When I started at my new company, one of the first things I did was bring back to life the SolarWinds environment.  It had not been changed or updated in at least two years.  There were over three hundred down items from devices that were not on the network anymore and another fifty or so duplicate items from people just running Network Discovery and taking in all of the information found.  I also found another five hundred devices that were just using ICMP for the polling method because they “did not see the reason for anything else”. 

One of the biggest issues I had was around passwords.  Specifically SNMP Version 3.  The Network team did not want anything to do with me because I was a Server guy and the previous owner of the SolarWinds environment admitted that he had other more important things to do that find what the passwords were.  Solarwinds worked, that is all that mattered.   I tried everything.  I even placed a question on thwack.  The problem was that the password in the database is encrypted, so a direct select statement did not work.

After three months, I had consigned myself to the fact that I just had to work a little on the Network team so that they would like me enough to look up the passwords. Even then, that was only the network devices.  I had another three thousand cameras out there with SNMP. 

I happen to be setting up new alerts in the system and was adding in some variables when I noticed that there was a field called Privacy that showed the SNMPv3 password. 

Hallelujah !!!!!!!  But now, how to get it.  I could not find a way to get an alert variable into a report.  But, with a little help from Google and the Solarwinds knowledge base https://support.solarwinds.com/Success_Center/Network_Performance_Monitor_(NPM)/Track_SNMPv3_credentials_that_are_assigned_to_a_node, I was able to create a process to obtain the passwords. 

Here are the steps.

NOTE!!!!  Please be kind.  I am a server guy with some scripting skills but not a programmer.  I am sure some of my steps can be easier.  This is just want worked for me. 

STEP 1 – Set up an alert

You need to set up a NODE alert.

• Open Solarwinds and go to Alerts
• Click on Manage Alerts
• Click on Add New Alert
• Name your alert (This really does not matter as the alert will be deleted once you are done, but you do need to remember the name)
• Set the severity to Notice
• Click Next
• This is the tricky part.  You do not want to have to sort through thousands of emails to get the information.  What I did is:
  • Set the “I want to alert on” to Node
  • Under the scope, select “Only following set of objects”.  This will bring up a separate selection screen
    • In the first box, Leave the selection of Node. In the next box, choose Node Name.  Third box shodul say is equal to.  In the last box, just start typing the name of one of your devices (this does not matter now, will change later)
  • In “The actual trigger condition” section, leave Node in the first field.  Second field should be Status.  Third box should be is equal to.  Click the arrow in the last box and choose Up.
  • When you are done, it should look like this

• Click Next
• Change the Reset Condition to No reset Action – Manually remove the alert from the active alerts list.

• Click Naxt
• Click Next through Time of Day
• Now we are going to add an Email Action.
  • Click on Add Action.
  • Give you action a name.
  • Recipients should just be yourself.  No need to send passwords to anyone else
  • Under message, you can replace everything else with the following items
    • ${N=SwisEntity;M=SNMPv3Credentials.AuthenticationKey}
    • ${N=SwisEntity;M=SNMPv3Credentials.AuthenticationMethod}
    • ${N=SwisEntity;M=SNMPv3Credentials.PrivacyKey}
    • ${N=SwisEntity;M=SNMPv3Credentials.PrivacyKeyIsPassword}
    • ${N=SwisEntity;M=SNMPv3Credentials.PrivacyMethod}
    • ${N=SwisEntity;M=SNMPv3Credentials.Username}
  • Set your SMTP server

• Click Next
• Click Next through Reset Actions
• Down at the bottom of the screen, you should see that this alert would immediately trigger on 1 Object.  If you see more than that, go back through the instructions.
• Go ahead and submit
• You shodul receive one email. 
• Go back into manage alerts and Disable the alert for now.

Step 2 – Find your SNMP devices.

This part was a little tricky as well.  I did not want to hunt through thousands of devices to find the one or two that had separate SNMP credentials.  Fortunately, this is where the link above to Solarwinds knowledge base saved me. 

• Open an RDP session to your Solarwinds server
• Go into your programs and look for the “Database Manager” in the SolarWinds group (Not the Database Maintenance but the Manager).  You can also use SQL Management studio if you are so inclined.  I did not have direct access to the database at this time, so this was a workaround
• Once you have the database manager opened, click on Add Default server
• Select the correct database
• Right click on the Database and choose New Query.
• In the query window, type in SELECT TOP 10000 * FROM [dbo].[NodeSettings] WHERE SettingName LIKE '%SNMP%'
• Click on the heading “SettingValue” so that it sorts by that value

Step 3 – Run the Alert

This is where the big payoff is.  You just need to run through each of these steps until you gather all of the information.  I placed the information in a TXT file and then opened within Excel to separate fields.

• In the left hand window on the Database Manager, find the SolarWinds database and choose New Query
• In this window, you are going to put in the following query
  • SELECT TOP 10000 Nodesettings.NodeID,Nodes.IP_Address,Nodes.DNS FROM [dbo].[NodeSettings] INNER JOIN Nodes on NodeSettings.NodeID=Nodes.NodeID WHERE SettingName LIKE '%SNMP%' AND SettingValue='####'
• Replace the #### with the “SettingValue” number that you have listed from the previous query.  It may only be two characters.  You do not need to add 0s
• Execute the query.  This will bring up all of the devices with that particular SNMP credential set.
• In Solarwinds, you are going to have two windows open. One on the Manage Nodes screen and one on the Alert Manager screen.
• In the Manage nodes screen, choose one of the listed devices from the above query and go into Edit Properties.
• Make sure this node is using Version 3 of SNMP.  When I ran through this, I had one that was version 1. It is a good idea to double check.
• Once that is verified, go to your Alert Manager window and edit your SNMP alert that you created in Step 1.
• Go to the Trigger condition screen and type in the name of the node you selected in the Only following set of objects field
• Next all the way to the end (Solarwinds needs to put in a “Finish” button on these screens)
• Now Enable the alert
• Within five seconds, I had my alert.  Depending on your email system, it might take longer.
• Once you receive the alert in your email.  Disable the alert from Alert Manager.
• Now you can take a look the alert.  In the alert, you will see the Privacy as well as the authentication password and the username.
• Once you are done with the information, go to the Database Manager Query window and choose the next “SettingValue” and run through the process again and again until you have captured all of your credentials.

First off, there's a great thread with XML language that creates a new Report for this that can be imported into your SW here:  How to find ports which have not been used for a long time ?

Also, check this search out for other threads containing "Last  & Transmitted":  https://thwack.solarwinds.com/search.jspa?q=last+transmitted

I built this process my team's use, since the above XML report provided information for too many kinds of ports and systems.  The method I use allows you to focus on a specific switch, and it filters out ports that I know will always be out of scope for discovering patched copper ports for reuse (like fiber uplink ports and port-channels or local Fa0 ports).

Start off in Settings, Admin > Alerts & Reports, Create New Report

Click the small blue "Edit" just to the right of Datasource 1 and make it look like this:

Adjust the items above to match your specific needs and then click Add to Layout.

What the filtered options mean:

• The first entry (Caption contains "Insert Switch Name") lets you focus solely on a specific switch.  You don't have to include this if you don't want, and you could change it to identify a switch by whatever method you prefer--or drop it entirely.
• Solarwinds NPM may discover Cisco interfaces that are "Controlled" and "Uncontrolled" for security options (depending on IOS release and hardware platform); since these interfaces are duplicates to the physical interfaces, I don't want them included in the report, so I had it filter any interface with "ontrol" in its name.
• I'm not interested in Port-channels, therefore they're filtered out.
• I don't want any port whose status is "Up" since I'm only looking for ports not in use.
• It must be a Physical Interface, not a virtual or logical one.
• Don't report on Ten Gig interfaces ("Interface Name does not start with Te") because we don't let users plug into those sports. 
• Don't report on interfaces ending in 49-52--those are uplink fiber links on my switches, and I'm not looking for information about those in this report.  I only want to know about copper ports that can be unpatched & reused.
• Don't report on the Fa0 port if one is present

Click Edit Table

Adjust these items per your specific needs and click Submit

I put a note it to remind my Team to change the switch name inside the report:

Click Next

Put helpful information in the Report Description, Click Next.

Schedule if it needed.  We run this report on demand instead of at regular intervals.

Click Next

Review the setup and make any changes required:

Click Submit.

Now select the report, edit it to report on the specific switch, save it and run it. You'll get a report that sorts from the ports longest down to those most recently down, looking like this:

I export this to .PDF and send it to my Network Technicians for unpatching of ports on switches they're concerned with.

Enjoy!

(Reviewed and updated 20200207.  This process still works in Platform 2019.4 HF3 Rick Schroeder)

While the existing syslog and trap functionality that ships with the Orion^® Platform has served us well over the last several years, there has always been some room for improvement. For example, we would sometimes hear from users that syslog collection would bog down their database or that it was inconvenient to manage logs outside the web console. Another common issue raised was around the lack of integration with Orion alerting.

As we built Log Analyzer, we wanted to do something about this valuable functionality that also seemed to be causing issues for our users. That’s where Orion Log Viewer comes in.

Orion Log Viewer (or OLV for short) is built on the Orion Platform and is a subset of SolarWinds^® Log Analyzer’s functionality. It shares the same systems requirements as LA and gives you the ability to collect, view, filter, search, manage, and alert on syslogs and traps from within your SolarWinds web interface. And the best part is, NPM users can get this updated functionality for no additional cost.

OLV will not only make it easier to manage your logs, but also give you extra visibility into performance issues by including syslog and trap data in your PerfStack^™ dashboards. The additional context can help speed root cause investigation and troubleshooting. Additionally, both OLV and LA use the same alert engine as the other Orion-based products, nearly doubling the amount of alert actions you can take from your logs and reducing the number of alert engines you have to learn and maintain.

Orion Log Viewer also ships with its own database specifically designed for log collection. Lessening the impact of collecting logs on your Orion database. You can see how each of the different versions of the logging tools compare in this knowledge base article.

As mentioned earlier, OLV is a subset of Log Analyzer, so to get this updated functionality, you need to download and install a free trial of Log Analyzer on the same server as your NPM instance. At the end of the 30-day trial, if you decide not to purchase LA, the additional functionality that it provides will simply turn off. All that will remain is the functionality provided with Orion Log Viewer. At that time, OLV will be supported at the same level as your NPM license. If you decide later to upgrade to Log Analyzer, simply activate a license key and the functionality will return.

One note for those using the existing syslog and trap functionality. Installing Log Analyzer/OLV will override your existing rules. This means your previously configured syslog and trap rules and alerts will no longer be active. While there is no migration path for existing rules or log data to transfer to OLV, they will continue to be readable.

Orion Log Viewer is the future of syslogs and traps in Orion. We would love to get your feedback on the tool, so we can continue to improve it and support you.

I use NetPath in a number of ways, but the foremost is to validate that connections to SaaS applications are within tolerances all around my environment.  Having that information in a summary is very helpful.

NetPath already does that, but having a filter would be nice to only show a specific service.  What would be more awesome would be being able to give me summary information over time instead of just showing the most recent.

With that in mind, I started digging into the API to find if I could get a better summary of this information.  Much to my pleasure, I was able to find the information, but it was strewn across a few tables.  So I had to dust off some old SQL tactics in my brain to get the information.  (I'm terrible at hand-writing join queries and almost as bad when doing GROUP BY for calculating minimums/averages/minimums).

The two "tables" that I need to use are Orion.NetPath.ServiceAssignments and Orion.NetPath.Tests.

What I came up with was a little bit of SQL magic, a little bit of SWQL magic, and exactly what I needed in a resource.  I've added some comments in the script to show what I'm doing.  Without further ado, here's the SWQL script:

SELECT [SA].ProbeName AS [Source]     , [SA].ServiceName AS [Destination]     , [SA].DetailsUrl AS [_LinkFor_Source]     , CONCAT('/Orion/images/StatusIcons/Small-', [SI].IconPostfix, '.gif') AS [_IconFor_Source] -- This is the status for the most recent poll only     , ROUND([Tests].MinLatency, 2) AS [Min Latency (ms)]     , ROUND([Tests].AvgLatency, 2) AS [Avg Latency (ms)]     , ROUND([Tests].MaxLatency, 2) AS [Max Latency (ms)]     , CONCAT(ROUND([Tests].MinLatency, 2), ' / ', ROUND([Tests].AvgLatency, 2), ' / ', ROUND([Tests].MaxLatency, 2) ) AS [Min/Avg/Max Latency (ms)]     , ROUND([Tests].MinPacketLoss, 2) AS [Min Packet Loss (%)]     , ROUND([Tests].AvgPacketLoss, 2) AS [Avg Packet Loss (%)]     , ROUND([Tests].MaxPacketLoss, 2) AS [Max Packet Loss (%)]     , CONCAT(ROUND([Tests].MinPacketLoss, 2), ' / ', ROUND([Tests].AvgPacketLoss, 2), ' / ', ROUND([Tests].MaxPacketLoss, 2) ) AS [Min/Avg/Max Packet Loss (%)]
FROM Orion.NetPath.ServiceAssignments AS [SA]
INNER JOIN Orion.StatusInfo AS [SI]   ON [SA].Status = [SI].StatusID
INNER JOIN (    SELECT EndpointServiceID         , ProbeID         , MIN(Rtt) AS MinLatency         , AVG(Rtt) AS AvgLatency         , MAX(Rtt) AS MaxLatency         , MIN(PacketLoss) AS MinPacketLoss         , AVG(PacketLoss) AS AvgPacketLoss         , MAX(PacketLoss) AS MaxPacketLoss    FROM Orion.NetPath.Tests    WHERE ExecutedAt >= GETUTCDATE() - 1 -- ExecutedAt is stored in UTC, so we use 'GETUTCDATE() - 1' to get last 24 hours only    GROUP BY EndpointServiceID, ProbeID
) AS [Tests]
ON  [Tests].ProbeID = [SA].ProbeID
AND [Tests].EndpointServiceID = [SA].EndpointServiceID
WHERE [SA].ServiceName = 'Office 365' -- This is the NetPath Service Name as displayed on your NetPath summary page  AND [SA].Enabled = 'True'
ORDER BY [SA].ProbeName

Let me break it down a little bit.  First off, we are joining up three tables here.  The one that I didn't mention earlier is Orion.ServiceInfo.  This table has the status "names" based on the numbers.  I use them for pulling in the icons.  This leads to a bit of SWQL magic.

SWQL has the ability to recognize icons and links, but only if they are formatted properly.  This is where lines 3 and 4 from the above script come into play.  If you have an element in a custom query called "Stuff", then you can give it a URL named "_IconFor_Stuff" and it will be displayed to the left of the label.  Similarly, you can use the "_LinkFor_Stuff" to provide a clickable link.  As a note for the future, many tables provide a "DetailsUrl" field that's very useful for this.

I'm also using some specific SQL-like constructs - specifically joining a table to a table and joining a table to a query (which returns table-like content).  In lines 14 and 15, I'm joining in the Orion.StatusInfo table which provides the IconPostfix needed for line 4.

Later in lines 16 through 28 I'm making a query from Orion.NetPath.Tests where I summarize information over the last 24 hours.  Note that in line 26 I'm using a comparison to only pull back minimums, averages, and maximums over the last 24 hours.  You can change this, but be aware that it will take more time to execute the query.  On a 10 minute probe (the default), each probe provides 60 minutes / 10 minutes per test * 24 hours = 144 tests / probe.  Multiple this by the number of probes (4 in my environment) means the query has to summarize 576 entries into six total statistics.

Thankfully SWQL is highly optimized.  As an example me running this full query takes 0.023 seconds.  If I change the number of days on line 26 to 7 (show me the last week), then it runs in 0.59 seconds.  Like I said, the SWQL is highly optimized.

So what's all this look like?  Just edit a page and add a Custom Query widget and paste in the above query (changing line 31 to match one of your own NetPath Services) and you should get something very pretty.

I've elected to show Min/Avg/Max in multiple ways, but in a production environment, I probably only care about average.  To get just the average to display, just comment out (or delete) the unneeded elements.  In SQL (and SWQL) the double-dash indicates a comment.

SELECT [SA].ProbeName AS [Source]     , [SA].ServiceName AS [Destination]     , [SA].DetailsUrl AS [_LinkFor_Source]     , CONCAT('/Orion/images/StatusIcons/Small-', [SI].IconPostfix, '.gif') AS [_IconFor_Source] -- This is the status for the most recent poll only
--     , ROUND([Tests].MinLatency, 2) AS [Min Latency (ms)]
--     , ROUND([Tests].AvgLatency, 2) AS [Avg Latency (ms)]
--     , ROUND([Tests].MaxLatency, 2) AS [Max Latency (ms)]     , CONCAT(ROUND([Tests].MinLatency, 2), ' / ', ROUND([Tests].AvgLatency, 2), ' / ', ROUND([Tests].MaxLatency, 2) ) AS [Min/Avg/Max Latency (ms)]
--     , ROUND([Tests].MinPacketLoss, 2) AS [Min Packet Loss (%)]
--     , ROUND([Tests].AvgPacketLoss, 2) AS [Avg Packet Loss (%)]
--     , ROUND([Tests].MaxPacketLoss, 2) AS [Max Packet Loss (%)]     , CONCAT(ROUND([Tests].MinPacketLoss, 2), ' / ', ROUND([Tests].AvgPacketLoss, 2), ' / ', ROUND([Tests].MaxPacketLoss, 2) ) AS [Min/Avg/Max Packet Loss (%)]
FROM Orion.NetPath.ServiceAssignments AS [SA]
INNER JOIN Orion.StatusInfo AS [SI]   ON [SA].Status = [SI].StatusID
INNER JOIN (    SELECT EndpointServiceID         , ProbeID         , MIN(Rtt) AS MinLatency         , AVG(Rtt) AS AvgLatency         , MAX(Rtt) AS MaxLatency         , MIN(PacketLoss) AS MinPacketLoss         , AVG(PacketLoss) AS AvgPacketLoss         , MAX(PacketLoss) AS MaxPacketLoss    FROM Orion.NetPath.Tests    WHERE ExecutedAt >= GETUTCDATE() - 1 -- ExecutedAt is stored in UTC, so we use 'GETUTCDATE() - 1' to get last 24 hours only    GROUP BY EndpointServiceID, ProbeID
) AS [Tests]
ON  [Tests].ProbeID = [SA].ProbeID
AND [Tests].EndpointServiceID = [SA].EndpointServiceID
WHERE [SA].ServiceName = 'Office 365' -- This is the NetPath Service Name as displayed on your NetPath summary page  AND [SA].Enabled = 'True'
ORDER BY [SA].ProbeName

So the above returns:

Hopefully this has helped a few of you with getting your feet wet within SWQL and the custom query.  Now go forth and script around a bit.

You ask, we listen. Many of the top features being worked on in NPM are generated through your feedback - specifically your votes in our NPM Feature Requests forum and your participation in our Feedback Sessions.

Here's what the NPM Team is currently working on:

• UI Performance Optimizations - continuing to address our largest complaint in the last 10 years: user interface performance
• Microsoft Azure Integration - visibility into Azure Virtual Network Gateways, specifically VPN status and throughput
• Device Views - improving Device View by adding support for switch-stacks, additional vendors, and SDK workflow
• Improved Device Support - additional device support for commonly requested vendors
• Improved Interface Status - applying enhanced node status to interfaces
• New Dashboard Framework - next-generation summary dashboard framework
• Orion Maps - bridging the feature parity gap with Network Atlas

GIVE US FEEDBACK

We actively refine the product roadmap to solve your problems. Participate in Feedback Sessions for THWACK points and personalized input into the future of NPM. You can also submit and vote on NPM Feature Requests.

We're pleased to announce the Network Performance Monitor 2020 Beta 1 is now available! We've been hard at work building new features, and we hope you'll be impressed with the results!

This beta involves certain items that are mentioned in the What We're Working on for NPM (Updated Jan 15, 2020)

At SolarWinds, being customer-driven and responsive to customer needs is a fundamental part of how we build software. Beta feedback is one of the key avenues we use to inform and adjust what we're building so that it fits your needs and your environment. We'll take feedbackanytime we can get it, but now is the best time to provide feedback that can affect the product.

As an added incentive, beta users who submit feedback will receive 3,000 Thwack points to buy swag at the THWACK Store. That will cover most of what you need for a SolarWinds Geek t-shirt!

To access the beta, sign up here! To share feedback, please post in the Network Performance Monitor Beta Forum!

Want to see more?  We also have NTA, NCM, IPAM, and SAM Beta evaluations available right now. Check them out here:

NTA Beta

NCM Beta

IPAM Beta

SAM Beta

**REQUIRES ORION PLATFORM 2018.2 OR ABOVE**

I had assembled this based on a much older SQL report, and then updated it to SWQL, then added some more intelligence to it so you can filter it based on the duration of the outage, search by the device names, and it has a method of letting you know when nodes have been down so long they aged out of the events table.

Based on popular requests I figured it was time to put it out here to make it easier for the Thwackers to find and use.  This is intended to be used inside the Custom Query Resource

select n.caption as [Device]
-- shows the current status icon
, '/Orion/images/StatusIcons/Small-' + n.StatusIcon AS [_IconFor_Device]
-- makes a clickable link to the node details
, n.DetailsUrl as [_linkfor_Device]
-- shows the timestamp of the down event, if there is no timestamp then is says the event was greater than the number of days in your event retention settings
, isnull(tostring(t2.[Down Event]),concat('Greater than ',(SELECT CurrentValue FROM Orion.Settings where settingid='SWNetPerfMon-Settings-Retain Events'),' days ago')) as [Down Event]
-- shows the timestamp of the up event, unless the object is still down
, isnull(tostring(t2.[Up Event]),'Still Down') as [Up Event]
-- figures out the minutes between the down and up events, if the object is still down it counts from the down event to now, displays 99999 if we cannot accurately determine the original downtime, and 
, isnull(MINUTEDIFF(t2.[Down Event], isnull(t2.[Up Event],GETDATE())),99999) as Minutes


from orion.nodes n
left join (SELECT    
 -- Device nodeid used for our join   
 StartTime.Nodes.NodeID     

 -- Down Event time stamp in local time zone    
 ,ToLocal(StartTime.EventTime) AS [Down Event]      
 -- Up Event time stamp in local time zone    
 ,(SELECT TOP 1    
 ToLocal(EventTime) AS [EventTime]    
 FROM Orion.Events AS [EndTime]    
-- picks the first up event that is newer than the down event for this node
 WHERE EndTime.EventTime >= StartTime.EventTime   
-- EventType 5 is a node up 
 AND EndTime.EventType = 5    
 AND EndTime.NetObjectID = StartTime.NetObjectID    
 AND EventTime IS NOT NULL    
 ORDER BY EndTime.EventTime    
 ) AS [Up Event]      
-- This is the table we are querying    
FROM Orion.Events StartTime      
-- EventType 1 is a node down
WHERE StartTime.EventType = 1        
) t2 on n.NodeID = t2.nodeid


-- this is how I catch nodes that are down but have aged out of the events table
where (n.status = 2 or t2.nodeid is not null)


-- If you want to filter the results to only show outages of a minimum duration uncomment the below line
--and MINUTEDIFF(isnull(t2.[Down Event],(GETUTCDATE()-30)), isnull(t2.[Up Event],GETUTCDATE())) >  60


-- if you want to use this query in a search box of the Custom Query resource uncomment the below line
--and n.Caption like '%${SEARCH_STRING}%'


order by t2.[down event] desc

-Marc Netterfield

    Loop1 Systems: SolarWinds Training and Professional Services

•                 LinkedIN: Loop1 Systems
•                 Facebook: Loop1 Systems
•                 Twitter: @Loop1Systems

With the new release of Microsoft Teams, I got a tad curious and went to see what integrations were available.

Much like Slack, PagerDuty, and  a host of others; Teams gleefully accepts incoming webhooks as a native integration. Below is a summary of how to achieve this in your Teams environment.

Step 1:

As an administrator of your organization's Team software, login to your Teams desktop application and click on the Team that you wish to add your integration to, then select "Connectors"

Step 2:

Search for "Incoming Webhook" and click "Add"

Step 3:

Name your new Webhook, add an optional Icon, and click "Create"

Step 4:

Copy your URL to be used with your alert action in a moment

Step 5:

At this point, you should see that you have a newly configured Webhook in your Connectors list and you should also have a new message in your Team reflecting this addition as well

Step 6:

Configure an alert action (Send a GET or POST Request To A Web Server) and include your Webhook URL and associated payload (example below)

Step 7:

Enjoy your new feed of alerts!

Here's the payload snippet I am using in my action at present:

{  "title": "ALERT TRIGGER: ${N=SwisEntity;M=Caption} is currently ${N=SwisEntity;M=Status}",  "text": "DEVICE: [${N=SwisEntity;M=Caption}](${N=SwisEntity;M=DetailsUrl})  IP ADDRESS: ${N=SwisEntity;M=IP_Address}  VENDOR: ${N=SwisEntity;M=Vendor}  MODEL: ${N=SwisEntity;M=MachineType}  [ALERT DETAILS](${N=Alerting;M=AlertDetailsUrl})  [ACKNOWLEDGE THIS ALERT](${N=Alerting;M=AcknowledgeLink})"
}

Please note that there is some good information to be found in the API Reference as well: Office 365 Connectors API Reference - Outlook Dev Center

Enjoy!

It is my pleasure to announce that Network Performance Monitor (NPM) 2019.4 is now available and can be downloaded from the Customer Portal.

Note that we've changed the version numbering with this release. This and future releases will follow a "year.quarter" numbering system instead of the previous (12.5) system.

What's New in NPM 2019.4?

• Device View - Visually display your network switches on Cisco 2960 and Juniper devices to check port status, utilization, and position from the Orion Web Console.
• Real-time Charts - Display real-time data with new dashboard widgets:
  • CPU Load and Memory Utilization on Node Details.
  • Percent Utilization on Interface Details.
• Performance Improvements - Check out the improved load times for widgets.
• Updated Localization - Improved support for German and Japanese languages.
• Improved Port-type Mapping - Discover port types with more accuracy.

Device View

Device View allows you to see the physical layout of your network switch's interfaces (except management or console) in order to check port status, utilization, and position from the Orion Web Console. It is being released in NPM 2019.4 as a "technical preview", meaning we haven't added enough functionality to deem it a full-fledged feature. In this case, the limiting factor comes in the form of vendor support.

NPM 2019.4 includes Device View support for the majority of switches in the following families (provided they're not in a "stacked" configuration):

• Cisco Catalyst 2960
• Cisco Catalyst 2960L
• Cisco Catalyst 2960S
• Cisco Catalyst 2960X
• Cisco Catalyst 2960XR
• Juniper EX2200
• Juniper EX3300

In order for Device View to be available in the web console, the supported switch will need to be monitored as an SNMP node.

Once monitored, you'll be able to access the new subview from the Node Details page.

Device View can be filtered using the filter list on the left side of the page. Currently, you can filter the interfaces based on status. Interfaces that do not match the selected filters become opaque.

Device View also provides a side panel with additional interface details. This is not visible by default. To view the side panel, click on any interface in the Device View stencil. The side panel displays the caption of the interface, it's IP address, MAC address, duplex mode, and more.

Real-Time Charts

With NPM 2019.4, we're also releasing our first set of widgets that provide real-time data!

Real-time CPU Load & Memory Usage will now appear by default in the top-right position of the Node Details→Vital Stats page.

Real-time interface Percent Utilization will similarly appear in the top-right position of the Interface Details→Summary page.

These charts can also be added via the Add Widget panel on other appropriate views.

The Chart Refresh Time update interval for real-time data charts is set to 2 seconds by default. This can be changed in two ways:

• Via the Web Console Settings page:

• Via the Advanced Configuration page:

The polling settings are tied to PerfStack, and can be adjusted on the Advanced Configuration page in PerfStack settings.

Improved Port Type Mapping

This feature provides information which can be used for filtering interfaces by port type during the discovery process. The changes we've made are primarily on the backend, but you may notice some minor UI tweaks.

Performance Improvements

NPM 2019.4 includes many improvements to web performance. We think you'll notice a difference in how fast the pages load.

Updated Localization

NPM 2019.4 includes improved support for the Japanese and German languages.

What now?

Looking for more information on what we'll be working on now that 2019.4 is out the door? Take a look at What We're Working On. Don't see what you're looking for? Advocate your needs with a Feature Request.

Overview

This article provides information about FAQs asked by the customer based on the environments combined.

Environment

Orion Platform versions above NPM 10.6

Strongly recommended to have latest version of Orion

Detail

All of us know SolarWinds SLX license you can monitor up to 12000 Elements and beyond this you will need an Additional Polling Engine to monitor.

Use additional polling engines for 12000 or more monitored elements if you plan to monitor 12000 or more elements, Solarwidns recommends that you install additional polling engine on separate server to help distribute the work load.

What is Stackable Additional Polling Engine idea is ?

Its another engine on the existing system hardware you have , using full  capacity of your current hardware . This engine will be stacked with your existing engine seamlessly running on the same hardware boosting the existing polling capacity of current host without any additional cost to maintain another system host.

Idea is exactly adding another stackable switch within existing chassis to add more capacity . So if your existing chassis can take it you can add more stack into .

With the latest version of SolarWinds NPM, you can now install up to three unique polling engines on a single polling server, sharing a single IP address. Stackable polling engines enable you to effectively triple the polling capacity of a single server so you can get benefit of available server hardware within the existing installed environment

Further it will help you to monitor more Elements ( Nodes/Volumes/Interfaces/Services ) without having any dedicated servers to be confirmed and manage so its less overhead for the I.T staff to manage .

Benefits :

No overhead to manage or arrange another system hardware just using existing Server hardware capacity (Very cost effective )

No management approval process waiting time for system deployment

No infrastructure change required

No troubleshooting and I.T management resources to dedicate  for another hardware

No extra IP address needed to be allowed for the devices for the polling / Downloading the configuration with NCM - Less overhead

No downtime required during installation

No configuration wizard need to run

No services need to restart during this process on production environment

No FOE licenses per server to cover more elements for HA (Very cost effective )

Freedom to extend any Poller (Primary Polling Engine OR Existing Additional Polling Engine ) (Very cost effective )
Finally within few minutes you will be ready to  polling more elements within the existing infrastructure without making a single change and  wasting the time / resources /  money.

How can i check my Server current hardware meeting this requirments

For more informaiton MINIMUM Hardware Requirments see below.

SolarWinds Orion server hardware requirements

How many Stackable Poller license I can have on the Single Server?

Up to three total polling engines may be installed on a single server (i.e. one primary NPM
polling engine with one or two additional polling engines on Primary Server  or three additional polling engines on
the Additional polling server ).

Note: A stack requires only 1 IP address, regardless of the number of APEs

Can I install Stackable Poller on my existing Additional Polling Engine?

Yes 'Stackable Poller' extending capability on the Poller  you can have multiple Stackable poller up to 3  on your existing Additional Poller It can be update by Smart Bundler 

How can I update my  Poller for Stackable Poller?

On the  Poller it can be updated by Smart Bundler.

It means that by additional poller package downloadable from customer portal (not the Individual Downloads, but the Main Additional Poller Installer also called Smart Bundler).

How to install Stackable Poller on my Primary Polling Engine?

In this example I am assuming we are implementing Stackable Poller on the Main Poller (that has enough resources to tackle additional load)
As you are aware a single poller can tackle upto 12k elements
Also there is no special installer for Stackable Poller
You will need a license to be purchased as for Additional Polling Engine
You will go into your Customer Portal & download the Additional Poller Smart Bundler  (not the Individual Downloads, but the Main Additional Poller Installer also called Smart Bundler)
Basically when you will run Additional Poller Smart Bundler this installer will say on the main poller that everything is already installed and ask you if you want extend license.
Now simply key in the license of the Additional Poller in the wizard
It will never install anything on main poller it only just update the license and will deploy the stack Engine seamlessly
So the customer has got extra capability to fully utilize his server hardware
Also after the license has been applied you can open the License Manager and you will see another entry in the Lincense Manager as following

On Primary Polling Engine it will take up to 2 MAX Additional Polling Engine license keys

On Additional Polling Engine it will looks like this

You will have the message "The machine has reached to license limit" after that therefor it will only be able to take up to 3 licenses.

So if I have have mutiple modules installed on the Primary Poller (do I have to install all the other modules as well , because Smart bundler will download say APE SAM , APE UDT , APE NPM)
When I will run the Smart Bundler on the Primary poller (it will not say that Primary Poller is already installed on this machine)

Yes, it will say on main that everything is installed and ask you if you want extend license so it will never install anything on main (as the required services are already installed and doesn't required any extra service to be installed  ) , Just update license and deploy the stack Engine seamlessly the main propose and stack functionality .So it does make necessary changes required without installing any service or software that's how its by design to work .

If I will install Stackable Poller on my primary server it will increase the capacity to 24K elements to tackle?

It will ask you on main to add license key for additional poller (means 24k elements). Once you run it again, you can add another AP license (means 36k elements) and if you run it third time,

it will say  This machine has reached its license limit .  The same functionality is for Additional Poller installation  and yes, Stackable poller

I have SLX Licenses why i still need the Additional Polling Engine license ?

The SLX license is based on throughput, not elements. This is a completely different type of license than our element tiers.

The NPM SL100 license is based on elements. The NPM SL100 is a hard limit of nodes, interfaces, and volumes. You can modify the polling intervals, but you cannot exceed 100 nodes, interfaces, and volumes.

With an NPM SLX most customers can manage about 12,000 elements at default polling intervals today. Many customers modify polling intervals and can manage many more elements because we do not cap the number of elements.

Our development team made multiple performance improvements and increased the throughput a SLX license and APE can poll. Over the last 5 years we’ve increased the throughput so that at default polling intervals a customer could go from monitoring 8,000 elements to 10,000 and now to around 12,000 elements. While I can’t commit to increasing this again in the future, we have a consistent track record of doing so.

Why this often gets over simplified to “SLX == unlimited”. For the vast  majority of customers who purchase an SLX, the difference  doesn’t matter because they are happy with the default polling intervals and don’t have near enough elements to run in to the throughput restriction.

Installing  Stackable Poller  Orion NPM 12.x and above

In order to stack license there's no need to run installer anymore. It's enough to use License Manager on main server.

Please follow instructions from that page:

Activate stackable poller licenses - SolarWinds Worldwide, LLC. Help and Support

All you have to go to your license Manager and use the license key .

Steps#

Settings > All Settings > (Scroll Down) > License Manager > Top left side (Add / Upgrade license ) >

Add your APE license there .

For more details, please see the post below:

http://thwack.solarwinds.com/community/solarwinds-community/geek-speak_tht/blog/2013/06/19/not-so-stupid-poller-tricks

http://www.solarwinds.com/documentat...Guidelines.pdf

Activate stackable poller licenses - SolarWinds Worldwide, LLC. Help and Support

The out-of-the-box node details does not give much information, plus it's enormous.  In some cases, it takes up half of the screen.  Too much white space between the lines.  There are also fields which we generally don't need also - we can't organize it in a customizable way.  For example, the client does not normally need to see location, contact, sysObjectID.

The SQL script will let you customize the Node Details to display much more relevant information (CPULoad and number of CPUs, Memory percent and total memory, etc)

select'Status'as [c],concat('<img src="/Orion/images/StatusIcons/Small-',StatusLED,'"></>','<a href="/Orion/View.aspx?View=NodeDetails&NetObject=N:',cast(NodeID asvarchar),'">',StatusDescription,'</>')AS [v] from nodes where nodeid=${nodeid}

unionall(select'IP Address'as [c],concat('<a href="/Orion/View.aspx?View=NodeDetails&NetObject=N:',cast(NodeID asvarchar),'">',IP_Address,'</>')AS [v] from nodes where nodeid=${nodeid})

unionALL(select'Machine Type'as [c],concat('<img src="/NetPerfMon/Images/Vendors/',VendorIcon,'"></>','<a href="/Orion/View.aspx?View=NodeDetails&NetObject=N:',cast(NodeID asvarchar),'">',vendor,' - ',machinetype,'</>')AS [v] from nodes where nodeid=${nodeid})

unionALL(select'DNS'as [c],dns as [v] from nodes where nodeid=${nodeid})

unionALL(select'System Name'as [c],sysnameas [v] from nodes where nodeid=${nodeid})

unionALL(select'Last Boot'as [c],cast(lastboot asvarchar)as [v] from nodes where nodeid=${nodeid})

unionALL(select'Software Version'as [c], IOSversion as [v] from nodes where nodeid=${nodeid})

unionALL(select'Software Image'as [c], IOSImage as [v] from nodes where nodeid=${nodeid})

unionall(select'CPU'as [c],casewhen CPULoad < 0 then'N/A'else (selectcast(count(nodeid)asvarchar)  as [v] from CPUMultiLoad_Current where nodeid=c.nodeid)+'  ('+cast(CPULoad asvarchar)+'% Load)'endas [vv] from nodes c where c.nodeid=${nodeid}groupby c.nodeid, cpuload)

unionall(select'MEM'as [c],

casewhen PercentMemoryUsed <0 then'N/A'else

concat(casewhen TotalMemory/1024/1024/1024>1 thencast(round(TotalMemory/1024/1024/1024,2)asvarchar)+' GB'

when TotalMemory/1024/1024>1 thencast(round(TotalMemory/1024/1024,2)asvarchar)+' MB'

        when TotalMemory/1024>1 thencast(round(TotalMemory/1024,2)asvarchar)+' KB'

        elsecast(TotalMemory asvarchar)+' B'end,

' (',cast(PercentMemoryUsed asvarchar),'% Used)')endas [v] from nodes where nodeid=${nodeid})

unionall(SELECT'Hardware'as [c],(selectcasewhen vim.HostID isnullthen'Physical'else'Virtual'endas [v] FROM Nodes n leftouterjoin VIM_VirtualMachines vim on vim.IPAddress=n.IP_Address where n.nodeid=${nodeid}))

unionall

(

select'Polling'as [c]--, (select ObjectSubType from nodes where nodeid=${nodeid}) as [v]

,(select

casewhen n.ObjectSubType ='WMI'then'WMI: '+(Selectdistinct c.NamefromCredential c innerjoin NodeSettings ns on c.ID=ns.SettingValue innerjoin Nodes nn on ns.NodeID=n.NodeID where ns.SettingName ='WMICredential'  and ns.nodeid =n.nodeid)

when n.ObjectSubType ='SNMP'and n.Community=''then'SNMPv3: '+(SELECT c.NameFROM NodeSettings ns joinCredential c on c.ID=ns.SettingValue where ns.NodeID=n.nodeid and(ns.settingname like'%wmi%'or ns.settingname like'%snmp%'))

when n.ObjectSubType ='SNMP'then'SNMPv2: '+(casewhen n.Community notlike''then n.Community else'SNMPv3'end)collate SQL_Latin1_General_CP1_CI_AS

when n.ObjectSubType ='ICMP'then'ICMP'

when n.ObjectSubType ='Agent'then'Agent'

else'Unknown'endas [SNMP]

from nodes n

where nodeid=${nodeid}

)as [x]

)

unionall(SELECT'CP: Department'as [c],concat(n.department,'')  as [v] FROM Nodes n where n.nodeid=${nodeid})

Thank you,

Amit

-CSCOENGINEER

Loop1 Systems: SolarWinds Training and Professional Services

• LinkedIN: Loop1 Systems
• Facebook: Loop1 Systems
• Twitter: @Loop1Systems