cnorborg · Network Professional IV · ✭✭✭✭✭

This was based off a discussion with our Cisco rep and SE well over a year ago. I'm guessing part of it was them trying to sell us ISE so I wouldn't be surprised if their story has changed since then. Doesn't change the fact that Cisco ACS has been getting progressively too expensive for the task that many of us want it to…

We have actually moved on to a product called "tacacs.net", still a bit in its infancy, no GUI (yet), logging needs a lot of improvement. But, its been pretty rock solid for us since we put it in in terms of authentication. We were running the free version for several months on quite a few devices - mostly IOS, without a…

Glad that your happy to stick with the Cisco product(s), but I would still be interesting in hearing from others that are either using alternative TACACS servers or are evaluating going to one? I definitely think the price-tag Cisco is asking for the current ACS and/or ISE is way too high if you're basically using it for…

Not saying it can't be done, but it will probably require a lot of work and full SQL... There are multiple problems, the first being that Orion doesn't group interfaces with the types your thinking of above. Instead its grouped by types like "EthernetCsmacd", "other", "propVirtual", "l2vlan", "ieee80211", "bridge", etc..…

Wow, old question brought back to life... Ok, I actually went through this a bit and here is the basics of it. In NPM proper there are two tables that you might be able to glean this info out of. The Interfaces table and the NodePortInterfaceMap, however both of these have their own problems in that Interfaces only has…

I agree with quite a bit of what has been said, however, I have a few tweaks that might make things go faster and your life easier... The first question I would have is whether or not you need the HTML interface on the switches? If not, downloading the tar images both takes longer and doesn't give you very much in return.…

I tend to get decent response too, some of how quickly you get a response deals with how you open the case. If you open it with a lower priority, it might take a while to get a response - I've never had it take a week though. It would be nice if you could change the priority once a case is open though. I do agree with…

 Hmm... Well that upsets me a bit. I specifically waited for the SP2 to come out and asked if the 9.0 version I downloaded the day I installed would have SP2 in it, but I don't think it does. It should say SP2 somewhere, right?

I think this answers my question of "How do I hide the sample policy reports", at least from the website. I'm guessing you just delete them? Personally I would love to see this mirror the "Orion Report Writer" method of having a "Make this Report available from the Orion Website" checkbox, would make things much simpler I…

Hmm... There are a couple of difficulties I see in getting this knowledge out of Orion. The first being the polling interval of interface statistics on your interfaces. By default this is set to 9 minutes - not positive because we have ours at 10 minutes. But, this means every 9 minutes Orion should go poll how much data…

Yes

The initial posting was about using "if-state nhrp" to help monitoring these tunnels in NPM. That works just fine without involving NCM at all. The NCM portion was a way to simplify configuring it on all your tunnel interfaces, or at least to check and make sure that it is configured. You can skip this part if you don't…

No problem! You got a bit lucky, I was looking at your screen shots and was about to tell you the same as rschroeder​ told you. But I pulled up my own environment and looked at it and realized that the error message was in line with what you might expect should it not be expecting to work with a config block. Glad it was…

If anything can do it, it would be NCM. However, there are probably limitations based on the vendor equipment that you're running. NCM compliance is built upon verifying the text-based configs that are on the products, usually for those that have a CLI. If its a fully web-based config, then NCM can't touch it. All mainline…

I don't think this would be the issue, he did say the Alerts are getting fired, its just not sending the email. The trap issue prevented the alerts from firing in the first place due to trap oid's getting truncated. So if he knows the alerts are firing, this issue would be unrelated...

I always liked using SNMP location for this. ie: you set the location on the device to what group you want it in, and then have it group by that in Solarwinds. The big problem is that Solarwinds also wants to use the SNMP location for automatic geographic mapping now. Which is why I created a feature request to allow for…

A couple of my previous posts mentioned TACACS.net, which I used at a previous job. Might not have been pretty, but it was effective and after a bit seemed to work on everything. Even did SCAS (Shell Command Authorization Sets). Thought the logging could use some improving, and they did implement some of my suggestions for…

 We use both CW and SW and I'm not sure why you would ever want to make SW work like CW!! SW is much nicer!! 8-) But I do agree, using the SNMP location is great, esp. when you're using multiple NMS like SW and CW. Pretty much all NMS systems I've used can work with this to sort your devices by location. Having it set up…

The data is there, you just need to pull it out. Here is a sample query, I start with the "Volumes" table and tell it not to look at network devices (ie: NOT (V.Node.Category = 1)). You could probably do "(V.Node.Category = 2)" which I am pretty sure is servers, but I thought I'd be a little more comprehensive in my…

Sorry, been buried in Aerohive recently, which even though they are "lightweight" you can manage via SNMP in Orion. Didn't like them at first, but I think I'm actually preferring the Aerohive AP's to the Cisco in many ways now. Much easier to work with IMHO... But, back to Cisco. Some of that stuff you do get from traps on…

Yes, it would look something like this on the Node Details page. What ever is where it says "Cisco ASA 5550" is what it should sort on when "Machine Type" is presented.

There are some DNS settings in UDT, if you go to UDT settings under "Advanced Settings", you'll see a timeout for DNS jobs, you might need to move that upward. Depending on how much devices move about on your network, you might want to adjust the DNS Cache Positive TTL (for this one if things don't change much, you can…

Ok, lets try this: An Unknown MAC address has been detected by Solar Winds User Device Tracker ${N=Alerting;M=AlertTriggerTime;F=DateTime}. Rouge MAC-Address: ${N=SwisEntity;M=MACAddress} Port: ${SQL: SELECT Name from [dbo].[UDT_Port] WHERE (PortID = ${N=SwisEntity;M=PortID})} IP: ${SQL: SELECT IP_Address FROM…

Somewhat familiar with Regex, but this was has me perplexed, trying to figure it out. Pretty sure as-is it does not solve what I'm looking for though, but correct me if I'm wrong... Lets say the two lines I want to exist are ssh 10.10.10.1 255.255.255.255 MgmtInterface ssh 10.10.10.3 255.255.255.255 MgmtInterface Not…

Oh hey, we might have figured out a commonality that could help figure out why some switches are that way and not others. Only gone through a few of my switches so far, but, it seems to be limited to those switches that are either 100% full and have a dynamically assigned vlan (other than vlan 1) on each port, or have been…

Interesting! Not far off from what I'd expect I guess though. We're affected on about 4% of our nodes, which would be 2.92 nodes out of 73? So 1 isn't too far off I don't think. I think the IOS version is kind of "in the middle" of the versions we're using, so that would make sense. Looks like a stack of 2 switches? Out of…

Thanks for the try cahunt‌, your example works just fine for someone that changes a View, but not for a device-type View. ie: If you go to "Settings" and "Manage Views" (or just customize a page), your example will pick it up in the Audit logs. However, if you go to "Settings" and "Views by Device Type" and change…

Not yet, was hoping others would chime in with constructive criticism and/or other things they wanted to see before I did this. Then I got distracted by a squirrel or something!! I'll try and remember to do it. Maybe your response will trigger some others to chime in though!!

With NCM the "base" table is NCM_NodeProperties, which has both the NCM "NodeID" that is used in all things NCM, and the "CoreNodeID", which corresponds to the NPM side of things. So, something like this works: SELECT DISTINCT TOP 100 EMQ.NodeID, ND.Caption FROM [dbo].[NCM_EosMatchQueue] EMQ JOIN [dbo].[NCM_NodeProperties]…

Hmm... That depends on where that info comes from. Try this query and let me know if the MachineType column has the info you want? SELECT ToString(Year(EP.NodeProperties.EndOfSupport)) + '-' + ToString(Month(EP.NodeProperties.EndOfSupport)) + '-' + ToString(Day(EP.NodeProperties.EndOfSupport)) AS End_Of_Support, EP.Model,…