit weak IMHO, but has some useful stuff. It has a "Routing Summary" with some good stuff, another one on "Routing Tables" that lumps all of your routing tables together. Kind of ugly, has to be a better way. Then a "Routing Neighbors" tab that…
-
Have you upgraded to the latest? Supposedly there is a new routing dashboard they just put in that is really nice. Haven't done it myself yet, in production at least.
-
"Always on availability" is an SQL concept. It depends on how available you want the data to be as to the number of nodes in the cluster? I've never actually seen anyone go to the trouble for a Solarwinds instance, It really depends on how critical the data is and how much you want to spend to get a little more…