After migrating an old installation to the newest NPM, when importing my old alert actions from Alert Manager 2012.1.0, all my alerts seem to be broken.

For example, I have an alert setup to send an email with a link to the Netflow traffic Top 10 Talkers when an interface reaches 80% of its bandwidth usage. In the old Alert Manager this would send out an email without any issues. In the new system, I am getting variables that are just showing up as ${Interface.InPercentUtil}% instead of the percent utilization they'd normally show up as. The body of the email is also just an error, "MACRO SQL ERROR - Invalid object name 'NetFlowAlertMacros'."

So my question is, is there an easier way to send out an alert email with the top 10 talkers on that interface or a better way to fix the imported actions?

Hello,

I am working on a clean up activity and require to delete the interfaces in unknown state for almost 1300+ nodes. I tried deleting the interfaces on manage nodes and then listed resources for a node and selected only the UP interfaces. But i see that the unknown interfaces are still showing up on the interfaces box.

Is there a way where i can have them not show up and have only the UP interfaces?

Also is there a way i can do this in a bulk rather than manually doing this on each node?

TIA,

Malcolm.

Has anyone setup solarwinds to display on tv monitors.  I can't find any documentation for this procedure.  At my site they use vbrick for cable tv

The website content is all in English, but when I click on the "settings" page, it's displayed in German.  My local PC does not have the German language pack loaded so it must be something on the server.  We've tested both IE and Chrome on a couple of different PCs and all the same issue.

It was all in English on Friday, today is Monday and now the settings are German.

No recent upgrades to the application.

How can I fix this?

Can someone recommend a good modem to use with notepager pro for Orion NPM alerts?

I have a Netpath connection from my Solarwinds Orion server to a customer.  This first connection on the path shows a 30% packet loss w/ 13ms latency.  This is my local firewall.  Pinging the firewall from my Solarwinds Orion server directly reports back 1ms, and no packet loss.  Any ideas?  The reason in the image for the subnet change - this firewall has multiple LAN and WAN addresses.  I'm assuming NPM is using the default LAN address, even though Solarwinds is using 10.101.101.1 to get out.  To verify it's not a routing issue I've also pinged 10.0.1.1 from Solarwinds and received the same result from pinging 10.101.101.1 - low latency and no packet loss.

My company has used multiple modules (NPM,UDT, VNQM, NTA) from the Orion family for the last 10 years. We are now beginning our deployment of a Cisco ACI infrastructure with a VMWare NSX overlay for our Data Center environment. What is the current level of support for this environment in Orion? What is planned?

Hi,

just upgraded our platform from NPM 11.5.3 to NPM 12.0.1 but now alerts in Manage alerts are now showing incorrectly, the alerts are there, they just appear to be filtered out somehow:

Anyone else have/had this issue after upgrading?

Thanks

Tom Aspland

Hello folks, we have a report created where it runs and tells us what nodes are currently unmanaged and then which have their alerts suppressed. Is there a way to include the time that a node is unmanaged for in the report? I'm not finding a way to do this yet... Any help is appreciated- thank you.

EDIT

All, here is some code that I found and messed with to make as simple as possible:

SELECT Caption AS Name, UnManageFrom AS UnManageFromUTC, UnManageUntil AS UnManageUntilUTC

FROM

Orion.Nodes

Where

UnManaged = 'True' AND NodeID = ${NodeID}

EDIT 2:

Is there a way to edit this to show nodes that are currently managed, but scheduled to be unmanaged?

EDIT 3:

I found an old sql script from 2009 on here and formatted it to work with our current version of SW. This script shows all current + future unmanaged nodes

SELECT Caption AS Name, Nodes.UnmanageFrom, Nodes.UnmanageUntil, Nodes.StatusDescription

FROM Orion.Nodes

where Unmanaged = 1 or unmanagefrom >= getdate()

ORDER BY 1 ASC, 2 DESC

SQL Server (The process was not found) - How can I resolve this error message when viewing a DB server?

I am currently running NPM 12.0.1 and am receiving "Bias Current Sensor" warnings on numerous interfaces on a Cisco 4500 running  Software (cat4500e-UNIVERSALK9-M), Version 03.06.03.E RELEASE SOFTWARE (fc3).  If I log into the 4500 and check the status of the alerting interfaces all results are within the normal range.  How do I either turn off the bias current sensor alerts or change the thresholds so they report only on valid issues?

I would greatly appreciate any help you can give on this.

My Log & Event Manager is going crazy with "UserLogonFailure" errors being generated because the NPM is trying to access our other servers using the previous Systems Administrators credentials. Here's my question: Where do I even begin to find out where these credentials are being store so I can change them?

Here's the entire log (I replaced the name of our college with x's):

Introduction

A long journey ended when the proper syntax was found (Thank you, Thwack community) to correlate certain SNMP traps received with other alert values. Here is a short guide on how to use traps in alerts within the GUI of SolarWinds NPM.

In this example, I am receiving a "dying gasp" in SNMP from an Alcatel-Lucent (Now Nokia) 7210SASD. When such an event happens, the equipment is basically telling me it lost power. This allows me to separate losing nodes from network failures or power failures. In other words, I only take action if the node is down due to the network. There isn't much I can do about power in those remote locations or customer premises.

Using Node Custom Properties

It all starts with a custom property on the nodes, which I called LossOfPower. (Boolean) See the attached picture for more details.

SNMP Traps

The traps have to be sent to SolarWinds. Here is the code for the 7210.

        snmp-trap-group 1

            description "SolarWinds 1"

            trap-target "solarwinds1" address <Solarwind NPM Server IP> snmpv2c notify-community "CatchyNameHere"

        exit

        snmp-trap-group 98

            description "OtherSNMPServers"

            trap-target "Server1" address <Server1 IP> snmpv2c notify-community "snmpv2cSAMtrap98"

            trap-target "Server2" address <Server2 IP> snmpv2c notify-community "snmpv2cSAMtrap98"

        exit

        snmp-dying-gasp primary 1 "solarwinds1" secondary 98 "Server1" tertiary 98 "Server2"

The next step is to create the new alert which will set this property. This was written in SQL, not SWQL.

Trigger

SELECT Nodes.NodeID, Nodes.Caption FROM Nodes

INNER JOIN Traps

ON Nodes.NodeID = Traps.NodeID

AND Traps.DateTime > DATEADD(MINUTE, -6, SYSDATETIME())

AND Traps.TrapType = 'TIMETRA-SAS-SYSTEM-MIB:tmnxDyingGasp ';

The two tables intersect using the INNER JOIN command, based ON the NodeID. There is a timer on this and only the DyingGasp received in the last 6 minutes is considered.

Reset

SELECT Nodes.NodeID, Nodes.Caption FROM Nodes

INNER JOIN Traps

ON Nodes.NodeID = Traps.NodeID

AND Traps.DateTime < DATEADD(MINUTE, -9, SYSDATETIME())

AND Traps.TrapType = 'TIMETRA-SAS-SYSTEM-MIB:tmnxDyingGasp '

AND Nodes.Status = 1;

If it has been more than 9 minutes and if the node is back online, this alert is reset.

Trigger Action

It simply sets the LossOfPower variable to "YES".

Reset Action

Set the LossOfPower variable to "No".

Usage

This is modular. The LossOfPower variable is used in another much simpler alert (it could be several other alert contexts) where we get contacted when a node is down. If the node is down due to LossOfPower, we do nothing. If it is otherwise down due to other causes, we take action.

Testing and Researching

To get all the properties from a table, SolarWinds NPM includes a query test page. Note the database names are slightly different. It is located at http://<yourserverIP>/Orion/Admin/swis.aspx

If Orion.Traps is selected as a source, the Generate Select Query button returns this:

SELECT Acknowledged, ColorCode, Community, DateTime, Description, DisplayName, EngineID, Hostname, InstanceType, IPAddress, NodeID, ObservationRowVersion, ObservationSeverity, ObservationSeverityName, ObservationTimestamp, Tag, TimeStamp, TrapID, TrapType, Uri FROM Orion.Traps

This is useful in finding new fields you might need in your particular case.

It is possible to remove certain fields from the SELECT and see what is returned. This won't work with traps though, as the table can get quite lengthy. This particular table is a log file of all traps. Try it on Orion.Nodes instead.

SELECT AgentPort, Allow64BitCounters, AncestorDetailsUrls, AncestorDisplayNames, AvgResponseTime, BlockUntil, BufferBgMissThisHour, BufferBgMissToday, BufferHgMissThisHour, BufferHgMissToday, BufferLgMissThisHour, BufferLgMissToday, BufferMdMissThisHour, BufferMdMissToday, BufferNoMemThisHour, BufferNoMemToday, BufferSmMissThisHour, BufferSmMissToday, Caption, ChildStatus, CMTS, Community, Contact, CPULoad, CustomPollerLastStatisticsPoll, CustomPollerLastStatisticsPollSuccess, CustomStatus, Description, DetailsUrl, DisplayName, DNS, DynamicIP, EngineID, EntityType, External, GroupStatus, Icon, Image, InstanceType, IOSImage, IOSVersion, IP, IP_Address, IPAddress, IPAddressGUID, IPAddressType, IsServer, LastBoot, LastSync, LastSystemUpTimePollUtc, Location, MachineType, MaxResponseTime, MemoryAvailable, MemoryUsed, MinResponseTime, MinutesSinceLastSync, NextPoll, NextRediscovery, NodeDescription, NodeID, NodeName, ObjectSubType, OrionIdColumn, OrionIdPrefix, PercentLoss, PercentMemoryAvailable, PercentMemoryUsed, PollInterval, RediscoveryInterval, ResponseTime, RWCommunity, Severity, SkippedPollingCycles, SNMPVersion, StatCollection, Status, StatusDescription, StatusIcon, StatusIconHint, StatusLED, SysName, SysObjectID, SystemUpTime, TotalMemory, UiSeverity, UnManaged, UnManageFrom, UnManageUntil, Uri, Vendor, VendorIcon FROM Orion.Nodes

Using the SWIS Query test page will be the subject of another entry.

Regards,

As far as networking we are a Cisco shop for the majority and layer 2 switches.  ASR for wan and nexus for the data center.   Are there any documents saying what is the fundamnetal way NPM should be utilized.  I understand NPM is polling centric. What reason would you have to basically turn away from all the functionality it provides via hardware sensors and all the other polling and relly more heavily on SNMP traps? Aren't you taking away from the point of the product?  Is there any documentation to back this up on proper use of the system?  We do own several other modules including NCM and SAM just to name a few.  Some don't want to utilizie the UdP and claim it's too taxing and would prefer to turn to traps. Seems like a lot of leg work to go this route to me. What is your input? Any documenation would be very helpful.

Thank you

Overview

This article provides information about FAQs asked by the customer based on the environments combined.

Environment

Orion Platform versions above NPM 10.6

Strongly recommended to have latest version of Orion

Detail

All of us know SolarWinds SLX license you can montior up to 12000 Elements and beyond this you will need an Additional Polling Engine to monitor. 

What is Stackable Poller idea  

Stackable poller means license extension on polling  server  if your server hardware can handle it  , with the latest version of SolarWinds NPM, you can now install up to three unique polling engines on a single polling server, sharing a single IP address. Stackable polling engines enable you to effectively triple the polling capacity of a single server so you can get benifit of available server hardware within the existing installed enviornment

Further it will help you to monitor more Elements ( Nodes/Volumes/Interfaces/Services ) without having any dedecated servers to be confirmed and manage so its less overhead for the I.T staff to manage .

How can i check my Server current hardware meeting this requirments

For more informaiton MINIMUM Hardware Requirments see below.

SolarWinds Orion server hardware requirements

How many Stackable Poller license I can have on the Single Server?

Up to three total polling engines may be installed on a single server (i.e. one primary NPM
polling engine with one or two additional polling engines on Primary Server  or three additional polling engines on
the Additional polling server ).

Note: A stack requires only 1 IP address, regardless of the number of APEs

Can I install Stackable Poller on my existing Additional Polling Engine?

Yes 'Stackable Poller' is basically only extending the licensing capability on the Poller  you can have multiple Stackable poller on your existing Additional Poller It can be update by Smart Bundler  .

How can I update my  Poller for Stackable Poller?

On the  Poller it can be updated by Smart Bundler.

It means that by additional poller package downloadable from customer portal (not the Individual Downloads, but the Main Additional Poller Installer also called Smart Bundler).

How to install Stackable Poller on my Primary Polling Engine?

In this example I am assuming we are implementing Stackable Poller on the Main Poller (that has enough resources to tackle additional load)
As you are aware a single poller can tackle upto 12k elements
Also there is no special installer for Stackable Poller
You will need a license to be purchased as for Additional Polling Engine
You will go into your Customer Portal & download the Additional Poller Smart Bundler  (not the Individual Downloads, but the Main Additional Poller Installer also called Smart Bundler)
Basically when you will run Additional Poller Smart Bundler this installer will say on the main poller that everything is already installed and ask you if you want extend license.
Now simply key in the license of the Additional Poller in the wizard
It will never install anything on main poller it only just update the license
So the customer has got extra capability to fully utilize his server
Also after the license has been applied you can open the License Manager and you will see another entry in the Lincense Manager as following

On Primary Polling Engine it will take up to 2 MAX Additional Polling Engine license keys

On Additional Polling Engine it will looks like this

You will have the message "The machine has reached to license limit" after that therefor it will only be able to take up to 3 licenses.

So if I have have mutiple modules installed on the Primary Poller (do I have to install all the other modules as well , because Smart bundler will download say APE SAM , APE UDT , APE NPM)
so when I run the Smart Bundler on the Primary poller (it will not say that Primary Poller is already installed on this machine)

Yes, it will say on main that everything is installed and ask you if you want extend license
so it will never install anything on main, just update license

If I will install Stackable Poller on my primary server it will increase the capacity to 24K elements to tackle?

It will ask you on main to add license key for additional poller (means 24k elements). Once you run it again, you can add another AP license (means 36k elements) and if you run it third time,

it will say  This machine has reached its license limit .  The same functionality is for Additional Poller installation  And yes, Stackable poller means license extension on polling  server

For more details, please see the post below:

http://thwack.solarwinds.com/community/solarwinds-community/geek-speak_tht/blog/2013/06/19/not-so-stupid-poller-tricks

http://www.solarwinds.com/documentat...Guidelines.pdf

All my Cisco switches model WS-C3650-24PD have machine type of Cisco Catalyst 3850-24P-E Switch instead of 3650. The switch model is correct. Is machine type mapped from switch model? Is there anyway to fix this without manual intervention?

Hi,

I'm trying to create a page\view which will have information on a different server in each column so I'm using the custom SQL filer but I keep getting Custom SQL filter is incorrectly formatted it appears the formatiing has changed but the show list of Volume properties you can plus out hasn't been updated?

I've read these but the links the top one points to longer exist.

https://thwack.solarwinds.com/thread/98248

https://support.solarwinds.com/Success_Center/Network_Performance_Monitor_(NPM)/NPM_12_bug%3A_Custom_SQL_filter_is_incorrectly_formatted

and the 2nd one is a bug that has been fixed in the latest version but they do suggest that the table names have changed.

Does anyone know how to format this in NPM 12.0.1

I'm trying to do something like

VolumeID = 'xxxxx' or VolumeIndex = 'xxxxx'

Although I'm not sure how to find out what the volume index is either!

Thanks for any help,

worto.

Background:

Thousands of Meraki devices needed to be added to Solarwinds for my situation, and so the hunt began.  First stop was Meraki for some help, which led me to this document: https://docs.meraki.com/download/attachments/13500458/ConfigurationGuide-Meraki-SolarwindsSNMP%20(2).pdf?version=1&modif…  The document's instructions weren't for the implementation that I was looking for, and that document was all I could find in online.  What I needed was to poll the devices directly instead of through the dashboard.  When I followed Meraki's document for alerting, it wasn't what I was looking for.  Passing relevant information to the alerts wasn't available, based on Meraki's instructions.  Eventually, I accidentally stumbled upon the answer, and now looking back it seems so simple .

How-To Steps:

• On the SolarWinds Network Discovery page, create a new discovery
• Use the SNMP string that was input on each Meraki network under Network-wide>General or Configure>Alerts & administration (located on Meraki's dashboard) and click ‘next’
  • SNMP settings include the version (V1/V2c), and a SNMP string.  They are located under 'Reporting'
• Uncheck ‘poll for VMware’ and click next
• Uncheck ‘add to NCM’ and click next
• Click ‘next’ on the windows credentials page
• Paste in your Meraki IPs and click on ‘next’
• Set the Discovery name and click on ‘next’
• Set your discovery schedule and click on ‘discover’
• Select the Meraki device interfaces you’d like to import and click ‘next’
  • Selecting the advanced options section can help for picking out specific interfaces.
• Click ‘next’ on the volume type page.
• Click ‘import’ on the import preview page.
  • Wait for the import to finish before clicking on ‘finish’

Results:

Here's a Meraki MX80 that's been added.

Here's an MR16 that's been added:

After the nodes have been added, I setup alerts and they'll be able to pull helpful information (Hostname, IP, Custom Properties, etc.) when an event happens.

Misc. Info:

Version info: NPM 11.0.1

Devices I've tested:

Firewalls

MX80

MX400

Wireless Access Points

MR16

MR18

Switches

MS22P

Current issues:

From the screenshots you can see that the Last Boot date isn't correct, however that isn't a pressing issue for me.

I hope this will help some of you, and feel free to ask questions.

I'll be adding updates as more info comes in, so feel free to post what you have run into.

Message was edited by: Naters

Has anyone seen this happens? It's almost as if the device gets stuck in time. I have a different devices from switches to servers, etc that will fail snmp but still display stale data and show the device as up (Green).

Many times a manual ping of the device actually shows the device as down which basically creates a false positive in solarwinds.

I've ran a query and discovered over 500 devices in my infrastructure not polling on SNMP and all show green. When it comes to servers switching many of the Windows servers to WMI fixed the issue and those servers started to monitor normally. But Unix or Linux devices or network devices that only accept SNMP, those remained broken. I had to manually either change the community string and or restart the snmp process on the devices to fix the problem.

But it still seems like a bug to me if snmp suddenly drops and the device still shows stale data, alerts on stale data, and shows as green (Up). I've tried the basic's. Clearing sdf files. Uninstalling reinstalling collector and job engines. I even went as far as basically redeploying my whole environment but the issue remains there. So not convinced it's a collector problem.

The issue for us has been founding using the script as a workaround. I run that script once every 2 weeks find the devices not responding to snmp and fix them. But I wanted to bring up this discussion for visibility and hopefully catch the eye of a developer or someone from solarwinds who can be notified about this.

Thanks!