↧
MINUTEMAN SNMP-NV6.UnDP
↧
ASA firewall monitoring
Is it possible to create an alert that would fire on an event like this Module sfr experienced a data channel communication failure the reason seems to be a SSM card failure.
Syslog output
12/16/2015 1:00:02 AM |
| Alert | :%ASA-ha-1-103005: (Secondary) Other firewall reporting failure. Reason: SSM card failure |
12/16/2015 1:00:01 AM |
| Alert | :%ASA--1-323006: Module sfr experienced a data channel communication failure, data channel is DOWN. |
12/16/2015 1:00:01 AM |
| Alert | :%ASA--1-323006: Module sfr experienced a data channel communication failure, data channel is DOWN. |
↧
↧
NPM critical alert view
I'm trying to use the "Custom Query" view display only active critical NPM alerts. Does anyone have a query for this?
↧
Custom SWQL Views Manager Resource
↧
OID not working in SolarWinds but works in PRTG
So recently we got some new SNMP-NV6 cards for our Minuteman UPS and after comparing it to the older SNMP-NET cards they should use the exact same MIB. I added them to SolarWinds and noticed it was grabbing any data for whatever reason.
After adding them to our other network monitoring system, PRTG, I was baffled when it got these results.
So when i added my new NV6 cards in the new UPS to PRTG it seemed to work and grabbed logical data from it. and using the OID 1.3.6.1.4.1.2254.2.4.7.5.
Meaning that OID does indeed work and it can communicate with out network. But look at the following screenshot i took from UNDP on my SW server.
I used the same exact OID but it doesn't grab me any data. Anyone got an idea what I could be doing wrong? It bugs me when the PRTG admin can do something I can't do in SolarWinds
↧
↧
Orion vs PRTG
Hi,
does anyone have some comparison document between Orion NPM and PRTG?
Regards,
Davor
↧
Uptime and Downtime Report
Is there a way that we can create a report that displays below fields?
Node | Event Time | Status
Values should be Node with down events and up events.
I used the EVENTS to create a report. And i choose the fields EVENT TIME, NODE NAME and STATUS. But only up status were displayed.
When I filter the STATUS with up and down, same output shown.
Thanks!
↧
Change logs
Which Solarwinds/Orion log file has the logs of any changes made to configurations, specifically whether an alert was disabled and by which user?
I had a bunch of alerts turned off and it had a pretty huge impact on revenue and I need to find out who made the change and when the changes were made.
↧
Current Outage Duration for Down Nodes SQL query stopped working after upgrading to NPM 11.5.2
Hey all - so we had a report that showed currently down nodes and their current downtime. worked great in 11.0.1 and when we upgraded to 11.5.2 most of our sql stuff broke. Is the below query still valid? because we currently have down nodes and the report isnt selecting anything.
SELECT
n.NodeID,n.Statusled,n.Caption,TriggerTimeStamp AS Event_Detected,DateDiff(hh,TriggerTimeStamp,GetDate()) AS Duration_In_Hours,
DateDiff(Mi,TriggerTimeStamp,GetDate()) AS Duration_In_Minutes
FROM AlertDefinitions ALD JOIN AlertStatus ALS ON ALD.AlertDefID=ALS.AlertDefID
JOIN Nodes n ON ALS.ActiveObject=n.NodeID
Where AlertName LIKE '%Down%' AND als.ObjectType='Node'
AND als.State=2
↧
↧
Website configuration has failed - Web request for /Orion/Login.aspx failed
Configuration Wizard error message after Upgrade of NPM to 11.5.2
When I try to run configuration Wizard I receive the following error message "Website Request for /Orion/Login.aspx failed. The underlying connection was closed. An unexpected error occurred on a receive."
The same error was experienced here Web Request for /Orion/Login.aspx failed however I do not see the same options as it is suggested on the response. My installation is running on a VM and I am currently connected via the console. Any help that you can provide would be much appreciated as I can't continue with all module upgrades.
Thank you,
↧
Web Request for /Orion/Login.aspx failed
I recieve the following error when I run the Orion configuration wizard:
Website configuration failed:
• Web Request for /Orion/Login.aspx failed - The underlying connection was closed: An unexpected error occurred on a receive.
I have not seen this error message in the forums....has anyone seen this issue before? I beleive that it is an issue with our IIS, but can't pinpoint where? Help?
↧
How Can I poll the OS version for Linux Servers?
Is there an easy way to display the OS version for my Linux servers?
Machine Type only displays net-snmp - Linux
Operating System is blank
↧
CDP_Neighbor_Resource_v2.SWQL
↧
↧
What We're Working on for NPM (Updated December 18, 2015)
Since the release on NPM 11.5 we've been hard at working building the next round of exciting functionality and improvements in existing functionality. I'm pleased to share the following list of items we're working on:
- Updated UI Look and Feel - The UI is receiving some love this release, spanning across NPM, SAM, VMAN, and the other Orion based products.
- Deep Visibility into F5 load balancers - Covering things like connection counts by VIP and server. NPM F5 infoFEATURE REQUEST - F5 Load Balancers - Show Wide IP status, GTM Server List, etc - Case #448234
- Monitoring for Cisco Switch Stacks (3750, 3850, 2960S) - Covering things like stack master, stack ring health, enumerating members, tracking member changes, per member hardware health, and so on. Cisco Stack monitoring
- NetPath - Automatically discovers and monitors network paths for your on-premise, hybrid, and cloud-based applications (such as Salesforce.com). Provides multi-path visibility and hop-by-hop performance metrics so you can quickly identify and isolate network issues that are impacting your users.
- ServiceNow Integration - Automated ServiceNow incident creation, update, and closure out of the box.
- Syslog / Traps / search improvements - Search Enhancements
- Unmanage behavior improvements - Unmanage reason (like shutdown tracker in Windows 2008)Silence Alerts While Still MonitoringUnmanage reason (like shutdown tracker in Windows 2008)Show 'Unmanaged' durationSilence Alerts While Still Monitoring
- Manage Pollers improvements - map sysoid values to arbitrary text for node details properties. Unknown Devices: admin mapping of sysObjectID to Vendor and MachineType
- Enhancements to view restrictions
- QoE Transport-Layer Metrics
Ongoing Initiatives:
- Increased scalability per SolarWinds instance (target of 250k elements / instance)
- Improved performance and decreased resource load times via analysis with SolarWinds DPA
- Increased number of pollers possible per instance
↧
NPM - unable to add resources, submit button not working
Hi Everyone,
I was wondering if anyone else has had issues with listing resources on nodes/devices and you go down the list put the check mark next to the interface to add to monitoring and click the submit button and nothing happens. There are times where I have had to add an interface 3 times before it actually shows up for monitoring.
↧
A lot of reports for BGP/LDP/CryptoTun neighbors state/flaps.
↧
SNMP Polling Meraki Devices (NPM 11.0.1) - How To
Background:
Thousands of Meraki devices needed to be added to Solarwinds for my situation, and so the hunt began. First stop was Meraki for some help, which led me to this document: https://docs.meraki.com/download/attachments/13500458/ConfigurationGuide-Meraki-SolarwindsSNMP%20(2).pdf?version=1&modif… The document's instructions weren't for the implementation that I was looking for, and that document was all I could find in online. What I needed was to poll the devices directly instead of through the dashboard. When I followed Meraki's document for alerting, it wasn't what I was looking for. Passing relevant information to the alerts wasn't available, based on Meraki's instructions. Eventually, I accidentally stumbled upon the answer, and now looking back it seems so simple .
How-To Steps:
- On the SolarWinds Network Discovery page, create a new discovery
- Use the SNMP string that was input on each Meraki network under Network-wide>General or Configure>Alerts & administration (located on Meraki's dashboard) and click ‘next’
- SNMP settings include the version (V1/V2c), and a SNMP string. They are located under 'Reporting'
![Meraki SNMP.png]()
- Uncheck ‘poll for VMware’ and click next
- Uncheck ‘add to NCM’ and click next
- Click ‘next’ on the windows credentials page
- Paste in your Meraki IPs and click on ‘next’
- Set the Discovery name and click on ‘next’
- Set your discovery schedule and click on ‘discover’
- Select the Meraki device interfaces you’d like to import and click ‘next’
- Selecting the advanced options section can help for picking out specific interfaces.
- Click ‘next’ on the volume type page.
- Click ‘import’ on the import preview page.
- Wait for the import to finish before clicking on ‘finish’
Results:
Here's a Meraki MX80 that's been added.
Here's an MR16 that's been added:
After the nodes have been added, I setup alerts and they'll be able to pull helpful information (Hostname, IP, Custom Properties, etc.) when an event happens.
Misc. Info:
Version info: NPM 11.0.1
Devices I've tested:
Firewalls
MX80
MX400
Wireless Access Points
MR16
MR18
Switches
MS22P
Current issues:
From the screenshots you can see that the Last Boot date isn't correct, however that isn't a pressing issue for me.
I hope this will help some of you, and feel free to ask questions.
I'll be adding updates as more info comes in, so feel free to post what you have run into.
Message was edited by: Naters
↧
↧
Alert Prioritising Dashboard (SWQL) for Problematic Nodes (Servers)
Here is an example to use SWQL to build a view to display problematic nodes (servers) with issues from one or more flowing areas:
• Node Status (column name: CONN) - (1 UP, 2 Down, ignore other status)
• Node Response Time (column name: M_SECS) - in milliseconds, (> 0 OR When Node is Down, it is -1). If M_SECS> 500: Warning, If M_SECS> 500: Critical
• Node CPU Load (column name: C_LOAD) - in percentage, (Between 0 - 100). If C_LOAD > 95: Warning, If C_LOAD > 98: Warning, If C_LOAD =100: Down
• Node Memory Usage (column name: R_Load) - percentage, (Between 0 - 100). If R_LOAD > 95: Warning, If R_LOAD > 98: Warning, If R_LOAD =100: Down
• Node Highest Volume Usage (column name: V_PERCENT) - (Between 0 - 100). If V_PERCENT > 95: Warning, If V_PERCENT > 98: Warning, If V_PERCENT =100: Down
• Node Hardware Components worst Status (column name: HW_Status) - (UP, Undefined, Unknown, Warning, Critical, n/a)
• Node Application worst Status (column name: APP_Status) - (UP, Unmanaged, Unknown, Unreachable, Warning, Critical, Down, n/a)
In order to the worst (highest priority) condition are shown on the top of the list I gave each status different scores, and each column different weights. Then calculate total score as the priority. Here is the calculation:
• wConn (Connection), scores: Down - 1000, Up - 0; weight 1.00
• wTime (Response Time), scores: > 1000ms - 80, >500ms - 10, other - 0; Weight 0.75
• wCPU (CPU Load), scores: 100% - 600, >98% - 80, >95% - 10, Other - 0; Weight 1.00
• wRAM (Memory Load), scores: 100% - 600, >98% - 80, >95% - 10, Other 0; Weight 1.00
• wVol (MAX(Volume Usage)), the highest volume usage of all volumes on a node, scores: 100% - 600, >98% - 80, >95% - 10, Other 0; Weight 0.75
• wHW (Hardware Status (worst Value)), the worst HW component status of a node with HW monitor enabled scores: Critical - 80, Warning - 10, Up - 0, other 1; Weight 0.50
• wApp (Application Status (worst value), the worst application statues of a node with application monitors assigned. scores: Down - 600, Critical - 80, Warning - 10, Up - 0, other 1; Weight 0.50
Maximum Total Weighted Score (Exclude wConn): 80*0.75 + 600*1.00 + 600*1.00 + 600*0.75 + 80*0.50 + 600 *0.50 = 2050
Priority = ROUND((t1.wTime*0.75 + t1.wCPU*1.0 + t1.wRAM*1.0 + t1.wVol*0.75 + t1.wHW*0.5 + t1.wApp*0.5)/2.05 + t1.wConn*1.00, 2)
Final Priority value is between 0 and 1000.
You can change the score and weight to meeting your requirement.
Steps:
- Create a view; add “Custom Query” resource.
- In the view, edit Custom Query:
- In the Custom SWQL Query box, add the codes in attached file “thwack-swql-alerts.txt”
- Enable search, and in Search SWQL Query box, add the codes in attached file “thwack-swql-alerts-withSearch.txt”
Done!
Using Search:
• By Node Name
If you want to just display a node or a group of nodes with similar names, type node name or part of the name in the search box and click search button.
• By Connection Status
If you want to just display nodes in DOWN status, type “n 1” (white space between n and 1) in the search box and click search button.
• By CPU or RAM or Volume usage
If you want to just display node with CPU or RAM or Volume usage above certain level, using the following:
o “c 80” (CPU usage above 80%)
o “r 80” (Memory usage above 80%)
o “v 80” (Volume usage above 80%)
• By Hardware Status
If you want to just display node with certain hardware status, type “h status” (‘status’ can be one of the following: UP, undefined, Unknown, Warning, Critical, n/a).
• By Application Status
If you want to just display node with certain application status, type “a status” (‘status‘ can be one of the following: UP, Unmanaged, Unknown, Unreachable, Warning, Critical, Down, n/a).
You can customise the query to meeting your requirements.
Thanks Alex Soul's post https://thwack.solarwinds.com/docs/DOC-174568, which is very helpful!
===========================
Update: As Alex suggested, I have updated the query and new files are attached. Thanks Alex!
===========================
Update: 11/March/2015
I have added 2 addition columns for Alert Prioritising Dashboard.
One column is AlertTime, another one is Acknowledge (Ack). The Ack column is click-able. Right click it and open a new windows to View or Acknowledge an alert.
Please see the additional document at https://thwack.solarwinds.com/docs/DOC-176727
============================
Update: 11/11/2015
The original query is for NPM & SAM, but if you only need NPM (network nodes) part, I did create another two queries for network devices only.
The files: "networkNOC-ForThwack.txt" and "InterfaceNOC-ForThwack.txt" are attached.
"networkNOC-ForThwack.txt" is for network device (NPM) only.
"InterfaceNOC-ForThwack.txt" if is for network Interface only.
Both are limited to Vendor = 'Cisco', you can change it to meet your requirements.
↧
How to present OID returned value as text in Network Atlas map?
How to present OID returned value as text in Network Atlas map? Does anyone know how make the OID returned value show up in map instead of Green/Red status icon? I am monitoring a UPS and want to build a Dashboard or Table with various Input and Output voltages, frequencies, etc. to be presented as values.
↧
Volume Alert not triggering
I have set up a volume alert that if the item is a fixed disk with less than 5% of disk space available to send an email alert to a distribution group. I did a simulate on the email alert to make sure the variables were correct. When it triggered, it triggered an alert in the active alerts and never triggered the email alert at all. There were 8 volumes it triggered on, but not on emails. I checked all my settings and even the active alert said it triggered an email alert, but no go. Any ideas as to what is missing?
↧