I am working on a trial. I am on a very restrictive budget and I am trying to keep my interface count down but I have around 750 just from my switches. What interfaces are best to cut or keep? Do you monitor all of the physical ports or VLANs? If you were going to cut one or other which would you cut? I assume most monitor the trunks. Thanks for the help.
As per the above.
We're lucky that we have an unlimited license but if I had to make real sacrifices I would be monitoring:
1. All uplinks (L2 or L3) - both ends, where possible.
3. End point device interfaces (e.g. servers, storage etc).
4. Port channels? e.g. LACP, PAgP
That should cover you for proactive monitoring and capacity management.
The only caveat is that if you're only monitoring one side (e.g. server interface) and not the other (e.g. switch interface), it's not entirely impossible that errors only show up on one side (maybe a duplex mismatch). And it'll be sods law it's not the side you're monitoring.
Monitor ports going to servers, routers, and inter-switch connections. This is important for automatically discovering errors for these important connections.
Also, monitor SVI interface used for management of the switch. Attached access devices can be monitored as separate nodes.
UDT is a useful product, for that you want each port monitored so you can find quickly what is attached to each port.
The NCM is useful for monitoring configuration changes, since administrative status will not be reported for unmanaged switchports.
Bottom-line: Monitor the most important physical ports and the management interface. Remember that you can monitor attached nodes separately, and by inference, that will indicate whether the switchport or SVI default-gateway they are using is operating correctly.
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.