sturdyerde · IT Solutions Team Lead / Microsoft PowerShell MVP · ✭✭✭✭✭

Probably best to send this kind of information in a private message. Still, many thanks to @"tony.johnson" and everyone else for diving in to support everyone today!

You can use Orion's NPM and SAM modules to get some basic monitoring of your VMware environment, but the best way to monitor is by using the VMAN module. FMI: Virtualization Manager (VMAN) Knowledge Base | SolarWinds Success Center

If you download the latest installer (or use the central upgrade tool) then you should end up with the latest version + latest hotfix installed. 

I like the idea of a live chat, although that would get noisy fast without breakout rooms for specific questions (and pinned posts)! We were fortunate to be on an unaffected version still, but still stayed up most of the night confirming this to be true while also blocking internet access from our Orion servers. FireEye…

It would be best to read the full details in the links from SolarWinds, FireEye, and SANs, but in short: the compromised file is a core DLL and not the agents themselves. @"sjocchiogrosso" @"familyofcrowes" These links have the actual details that you won't find in news articles: * Security Advisory | SolarWinds * InfoSec…

Those articles are correct. Read them closely. This analysis is describing how the company itself was targeted over time. The attackers used several different pieces of malware to attack the company's servers. All of this was done to then inject the compromised code in Orion itself. The update to 2020.2.1 HF2 is still the…

No, the name "SUNSPOT" refers to the specific malware that was used in the initial targeted attack against SolarWinds. "SUNSPOT" itself was not found in the code, but was used as the means of compromising the code. You can read a detailed analysis directly from Crowdstrike's blog: SUNSPOT Malware: A Technical Analysis |…

Sorry all of the formatting got tossed somehow. I'll fix it try to revert asap in the morning!

Every SolarWinds Orion user should read the following two links and follow through with their systems immediately. https://www.solarwinds.com/securityadvisory https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html @"danielleh", thanks…

Yes, you can put the name of the array in your alert message. Here's what I use in the subject of an alert for when the status of an array changes: SAN ${N=SwisEntity;M=OperStatusDescription}: ${N=SwisEntity;M=Name} The resulting message says something like "SAN OK: ArrayName".

That's odd. The ?NetObject parameter should be passing a node ID (#) so I'm curious where it's getting those letter combos from. Have you opened a ticket with support? I wouldn't be surprised if this is something random that running the Configuration Wizard might fix.

SAM templates have had tags for a long time, but as far as I can tell, they're only used for grouping/sorting templates in admin. Do they also have other possible use cases that I've missed?

I wonder what would happen if you change your DB recovery mode from full to simple, run a backup, then run the DB maintenance task, and then switch back to full recovery mode?

You probably have seen by now, but HF2 was delivered as promised last night. Numerous Thwack members have already installed it in labs and production at this point. Good luck to all!

For sure. I've noticed the same, along with a few other random oddities still. Hoping our intrepid Thwack community leaders are able to get some rest and then start smashing bugs quickly!

Nice to hear! Also interested in hearing how that works. API polling in 2020.2 looks great, but I won't be able to try it out until GA release.

I'm out of ideas. Sorry!

Yeah! Well done!!

Ah, great! Thank you for clarifying.

Not sure if you saw my reply because of how it got posted into the thread. Let me know if the newer walk-throughs help.

Dude. It looks like those are "smart quotes" instead of straight quotes. Are you copy/pasting the string in? Try typing manually, paying special attention to anything that might auto-correct straight quotes into fancy angled quotes. Side note: what do the details show?

To turn off SSL certificate verification in Postman: * Open the File menu, click Settings. * On the General tab, you will see the option to toggle "SSL certificate verification." Turn this off.

Looks like database permissions.

Would GitHub be the preferred location for SW feature requests...or the preferred location specifically for SWAPI/SWQL feature requests?

You never disappoint!

pratikmehta003 wrote: Yes you can not matter what licensing u are using.. And i also tested by un-managing one application monitor but it did not have any change... so even if u un-manage, the count of component monitor will remain the same and not reduce... Thanks, pratikmehta003​. That is what I suspected, but wasn't…

Done! It took less than 2 hours to upgrade main, APE, and AWS. No errors or hangups.

user42 wrote: Ok great, that makes sense with what bogdan mentioned above. Glad you were able to get help understanding the correct answer. It would be nice to give credit to bogdan.stan@xpo.com​ or christopher.t.jones123​ for answering your question. Please mark one of their answers as the correct answer, and consider…

Progress! RPC server unavailable most likely means that there is a network or Windows firewall rule blocking your polling engine from running this script remotely. Some options: On the managed server, run "winrm quickconfig" to enable remote management, which will also enable the required firewall rule[s]. Check with your…

We've been told in the past that we should expect information about the latest GA release on SCP exams. That said, you can probably expect a lot of the content to focus on functionality that was already present before the latest release.