I think we can all agree why we initially saw the value of using NetFlow for troubleshooting and to provide the necessary data for apply policies around managing the data that traverses our networks. Now that your solution is in place and adoption activities are over now what? As my solution matures and new supporting processes are in place, I begin to look for ways to do more with the data that I am collecting.
I wanted to see what the community thought about the following questions.
One thing you need to make sure that you do is to add a blacklist capability for AD accounts. We had User Device Tracker for a while but we had to get rid of it because of the lack of this feature.
The problem is that we have a desktop management system that does logins to all workstations periodically, which would overwrite UDT's knowledge about the user login. There needs to be a way to tell any user-to-IP mapping feature that's based on AD logs to ignore all activity by a list of accounts.
I have a link in Orion that pulls a report from SCCM. The report shows the host IP, hostname andlast user to login to that host.
All I do is search for the IP or hostname and it gives me the User ID from the report. I then query the directory for the username and phone number.
It would be nice if this was automated.
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.