Using nDepth explorer to create on demand tables/charts

I'm also new to LEM but I'm starting to find may around nDepth pretty good now for ad hoc reports. I can't give you specifics because we don't have an ASA, but I can give you a start in finding what you need. In the upper left hand corner of nDepth move to slider to the A, which is text mode. In the search line enter the destination IP, change the time range to Last Day, click the run arrow. You'll get all the events associated with that IP. Peruse the events and look for ones that match what you need. On the left you'll see categories of events, You can match those to what you see in the event list's fields. Change the slider back to Drag & Drop mode, drag event fields to the right of the IP address. Run the report again. It's not always intuitive to find what you need, so keep playing with the fields this until you get results you want. But everything is there you just have to find it. You can also hover over the blue bars to the right of the query box and change the AND to OR if needed. Once you do you get the data you're looking for you can click the gear on the upper right and save the report so that all you have to do is click on it next time. You can also schedule reports to run automatically.

Also, any reports you create under your log in are specific to you, they are not global, unless you schedule automatic reports to an email group.

This was where I had a hard time also!  A great LEM tech taught me how to go into nDepth and click Event Groups in the 2nd column of the screen, then click on the Any Alert Event Grop, then below that you'll see the Events/Fields that are common to all groups. Usually you will want to click and drag the "DetectionIP" event up to the top where it says Drag search items here, then you'll see that it creates an equal sign to the right of that Event and you can just type in your server IP there surrounded by asterisks (to the right of the pencil icon). For example it should say AnyAlert.DetectionIp = *.10.1.1.1* but wait theres more!! Way over to the right of that, to the right of the blue play/go button/triangle. Click the down arrow where it says Last 10min, then look closely and you can select a date range and below that you can specify exactly what time range!! Now the tricky part is just click that same down arrow again to make it take effect, then click the blue play/go/search button and you'll see a lot of info. But wait there's more!! Back over on the left in that 2nd Column, click the Refine Fields option with the blue filter icon and it will show you a count of each type of Event that has been logged for the currently queried info. You may also need to click the Result Details icon at the bottom center of your screen (2nd icon from the right down there... looks like a stack of disk cylinders with a page on top. But wait there's more!! You can click and drag those Refine Fields sections up and drop them to the right of your existing query fields and click that blue search button again and it'll show you exactly those results. Feel tha POWER!! LOL Make sure to give me a million points please!!

nDepth has limitations for data older than a month also, per this article:

No nDepth results older than a month - SolarWinds Worldwide, LLC. Help and Support