Comments
-
This was caused by applying KSS-9.7.2-Hotfix-1 on my system. I reinstalled Kiwi Syslog 9.7.2, and it kept my old settings, and File> Setup now works again.
-
Well, I wouldn't guarantee that moving WMI polled servers from the server that hosts the web would solve it completely. You can probably stop the web console from crashing, but you may still get browser lag if there are servers polled from the web server that are down. My experience is that even a few WMI nodes being down…
-
Those specs and stats look pretty good. I was thinking that polling from the web server was causing your problem. But do I hear you right, that WMI polling is from a different server than the web console? How many servers that you poll are down at any one time? If it's only a few, then this WMI thing could be a red…
-
How many servers you are polling, and the what type of CPU and memory on your polling server, and even how well built your SQL server is can also make a difference. Have a look at this to start: https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-optimization-polling-engines.htm I love short…
-
I would recommend quarantining and getting file hashes, if possible, since there have been false positives and false negatives in various products over the last few days. Filenames, file hashes, signing hashes, file create and mod dates are all useful info in determining effects on your system Don't throw away evidence.
-
The best I can offer is to unmanage server that will be down longer than for a reboot, and to otherwise stagger reboots. Also, the polling interval makes a difference, too. Aggressive polling really brings the problem out.
-
There have been false positives and false negatives in several AV products, because information on affected hashes, dates, and filenames has not been consistent. I would quarantine the files, and pull manual file and signing hashes, file creation and mod dates if possible. That would let you confirm infection and share…
-
Turning off servers and disconnecting them from the switch preserves evidence for further analysis when additional info comes in down the road. People want to know how much rebuilding they may have to do due to lateral infection from the SolarWinds server. If you must run Orion, create a new Orion machine and do a fresh…
-
Yeah, I wish SAM would ping, and not try WMI if it fails. Also, it would be nice if SAM would return a real, useful error when WMI fails. If a link to a building with many servers goes down, my 1st clue is often that Orion web page hangs because of these errors. I guess they haven't tested it at scale.
-
> We ran a scan against our 2020.2.1HF1 server and McAfee found the .dll in an .msi file from 2019.4 update we did in January. Which DLL? netsetupsvc.dll or SolarWinds.Orion.Core.BusinessLayer.dll? What did McAfee say about the DLL? What is the signing hash, and what is the file hash of the file in question? Many Orion…
-
As of noon CST 12/21/2020, the DHS/CISA Alert Alert (AA20-352A) still confusingly combines versions for 2020.2 and 2020.2 HF1 on the same line. The FAQ has links to KB articles for checking version and hotfix. Those KBs should be combined into a single KB, and https://www.solarwinds.com/securityadvisory/faq under What…
-
I notice a timestamp at the top of the advisory page now. Thanks!
-
I thought 2020.2.1 came out in August. https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-1_release_notes.htm Orion Platform 2020.2.1 Release Notes Release date: August 25, 2020
-
WireShark WinSCP Notepad++ PortQryV2 Some sort of SNMP walk tool. SolarWinds has several, and they vary in capability.
-
The most common cause is bad login is configured on SAM for that node - wrong password. You should be able to test WMI from the Device Page.
-
I cannot keep searching these forums for latest info. As of this writing, the link at: https://www.solarwinds.com/securityadvisory is undated and has no time stamp indicating that it is the latest info. Other threads indicate that 2020.2.1 HF 1 does NOT fix this problem, and another HF is coming tomorrow. See Tony…
-
I cannot keep searching these forums for latest info. As of this writing, the link at: https://www.solarwinds.com/securityadvisory is undated and has no time stamp indicating that it is the latest info. Other threads indicate that 2020.2.1 HF 1 does NOT fix this problem, and another HF is coming tomorrow. See Tony…
-
Sorry for the delay. So much time, so little to do. I have a support ticket open now.
-
Sadly, this did not work for me. I dodged the error in the Success Center article regarding WebsiteID=1. Chances are, your WebsiteID is NOT 1 if you've had Orion for a few years or been through several upgrades and changed website bindings. But we already had SSLEnabled=1 for our website in the table. Will the changes in…
-
shankarkrupa - We have the same problem on both Toolset 11.0.7 with NPM 12.4 and 11.0.8 with NPM12.5. We use SSL for Orion web with a government issued certificate, and only use https. We have a single entry in the Websites table, with port set to 443, SSLenabled set to 1, and the FQDN of our certificate. Can you be more…
-
tdanner - Instead of saying: "You can get the PowerOrion files by cloning the SDK repo (<span>git clone </span><a class="jive-link-external-small" href="https://github.com/solarwinds/OrionSDK.git" rel="nofollow">https://github.com/solarwinds/OrionSDK.git</a>)." I think it's better to say: "You can get the PowerOrion files…
-
Nick - I'm having a jolly good time scripting. It was just a matter of the right link and button for the download plus my n00bility. I do think a wiki sentence or two could prevent my feelings of shame and inadequacy. But I've hired a therapist. =seymour=
-
Tony - I tried deleting the one record in ActiveBackupStateStorage after stopping NTA, but it didn't work. =seymour=
-
Tony - Sorry for the delay. Federal shutdown interruped many things and messed up schedules. This has not resolved the problem for us. We are still planning a full wipe of C: and install of a new OS, and full reinstall of all SolarWinds modules. =seymour=
-
I would add that the DirectLink account creates other complications. If you enable Automatic Windows Account logins, users who either have no account, or whose browser misbehaves will be logged in automatically as DirectLink. This often creates a help desk call. Without DirectLink, a misbehaving browser shows the login…
-
Kiran - What I discovered is that I could not go straight from NPM 10.3 to 10.5 because our NCM was at V6.1. So I had to upgrade NCM to 7.0.2, which significantly changed many things (for the better). It got stuck in the upgrade until I manually killed a configuration management job that was running. No big deal. Then I…
-
Note that XE and XR are different. I don't know how authoritative this is, but it at least attempts to de-babelize it a little: https://pokounetwork.wordpress.com/2013/03/02/difference-between-ios-ios-xe-and-ios-xr/ NX-OS is yet another beast based on Linux. Cisco command syntax is about as standard as dialects of English…
-
I have the same problem, several years down the road. I generate several NetFlow reports every night. Only 1 report fails to populate the charts. I get the outline of the chart, but no graphs. Interactively, the URL works fine. I even changed the job to use my own user ID (for which I must change password every 45 days)…
-
Kiran - I'm going through this same upgrade as we speak, actually 10.3.1 to 10.5, on a server that also hosts NCM 6.1 and NTA 3.10. The first thing I discovered is that I need to do intermediate upgrades 1st, i.e. I cannot upgrade straight from 10.3.1 to 10.5. I must upgrade my NCM to 7.0 or later 1st. But NCM 7.1.1 said…
-
I just did the 2020.2 upgrade, and see these 3 alert migration errors yet again. Did you ever find anything more on this?
