Comments
-
Can you configure the switch to send syslog and trap data to your SIEM? You'll be able to see information about switch errors without having to monitor all interfaces. It can be as simple (on a Cisco switch) as saying: config t snmp-server enable traps logging host x.x.x.x (insert the IP address of your syslog server here)…
-
You can use NCM to create or change a local user account on your edge equipment, if you like doing things via a scripted CLI format. 1. Create a text script that does exactly what you need. E.g. on a Cisco IOS switch: conf t username Fred privilege 15 secret 0 K93/0#!!N0230ssdkj;2389bv end wr 2. Copy your script to the…
-
It sounds like it's time to install the NPM QOE client on your NPM server and on the SQL server hosting your database. Your physical links should all be clean--no errors. If you've got a speed/duplex mismatch on any of them, you're wasting cycles in retransmits due to collisions. Verify L1 is perfect, then move on to…
-
Don't forget most folks don't use IE to access Orion. Chrome is the most popular, followed by Firefox. Both are MUCH faster and reliable than IE for accessing Orion.
-
Here's one from another user--this error belongs here, I think: Maximum request length exceeded NPM in 12.0
-
Here's a fun error to troubleshoot / understand: I got this when trying some options I read about in Thwack. The goal was to discover all ports that are operating in half duplex. It's not a helpful error, despite the amount of characters. It should say how to correct the problem, or point me to a resource for doing so. How…
-
I'd link to think there'd be easier ways to understand & remedy this error: When I click the link I'm taken to a page of the last 200 unknown traffic events, in Admin > NetFlow Settings > . Often I'll see subinterface / SVI NetFlow sources listed, along with a handy link to add them into NetFlow. Well, is that always the…
-
I'll offer a philosophy regarding error messages. If a condition warrants a message, the message should be clear and intuitive, and should include references or links to how to remedy the condition. An example from the Thwack logs is every case where someone has requested help with an "object reference not being set to an…
-
I can suggest some plans that may help you discover the actual problem and remediate it: Plan 1: Test using an alternate monitoring MIB Many of us saw something similar when monitoring Cisco nodes with NPM--but specifically regarding GBIC status or temperature or fans. The issue turned out to be caused by using a less…
-
* What's working well? * I set up the views and limitations on earlier versions; they seem to be working well after upgrading to NPM 12, but I'll admit that there's not a lot of changes necessary in this section of the product. * What still needs work?* I'm happy with views, but I expect all might change if I could just…
-
If you're still having problems backing up Bay routers with NCM, I'm using NCM 5.5 and have had success backing up Passport 2430's with this script I created: <!-- edited with XML Spy v4.4 U (http://www.xmlspy.com) by () --> <!--SolarWinds Network Management Tools--> <!--Copyright 2005 SolarWinds.Net All rights reserved-->…
-
Make it easier on yourself, at least for a test case. Simply use the GUI and select *2015* as the line to ignore, and then test it. Older versions required you to stop/start NCM to get it to apply this change. I'm not certain this is the case with the newest version (hopefully not). Swift packets! Rick S.
-
I have all of my Domain Controllers allowing UDT to successfully login to them, and my UDT user service account has the appropriate permissions. Nothing's showing up for logins on switchports monitored by UDT . . . Do I really need to have SAM installed to get logins recorded and showing up in UDT switch port records?
-
I bet someone can script this out for you, but I'd suggest great Change Management and communications is the better solution. Your server admins should be notifying you when they shut systems down or disconnect them. I monitor all server ports in NPM and get an alert when one loses link. I query the associated systems…
-
NCM needs to have the same administrative or Active Directory rights as you do, if you're using any kind of AAA, and especially if you're using TACACS. If it doesn't, you'll get that "Command not authorized" message. Example: * If my user name is Fred and I have read/write admin rights on the switch, I can SSH to the…
-
Hi, Mikegod, In NPM 11.5.2 you can find what you need here: Home > Reports > type "snmp" in the right hand search window and then hit enter or click the Search icon. You should see a report titled "Community Strings for each Node". Swift Packets! Rick S.
-
I spoke with Cisco TAC about this, and also with SolarWinds Support. SolarWinds tells me NPM does a MIB walk of the targeted device to discover interfaces. Cisco TAC reports they began including "Controlled" and "Uncontrolled" interfaces to accommodate new RFC-defined interfaces. The details: From SolarWinds: Orion uses…
-
Darth Vader - "impressive, most impressive" - YouTube
-
It's easy to add into your menu bars. I added my Performance Analysis to the Home Menu for my team.
-
It might be simpler to list all possible commands for a device (show running-config all), send it to a spreadsheet, and start highlighting lines you expect or don't expect. Once you have the list of lines, and it may well be a long one, you might build a compliance report that alerts on specific lines you don't want. Or…
-
Is this question answered? If not, consider if the discovery tool is merely reading the MAC FDB of the phone's internal switch, and thus discovering a second MAC associated with a PC plugged into the phone. Alternately, does the phone actually have two MAC addresses? One for its own internal use, the other for the use of…
-
If any of the answers are correct, please mark the first one correct, so we can receive credit for helping you out & answering. If none are correct, please ask for more help, and we'll do our best to get you the information you need.
-
I confess I'm not familiar with that query, but it looks like you've told it to search for something with "dots" in it. But the actual lien does not have any dots. Could that be why the query doesn't return what you expect?
-
Use NTA to display the users of the flows through that Interface. NTA will show you the source & destination IP addresses of the flow, and even show you what kinds of packets make up those conversations. NTA uses NetFlow, and allows you to drill quite deeply down into the packet flow to see what percentage of traffic is…
-
I bet you're experiencing a MIB incompatibility. I had the same problem with various Cisco products and SW NPM's default MIB. Check out this link and see if it answers / resolves the issue for you:
-
In addition to my earlier response, I'd add in NetPath for each unique / significant destination. It'll give you wonderful history, hop counts, HOP CHANGES(!), times of changes, and provide a beautiful graphic depiction of the circuits involved. Remember to configure your firewalls to allow NetPath's unique ports, and be…
-
Network Performance Monitor (NPM) will do all of what you ask, natively, right out of the box. If you want specific traffic data details, like sources, destinations, ports, traffic types, etc., then you should add in Network Traffic Analyzer (NTA). How are you measuring performance separately from the other five items you…
-
I have several hundred 2960's that do NOT support Netflow. Future Cisco deployments that will leverage their latest security solution require full NetFlow analysis for use with SourceFire/Firepower/ACI/etc. Be certain to know your security needs for the next five to ten years--as best as you can predict. If you buy…
-
Help us help you, by providing some more details to us about your environment: * You said you have a "medium sized network." * How many nodes will you monitor? * How many elements will you monitor? * What things (if any) are you NOT going to monitor? * Are there any overlapping or duplicate IP address spaces that need…
-
Sadly, my browser does not offer a "Save as PDF" option. Silly IE. Silly corporate policy requiring me to only use IE.
