- RSS Channel Showcase 7535129
- RSS Channel Showcase 5906985
- RSS Channel Showcase 1027884
- RSS Channel Showcase 6473995
Articles on this Page
- 11/07/17--07:25: _Solarwinds and Cybe...
- 07/17/17--08:30: _World Map automatic...
- 08/03/18--08:10: _running slow NCM 7.8
- 10/12/18--00:26: _Need Help on Solarw...
- 10/10/18--15:53: _Help with getting I...
- 10/12/18--10:34: _How to monitor avai...
- 09/04/12--07:48: _THWACK Store Items ...
- 10/04/15--23:32: _Multicast Troublesh...
- 09/12/13--06:59: _Cisco VPN bandwidth...
- 11/19/15--19:08: _DiscoverVolumesOnNo...
- 09/28/18--08:03: _How did you do in.....
- 10/03/18--07:45: _Attaching comments ...
- 10/05/18--11:01: _IPAM DNS Scanning
- 06/07/18--05:52: _UDT not showing MAC...
- 08/23/18--07:01: _Unmonitor Ports AND...
- 09/25/18--11:41: _IPAM update subnet ...
- 06/04/18--09:17: _What We’re Working ...
- 02/01/17--09:25: _Orion Dark Theme Op...
- 09/17/18--03:29: _Log & Event Manager...
- 02/27/14--13:02: _Alerts - Allow the ...
- 11/07/17--07:25: Solarwinds and CyberArk Integration
- 07/17/17--08:30: World Map automatic geolocation based on custom properties
- Newly added devices will be automatically added to the map if values are entered
- Newly added devices won't be added if they don't have values entered
- Devices will be removed from the map if their values are removed
- 08/03/18--08:10: running slow NCM 7.8
- 10/12/18--00:26: Need Help on Solarwinds Certified Professional : SAM exam
- 10/12/18--10:34: How to monitor available disk space?
- 09/04/12--07:48: THWACK Store Items & FAQ - Updated August 16th, 2018
- The THWACK Store can be found here, or by clicking the "SHOP" portion of the THWACK navigation, above.
- We have an amazing new and improved order process. Check it our here.
- Need more ways to earn points? Click here to find out how.
- Having issues with an order? You can contact us here at any time. We'll be sure to get back to you within 2-3 business days.
- 10/04/15--23:32: Multicast Troubleshooting
- 09/12/13--06:59: Cisco VPN bandwidth usage by user
- 11/19/15--19:08: DiscoverVolumesOnNode and AddVolumesonNode verbs
- 09/28/18--08:03: How did you do in... THWACK MONTHLY MISSION - SEPTEMBER 2018
- 10/03/18--07:45: Attaching comments to reserved addresses in IPAM?
- 10/05/18--11:01: IPAM DNS Scanning
- 06/07/18--05:52: UDT not showing MAC address and connected device on ports
- 08/23/18--07:01: Unmonitor Ports AND Rogue Endpoints in UDT
- 09/25/18--11:41: IPAM update subnet range through SWIS?
- 06/04/18--09:17: What We’re Working on for Log Manager (Updated September 17th 2018)
- Windows Event support– you can currently leverage the Event Log Forwarder to transmit Windows Events as syslog to LM. We are working on native support for Windows Events.
- Log Forwarding - forward important log data to other applications via a LM Log Rules, while optionally preserving the Source IP address.
- Log Manager Rule Enhancement including processing order adjustment, pre-populated drop-down menus and field extraction.
- 02/01/17--09:25: Orion Dark Theme Option
- 09/17/18--03:29: Log & Event Manager 6.5 is now Generally Available
- Log Forwarding: LEM now includes the ability to forward raw log data from both syslog and agent devices. This log data can be forwarded to any application including SIEM and log management tools which support syslog ingestion. Both RFC3164 and RFC5424 syslog formats are supported. You can view the steps to enable log forwarding here.
- Azure Deployment: LEM 6.5 provides greater flexibility on where you deploy your LEM appliance thanks to official support for deployment on Microsoft Azure. You can now deploy LEM in the cloud and transmit both your on-premises and cloud based log data to LEM.
- 02/27/14--13:02: Alerts - Allow the email subject and body to be customized
Two main reasons to it:
1. CyberArk works as a password vault and hence it can securely store the credentials used by Solarwinds (user name + password)
2. CyberArk comes with certain level of automation as well which can sync/change the password on the tool (for service accounts where there is a restriction to change the password every 'X' days, this feature would come into play where CyberArk automation can be used, if Solarwinds can expose a API or something for automatic password change/sync on Solarwinds tool (credentials section like Windows Cred or SMTP Cred or ....) without any downtime on the tool or without affecting monitoring of devices performed by Solarwinds (without skipping a poll) then it would be a cool feature.
I have seen few idea's in the past with respect to the same:
SolarWinds supports automatic geolocation but this is limited to using the SNMP Location field and it is not always possible for this field to be modified to suit the requirements for geolocation.
I suggest that the geolocation feature be customisable to allow custom properties to be used for the device locations (e.g. longitude/latitude).
SolarWinds suggest using the following process but this is still manual and requires an export/import of the custom properties each time. This process also does not allow the name of each location to be imported (sites show unknown).
This new feature would automatically update the map if certain custom properties have values (or have had values removed). Examples include:
This request also ties in to a similar request - allowing us to import the location name when importing the coordinates.
(Sorry if there is already a feature request for this; I fail at thwack search if there is)
We have recently migrated from NCM 7.7 to NCM 7.8.
The Config Backup Jobs are running extremely slow. In NCM 7.7, it used to complete in less than 3 hours and with NCM 7.8 , it takes 18 hours !!
Has anyone experience this slowness ??
I need to face for Solarwinds SAM exam in near future, So I have checked the preparation guide @ SolarWinds Certified Professional SAM Exam Preparation Guide - SolarWinds Worldwide, LLC. Help and Support
But all I need to know whether there any practice test or dump available for this? And how much is the pass mark? How many times I can retake the exam?
If anyone of you faced this SCP Server & Monitoring exam, Please help me out...
Can anyone provide some details on what Invoke-SwisVerb is looking for:
Invoke-SwisVerb -SwisConnection $SwisConn -EntityName Cirrus.ConfigArchive -Verb ExecuteScript ($NCMID, $TestScript, "admin")
I have tried $NCMID with and without ' in it, but same results.
PS W:\> $NCMID
PS W:\> $TestScript
Get the following response:
Invoke-SwisVerb : Verb Cirrus.ConfigArchive.ExecuteScript cannot unpackage parameter 0 of type System.Guid
At line:1 char:1
+ Invoke-SwisVerb -SwisConnection $SwisConn -EntityName Cirrus.ConfigAr ...
+ CategoryInfo : InvalidOperation: (:) [Invoke-SwisVerb], FaultException`1
+ FullyQualifiedErrorId : SwisError,SwisPowerShell.InvokeSwisVerb
I have setup volume alerts for disk space. They use Orion global settings for Warning at 80% and Critical at 90%. That is all fine and dandy, until we need certain servers to actually have the ability to alert us on a specific disk space amount, say, 1 GB. I don't want to alert on a 1TB drive because it's 90% full....I want to be able to adjust that on per node basis, just like we can do with CPU and Memory.
Is there any way to accomplish that? We are cleaning up "baked in" alerts now and have quite few volumes that need to adjust.
Thanks for your help!
Welcome to the pride and joy of the THWACK team - our community-based store! Here, you can spend your hard-earned THWACK points on some amazing items. We're very excited to be able to give back to all who've helped us along the way with feedback, contributions, and your work with the SolarWinds teams. Below are the items available for purchase, and a little information on how the process works.
Frequently Asked Questions
Will I lose my spot on the leaderboard or my badges if I purchase an item from the store?
No, you will not lose your spot on the leaderboard nor your badges. However, the store will deduct these points from your available balance. For example, if you have 5,000 points and you purchase a laptop sleeve for 2,000 points, your point value will reflect 3,000 but your spot on the leaderboard will not change. In other words, the leaderboard runs off of your lifetime balance and all of your earned badges will stay in your profile.
Is the shipping cost covered?
Yes. There will be no cost to you.
What countries do you ship to?
United States, Canada, United Kingdom, and Germany are currently the only countries we ship to.
My points were deducted, but I don't live in any of the eligible countries for shipping. How can I get my points back?
Please email firstname.lastname@example.org for assistance.
How soon will I receive my item?
After your order has been processed and shipped, you should receive your item within 7-10 business days. If an item is on backorder, you may not be notified automatically. You will receive your item, but it may take up to 30 days to restock the item.
How do I purchase an item from the store?
You will begin the purchasing process in a similar way, but will soon see the changes. You'll be presented with a list of products you're able to purchase. After clicking the purchase button, the item card rotates and presents a "confirm" button.
After clicking Confirm, you will be presented with a shopping cart dialog. Here, you can review the items in the cart, checkout, or keep shopping. A recent feature includes the ability to remove the item from the cart.
A new icon in the header will show you the current number of items in your cart. Clicking this icon will also bring up the shopping cart dialog. No longer will you lose your order if you have to step away!
Clicking the Checkout Now button will transition the dialog to a form that allows you to fill in a new address. Selecting the "Save this information to my user profile" checkbox will make sure your address is pre-populated for any future orders. You'll still be asked to verify your address before shiping.
Once finished, you click on the Complete Order button.
After clicking the Complete Order button, you will then be presented with an Order Complete dialog, explaining what happens next.
Until an order has been confirmed Received by our fulfillment vendor, you will see an order status icon in the header bar next to your login name. The number next to the icon indicates the number of open orders.
Clicking this icon will present an Order Status dialog that shows the fulfillment stage the order is in, along with a link to track the package it has already been shipped. You'll also note orders can be in three major stages: Order Submitted, Order Processing, and Order Shipping
Questions? Feel free to post a comment below.
NPM currently provides Multicast monitoring. However, we find multicast troubleshooting still fairly complex ..It would be good to have a Multicast Troubleshooting tab that incorporates the following -
1. Check Multicast Source
2. Check Multicast Network
3. Check Multicast Receivers
Source / Reciver checks -
show ip igmp groups
show ip mroute
Network checks -
show ip pim neighbor
show ip pim rp mapping
Some of these basic features could be a part of Engineers Toolset (Under the Enhanced Ping) while NM could have a tab under Multicast.
I would like to see the ability to report bandwidth usage by the user account when connected via VPN. When a user connects via VPN and browses the internet this traffic is not reported as being sourced from the VPN IP that the user was assigned, but by the firewalls outside interface IP. This makes it impossible to know how much internet bandwidth this user used while connected to the VPN. The username and source/destination IPs are reported in the firewalls syslog, so a way to correlate this information into a report would be very handy.
I would like the above verbs to be added to the Orion API so that I can programmatically and in an automated manner discover and add volumes into my SolarWinds environment. Currently this is a manual process that runs several times a day and eats up several man hours every month to just add the new volumes found in a discovery Thanks!.
Let me know how did you do... It's just for fun...
Apologies for asking possibly silly questions.
Can we add comments to particular entries, so we can retain the full entries from our outgoing hosts file?
Finally getting around to adding DNS to IPAM and a question came up that I didn't have an answer for.
Is there any reason we should add all of our DNS servers to IPAM? We have 7 domain controllers currently, but I have only configured one to allow zone transfers - merely testing at this phase. But later down the road, is there any reason to add the remaining servers?
Thanks in advance!
It seems that after changing switch devices from SNMPV2 to SNMPv3 UDT no longer show port information. NPM info all looks good interface , hardware monitoring etc.... all good
I need someone to explain how UDT and Rogue Endpoint detection should work. It seems miserably flawed to me and support is giving me the run around saying it's doing what it should be doing. If that is the case the product is severely crippled for our intended use case.
Our plan was to use UDT to monitor rogue endpoints when they show up on certain networks. We use all the other functions as all that integrate with IPAM as well. The problem we are seeing is that when you add a node from Orion or discover ports, it brings in all endpoints it sees even on trunk ports and adds them to the rogue device list. We want to start by monitoring and then whitelisting only devices connected to ports that are not secured in a data closet or data center. This approach is taking small bites off of the network evaluating endpoints that are not on our whitelists (initially comprised of AD exports and VM exports of known MACs, we only use MAC whitelisting as anything else doesn't really make much sense in our environment) and then deciding if they should be whitelisted, removed, or perhaps watched. Call it poormans NAC if you will but for now it's better than nothing.
Now here is the problem, when a node is added, or ports are discovered it starts monitoring all the ports by default. When it monitors things like trunk ports it brings in endpoints that at that moment are out of scope. So using common sense we decided OK lets just unmonitor those ports in UDT, if it's not monitoring the port it won't see the endpoint and those will go away. Well they don't, they remain and the endpoints on the unmonitored ports stay on our rogue device list indefinitely. The endpoint marks it as Last Seen: CURRENT which makes no sense if I'm not monitoring the port. I then took one step further and deleted the port from UDT, no change. I then, per support, wiped all data relating to UDT and started over, re-added a switch and router, performed the same steps and ended up with every endpoint it could see because it started monitoring all ports when added. Trying to create my own work around I decided to limit which ports it monitored as part of the discovery (UDT Settings --> Advanced Settings --> Monitored Port Types) Set this to only include the ethernetCsmacd (6) type which would exclude trunk ports etc. No luck the discovery by default ignored this setting and attempted to discover all available ports. So this setting does ?, nothing?
After going back and forth with support asking why I'm getting endpoints showing as current, why it's monitoring all ports, why they won't fall off the rogue device list (which we have set to "Past Hour"), and how someone is supposed to accomplish our use case.... the answers I received were start over, or whitelist all devices that are showing and review devices going forward. Well that last one violates pretty much every concept of whitelisting and authorized device review by blindly trusting that what we have in current state is good, awful idea. Not sure the point of UDT Rogue Device if for every device that shows up you just whitelist it, or as also suggested enable the 3 default rules for MAC, IP, and DNS to whitelist all nodes.... again not sure why you would want to ever do this if you WERE interested in reviewing and managing the devices on your network. I also can not get a good answer as to why when I unmonitor a port do the endpoints on that port remain, as if it's monitoring the endpoint now instead? We set retention settings to 1 day, ran database maintance and have waited 5 days and no change the endpoints all remain on the Rogue device list all marked as CURRENT.
HELP!! Can someone, anyone explain how this is supposed to work? I'm being told that this is normal but then that it's also not normal, and then silence from support. I'm doing 1. what the sales team said is normal and reasonable 2. The steps that are defined here:
"Our first objective is to identify those devices (nodes and endpoints) that connect to the network. This information will then help us create device profiles and help us determine which devices are authorized."
"Our second objective is to identify and verify which devices are authorized to use the network and to construct access controls using whitelists"
Is there a way we can update subnet range through SWIS? I have a lot of subnets which don't have range populated & would be helpful to do it via an API.
Log Manager for Orion 1.1 has shipped and we’re already hard at work building the next release. Here’s what we’re working on:
Please provide the option to switch the website into a "Dark Theme"
Not only is this an often preferred experience for users, but it is a very standard practice in most NOC environments where the overhead lights are generally dim (think Mission Control)
I am pleased to announce general availability of LEM 6.5, which introduces the ability to forward raw log data to other applications and support for LEM on Azure. If you are a customer on active maintenance, this is now available in your customer portal. If you are not an existing customer and interested in downloading a 30-day evaluation, you can do so here. This release includes the following features:
For more information on this release, please see the LEM 6.5 Release Notes
The SolarWinds trademarks, service marks, and logos are the exclusive property of SolarWinds Worldwide, LLC or its affiliates. All other trademarks are the property of their respective owners.
I want to be able to customize the email subject and body for DPA alerts, including choosing dynamic data fields so I can deliver the information users need in the order they need it.