• State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 38 subscribers
  • Views 502 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Palo Alto Version Change Alert

harrisa94

Hello,

We are currently using NPM 11.0.1 and will soon be going to NPM 12.1.  We would like to monitor poller names below and send an alert any time the either of the system versions change.  We created the UDP and the current status of the respective versions are displayed.  However, we are unable to create an alert for when the version changes and include the new version in the email alert.

panSysAppVersion

panSysAvVersion

panSysSwVersion

panSysThreatVersion

panSysUrlFilteringVersion

Below is the trigger condition we created for panSysAppVersion in NPM 11.0.1.  Please let me know if this will trigger the alert we are looking to get?

pastedImage_5.png

Below is the trigger action we created for the same UDP, panSysAppVersion.  So basically, we want to receive an email alert notification that tell us the version has changed and what the new version is.

pastedImage_6.png

The issue we are getting with the email alert is that no matter which UDP we use in the trigger condition, the 'current (new)' version highlight below always returns the same version from the initial test on a particular node.  In the example below 2292-2780 is displayed which is the AV version.

pastedImage_7.png

Also, in with NPM 12.0, I could not find 'value' or 'has changed' as a trigger condition.

I would appreciate any help with this.

Thanks,

Tony

  • 0

    I think in the UNDP you are using the option to keep Historical data therefor its using the older previously stored value .

    pastedImage_1.png

    I would suggest instead of creating the (Table Poller) create individual Poller for OID and then do not use the option to Keep Historical Data . 

    in Version 12 its built in

    pastedImage_6.png

  • 0 in reply to GoldTipu

    @harrisa94 By the analysis I did using NPM 12.1 demonstrated by the attached images, I identified in principle that data collected through the Custom Node Poller (UDP) does not provide the information of Last Change in the same way as for information of Nodes.

    The Last Change information for Custom Node Poller (UDP) is actually the last pool made on the machine.

    I believe that the best thing to do is to open a SolarWinds call to validate with engineering, if you can create an alert in this way that you need using Last Change of Custom Node Poller (UDP).

    PA01.PNG

    PA02.PNG

    PA03.PNG

    PA04.PNG

    PA05.PNG

  • 0 in reply to GoldTipu

    Malik,

    It looks like your suggestion may work for panSysSwVersion but not for the other version pollers below as there is no trigger action specific to them.  Is that correct or am I missing something?

    panSysAppVersion

    panSysAvVersion

    panSysThreatVersion

    panSysUrlFilteringVersion

  • 0 in reply to harrisa94

    Malik...Or can I use the same trigger condition (IOS Version has changed)  like I used in panSysSwVersion?

    pastedImage_2.png

    Thanks

  • 0 in reply to GoldTipu

    Malik,

    I used the same trigger condition for each of the pollers and it seems to be working as expected.  Below is the trigger condition I used.  I used the trigger action variable '${N=SwisEntity;M=CustomPollerStatusScalar.Status}' to display the current version for each of the pollers except 'panSysSwVersion' were I used '${N=SwisEntity;M=Node.IOSVersion}' for the variable to display the current version. 

    Please let me know if the trigger condition I configured below will in fact trigger an alert if the version changes for the 4 pollers below or will it only work for the software version poller.

    panSysAppVersion

    panSysAvVersion

    panSysThreatVersion

    panSysUrlFilteringVersion

    pastedImage_0.png

  • 0 in reply to harrisa94

    Malik.....Last post for the day

    I think I answered my own question in my previous post.  Correct me if I am wrong, but the 'IOS has changed' trigger condition can only work for the 'panSysSwVersion' polle.  If this is the case then how can I go about setting up the correct trigger for the other pollers?

    Thanks

    Tony

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.