I setup a custom FIM monitor to look at the C:\ directory (non-recursive) and I have the mask set to Test.txt. I have a Test.txt file located at C:\ that I am using for testing. When I make modifications LEM-FIM certainly picks it up; however, I keep seeing references to C:\New Text Document.txt, what is this referencing?
New Text Document.txt?
Granular Node Management Rights.
There needs to be a simple way to assign users specific node management rights. For example, i have a group of users that i only want to be able to unmanage nodes, nothing more. There may be sophisticated ways of achieving this but it would be nice to have it built into the "Manage Accounts" section.
Thanks for considering this.
Alert Central Upgrade Info
Hello! You're probably here because Alert Central told you there's a newer version available. This document will let you know what's new, where to download, and how to upgrade.
The current version of Alert Central is: 1.1.5, released on April 15, 2014.
The previous 1.1 versions of Alert Central are:
- 1.1.4, released on March 13, 2014
- 1.1.3, released on January 28, 2014
- 1.1.2, released on January 7, 2014
- 1.1.1, released on December 10, 2013
- What's New in Alert Central Version 1.1.5?
- What's New in Alert Central Version 1.1.4?
- What's New in Alert Central Version 1.1.3?
- What's New in Alert Central Version 1.1.2?
- What's New in Alert Central Version 1.1.1?
- Where are the Release Notes?
- Any Caveats or Issues I Should be Aware of?
- Uh, I JUST Upgraded to the Latest - Why Am I Getting This?
- Where Can I Download the Upgrade?
- How Do I Upgrade?
- How Do I Enable Automatic Upgrades?
- HELP, I Need Help! Who/Where Do I Go?
- I'm Sad: I Came Here Looking for Something I Didn't Find.
What's New in Alert Central Version 1.1.5?
Alert Central v1.1.5 is a smaller release that includes ongoing feature development and (as always) fixes. Included:
- Addition of the "Subscribe" feature to the UI - subscribe yourself or another user to receive updates to an alert as they occur. Subscribed users can unsubscribe themselves from alerts after being subscribed (both from the UI and command line).
- A potentially significant fix to Exchange Web Services that might be related to the many Thwack threads on the subject (including: Single email is generating two alerts, , , , and ).
- Resolution of a reported issue where a single email was generating two alerts (Single email is generating two alerts).
- Addition of a 'remember' feature when your session times out, so you're returned to the same page you were on when you got logged out, rather than the main alerts screen; and resolution of another discovered session timeout issue.
- Cleanup of another location where bare HTML code was being displayed in an alert instead of the text contents.
- Resolution of 'send confirmation on reply' being enabled by default after upgrade unexpectedly (for people upgrading from earlier versions).
- Resolution of an issue with alert summaries being cut off when sent via SMS templates.
- Fix for the reported issue where the inline alert source edit/test button not working as it used to ( ).
- Update to address the on call notification not showing the right timezone if "My Timezone" is selected in the on call calendar. (Note: we're aware of a lot of weirdness with "My Timezone" vs. "System Timezone" when configuring and viewing On Call, but we're looking into the best ways to address these.)
- Fix for a user showing validated but not actually being validated if their notification type changes in their user profile.
What's New in Alert Central Version 1.1.4?
Alert Central v1.1.4 includes a great blend of handy new features and fixes.
- A huge improvement to the recurring calendar creation - we heard you (thanks to those who participated in our On Call discussions a while back) and made some significant changes. There will be more to come in on call scheduling downstream.
- We also fixed a few issues related to the on call dialog that have been reported here.
- Preservation of clickable links from original emails/alerts, so that when an alert comes in with links back to monitoring systems or hosts, you can click directly on them - Retain embedded links from alert sources in SWAC alert
- The first part of a new subscription/CC option that will allow a secondary user (other than the assignee) to monitor progress on alerts - for now, you can add subscribers and remove yourself as a subscriber from emails if interested, and we're wiring up the UI for our next release. CC another group or user - FAQ great idea (just one part, more to come!)
- A new option to include the original email/alert with your outbound alert notifications (to make it easier to get back to your original alert, in case some details aren't sent along). Escalation Option to Include Original Email
- A new option to reply with confirmation of actions, to know that your acknowledgement (et al) was received and acted on. Affirmative response on email actions
- Resolution to issues related to capturing more than one line of text ( )
- Resolution to issues with extra spaces ( )
- Resolution to issues regarding SMS replies not working correctly (splitting alerts, not being processed - several thwack threads)
What's New in Alert Central Version 1.1.3?
Alert Central v1.1.3 was released primarily to address issues with Office 365 connectivity, but also includes a few additional items. This release addresses:
- Addition of the ability to automatically upgrade Alert Central, so you don't have to manually upgrade each cycle - for instructions, scroll down
- Issues connecting Alert Central to Office 365 (addresses Alert Central using Office 365, may address Exchange EWS Error - in the case of Office 365, possibly other Thwack posts)
- A couple of inconsistencies with alerts received from Orion - emails not sent after alert reactivation, incorrect history items related to Orion alerts (no reports on Thwack, but you might have noticed)
- Incorrect/confusing history item when someone refuses/declines an alert (not reported on Thwack, but you may have noticed)
What's New in Alert Central Version 1.1.2?
Several customers on Thwack reported issues with processing alert emails with 1.1.1, which prompted us to release a quick turnaround fix in Alert Central version 1.1.2. This release addresses:
- Emails are not processed in v1.1.1 without proper well-formatted return_path in message header, which turned out to not always be the case. Likely the cause of: After update to 1.1.1.591, AC does not react to Close e-mail. (and possibly other Thwack threads related to replies not processing after 1.1.1 update).
What's New in Alert Central Version 1.1.1?
Alert Central v1.1.1 is primarily a cleanup release, with minor updates and resolutions to issues found here on thwack and internal testing.
- Support for deploying Alert Central to Windows Server 2012 R2 Hyper-V
- Updated Alert Central OS and underlying software
- Making sure blue screen (with product support key and other information) shows up on virtual appliance after upgrade.
- Active Directory loading indicator might show in "Add Users" even after users/groups are loaded.
- On Call calendar gets updated incorrectly when calendars or groups are deleted/recreated (Reported here: )
- SMS messages contained the bare text $noteUser.getName()... doh. (Reported here: $noteUser.getName() in SMS message)
- Active Directory group renames were not carried forward to Alert Central (Reported here: )
- Selecting certain dates/ranges in the on call calendar show a neverending "Loading..." indicator
- Selecting the same from/to time in On Call calendars (produced an ugly error, now better validated).
- Unexpected occurrences of On Call events giving error "No actual scheduled occurrences are possible with this configuration."
- Not possible to clear location field after entering a location.
- Reassigning an alert to a nonexistent user with plaintext emails sent an email including the text "${BAD_USER}" instead of the actual text.
- Adding an email address twice to the escalation policy required two manual validation steps instead of one.
Timestamp formats from Orion to Alert Central caused alerts to appear with incorrect timestamps (Reported here:
)- Gmail email addresses somehow automatically validated if validation email was sent twice.
- Issues with checkbox states when selecting a set of alerts and attempting to perform an action on them (e.g. close a set of acknowledged alerts). (Reported here: )
- Email alert routing rules showed "Orion Alert Message" "Orion Object Name" and "Orion Severity" instead of "Captured Summary" "Captured Object" and "Captured Severity"
- Alerts grid sometimes changes position (scrolls down) after auto-refresh.
- If an alert is closed by Alert Central due to escalation policy, history text doesn't indicate it clearly.
- Reassigning an alert to a group may not be reflected clearly in history text.
- If delivery of a notification fails, a useless note may be added to history text ("text for the alert").
- HTML from original email displayed as source instead of empty text if description is empty.
- Using "Test Connectivity" and "Cancel" didn't actually cancel changes.
- Updated error messages for EWS connectivity.
- Forwarded emails may be discarded rather than creating alerts.
- Nested multipart messages may be discarded rather than creating alerts.
For full gory (or glorious) details, check out the Release Notes.
Where are the Release Notes?
I'm glad you asked. Here's a link to the release notes, which contain more information about what items were fixed or new, links to historical notes for older versions, and additional info on caveats.
Any Caveats or Issues I Should be Aware of?
- We've discovered that the Incoming/Outgoing Port values in the email server settings appear to reset to default values if you changed them to other values. We're looking into the fix.
Uh, I JUST Upgraded to the Latest - Why Am I Getting This?
Did you upgrade from the beta of v1.1.0 by chance? There's an issue where it'll pop up the notification, due to cached data. Just dismiss the warning and it'll fix itself.
Where Can I Download the Upgrade?
You can download the upgrade directly from right here. Easy!
If you need to deploy a new appliance, click here for the VMware download and herefor the Hyper-V download.
NOTE: As of Alert Central v1.1.2, the download links are the same for all versions. The contained installers/files will reflect the version after download.
How Do I Upgrade?
There's an upgrade guide included in the download that has way more detail, but here's the basics (shamelessly borrowed from the Alert Central Frequently Asked Questions):
- Mount the upgrade ISO to the virtual appliance in your virtualization management software
- Navigate to the virtual appliance management interface for your appliance (https://virtual-appliance-ip-or-hostname:5480 with admin/admin).
- Click on "Update", scan for an update, then install it.
How Do I Enable Automatic Upgrades?
If you're running Alert Central v1.1.3 or later, you can have the virtual appliance not only perform the nightly check, but automatically install the upgrade. We've provided the default settings on upgrade, but it is not enabled by default. To enable:
- Navigate to the virtual appliance management interface for your appliance (https://virtual-appliance-ip-or-hostname:5480 with admin/admin)
- Click on "Update" then "Settings"
- Under "Update Settings", select "Automatically check and install updates" and specify the time in "Schedule a frequency for the updates" (e.g. every night at 4am)
- Save your changes.
When you allow automatic upgrades they will be downloaded and installed on the schedule you provide. You'll be notified in the Alert Central console that an update was installed, with a link to these upgrade notes.
HELP, I Need Help! Who/Where Do I Go?
Don't panic, get your towel, we can help! Simply go to the Alert Central forum and post your question. One of our development, QA, or product management team members will help.
Be sure to check out our office hours schedule, too, for a chance to get help in real time!
I'm Sad: I Came Here Looking for Something I Didn't Find.
Don't see something you think should be in the release notes or on this page that would help you when you're upgrading? Just let us know - comment on this document, message me directly (nicole pauls), or post in our thwack forum (Alert Central). Alert Central is powered by your feedback!
"reverse connection" via the command line
Hi!
Tell me please, support server "reverse connection" via the command line.
Thank you.
ANNOUNCING GENERAL AVAILABILITY OF NPM 10.7
It is our pleasure to announce that NPM 10.7 is now generally available!
As referenced below, many of these features were directly submitted and voted up by the community. Thanks for all of your ideas and lively discussion on how we can create a great product!
Let’s review some highlights:
Core
- Dynamic baselining and thresholds for node metrics - http://thwack.solarwinds.com/ideas/1678 / http://thwack.solarwinds.com/ideas/1623
- New and improved topology mapping algorithm
- Display link utilization on Network Atlas maps - http://thwack.solarwinds.com/ideas/1317
- Web-based report scheduler – with additional actions such as “Save to Disk”
- Rotating NOC-views
- Custom Tables and Charts from web-based reports are available in views
- SNMP status-polling. ICMP reachability is no longer required - http://thwack.solarwinds.com/ideas/2868
- Last, but not least: “Drag & Drop” of resources and dynamic column resizing
NPM
- Creation of “native” CPU and memory pollers for presently unsupported devices
- Support for most Motorola and Ruckus wireless APs and WLCs http://thwack.solarwinds.com/ideas/1201
- Polling and display of VLAN information
- Routing protocol support now includes OSPFv3 and EIGRP
- VRFs are now supported as well
- Dynamic baselining and thresholds for interface details - http://thwack.solarwinds.com/ideas/1678
10.7 is available now in your customer portal.
Release notes may be found here.
How Does Mean Opinion Score Measure VoIP Performance?
Users describe call experience as ‘good’ ‘ok’ ‘poor’ ‘bad’ ‘terrible’. And call experience is defined by the elements of voice quality and the network factors that affect them. Elements of voice quality are loudness, distortion, noise, fading and cross talk whereas network factors that affect them are latency, jitter, packet loss, voice activity detection, echo and echo canceller performance.
How do these factors affect voice quality?
- Latency: is the delay or the time it takes for the speech to get from one designated point to another. Very long latency results in delay of hearing the speaker at the other end.
- Jitter: is the variance of inter-packet delay. When multiple packets are sent consecutively from source to destination and if there are delays in the network like queuing or arriving through alternate routes, the arrival delay between packets is the jitter value. For delay-sensitive applications like VoIP a jitter value of 0 is ideal.
- Packet loss: occurs when data packets are discarded at a given moment when a device is overloaded and unable to accept incoming data. You need to keep packet loss to the lowest value possible. For VoIP, packet loss causes parts of the conversation to be lost.
- Voice Activity Detection: is used in VoIP to reduce bandwidth consumption. When this technology is used, the beginnings and ends of words tend to be clipped off, especially the "T" and "S" sounds at the end of a word.
- Echo: is the sound of the speaker's voice returning to and being heard by the speaker. Echo is a problem of long round-trip delay. The longer the round-trip delay, the more difficult it is for the speaker to ignore the echo.
- Echo Canceller Performance: The echo canceller remembers the waveform sent out and, for a certain period of time, looks for a returning waveform that it can correlate to the original signal. How well the echo is cancelled depends on the quality of the echo canceller. If the return signal (echo) arrives too late, the echo canceller won't be able to correlate and cancel it properly.
- CODEC: stands for coder-decoder, converts an audio signal into digital form for transmission and then back into an audio signal for replay. CODECs also compress the packet to gain maximum efficiency from the network. How well the CODEC converts speech to digital packets and back again affects voice quality. Choosing the right codec for the network depends on the required sound quality, available network bandwidth and so on. Some networks use more than one codec but this again may impact call quality.
The index to measure the call quality using network data is called the Mean Opinion Score (MOS).
Mean Opinion Score (MOS)
MOS is a benchmark used to determine the quality of sound produced by specific codecs and the opinion scores are averaged to provide the mean for each codec sample. It is always preferable to have a MOS score of 4 or 5 for your VoIP calls. When the MOS decreases to 3.5 or below, users find the voice quality to be unacceptable. It is used to assess the performance of codecs that compress the audio.
Measuring VoIP performance using MOS
Test Infrastructure Readiness for VoIP Traffic
When implementing VoIP, it is a good practice to test the network for its readiness to carry voice traffic. But how can you accomplish this without spending CAPEX on VoIP infrastructure? Cisco devices use IP SLA to generate synthetic VoIP traffic and collects data to measure metrics like latency, jitter, packet loss and MOS. The MOS score is an indication of what voice quality to expect. You can start by troubleshooting network devices in the route of VoIP calls and those with an MOS score lower than 3. However, configuring IP SLA operations requires good knowledge of CLI (Command Line Interface).
Troubleshoot Poor VoIP Performance In the Network
Manually troubleshooting VoIP issues involves collecting performance metrics like jitter, latency, packet loss, etc., from various nodes in the network such as switches, routers or call managers. But this does not provide a standard to compare and understand the VoIP call quality in the network. MOS acts as a standard for measuring call quality. For a network experiencing poor VoIP performance, you can pin point the root cause depending on the MOS scores measured for a specific codec or at a particular time or for a particular department, location.
In summary, MOS scores are good indicators for troubleshooting VoIP performance issues in the network. Tools like SolarWinds VoIP and Network Quality Manager (VNQM) lets you enable IP SLA operations on your devices without knowledge of CLI commands, as well as helps avoid time consuming manual configurations on multiple devices.
SolarWinds VNQM also provides automated reports with locations and MOS scores, comparison of MOS scores per codec for each call, comparison of call performance metrics between departments or call managers and notification via email in case of bad calls.
Reduce time needed to evaluate network readiness and troubleshoot VoIP performance issues from hours to minutes!
Learn More:
What we are working on with Engineer's Toolset v11.0
With the release of ETS version 11.0 getting closer, here is a small summary of what our team has done in a past couple of months.
Thanks to your votes in the surveys and a number of interviews, we’ve identified following real-time tools as the best fit in our new Engineer’s Toolset on a Web, which will be delivered with the normal Engineer’s Toolset installation:
Response Time Monitor
Interface Monitor
CPU Monitor
Memory Monitor
Trace Route
All of these tools will be accessible from the Web console - Toolset Tab:
But also integrated as a drop-down menus built into the most used resources:
Below you can see that tools are suggested per their relevance to a resource from which they are called, e.g. you will not be bothered by an option to monitor a CPU on an interface… In a future, with more tools on a web, this will make calling them much easier and faster.
With moving tools to the web, Admin will be required to set level of access to these tools for each user. For the sake of simplicity, it will be the same place where you will be able to manage assignment of your seats to users. The number of seats will be defined by your license and you will be required to assign them to users before they can start using the Toolset on Web (by default, Admin will be given the first seat…).
All Monitor tools will share also another feature: ability to monitor also Orion-non-managed node. This should be helpful if ran out of licenses on your Orion but in a need of troubleshooting of another device. Imagine you have just added a new device to your HSRP pair, but can see this HSRP flapping - issue which could be caused by high CPU utilization. To move forward with your root cause analysis, you can compare CPUs of both devices in this pair to catch any anomalies.
Other times you can be about to monitor interfaces on Orion managed device and want to compare with un-managed interfaces – just click Add Unmanaged Device, fill in the credentials and start discovery… After selecting the interfaces you are interested in you can continue to a next page – chart or a table view.
Speaking of charts – available for CPU, Memory, Interface and Response time Monitor, with up to 12 optional metrics which can be rendered on a chart, with thresholds off, like on the picture above, or turned on like below:
Naturally - Metrics, Thresholds, Polling intervals – all editable in the settings page for each tool… This may come handy when, for example, troubleshooting increasing errors on interfaces, but unable to get required granularity of the data with only 1 min polling intervals in NPM. So you go to your Toolset, start the Interface monitor, set the polling intervals to 15 sec ( minimum is 5) and can see how the errors correlate with the utilization - in the real time.
Since there may be customers, buying Toolset and not having other Orion-based products, we’ve decided to provide different installation packages (including/excluding Orion core and SQL…).
If installing the “Orion included” package on a fresh new server (so far no other Orion based product has been installed on this machine), you will get the basic Orion core/resources, also with the ability to monitor 50 interfaces/volumes/nodes. If decided to install on an existing Orion server, your 50 nodes will be added to the limit you have already (so if having NPM license for 100 nodes and will purchase ETS, you will have 150 manageable nodes together…)
Last but not least, Engineer's Toolset on Web will be accessible from your mobile device too :
Nexus 7k/5k/2k hardware monitor support
Hey all,
I am about to open a ticket but would also like to hear what the community has to say about it. I found a few similar discussions here but they are a few years old and would like to revisit this topic. The hardware monitor is not picking up several components on our Nexus 7K/5K/2Ks. Hardware Health only shows temperature readings but not the power supplies and fans status, which are present on all of our other Cisco switches. I know we can pull the data using UnDP which would require a bit of MIB research but I imagine this would be a supported feature on the native hardware monitor. Any comments/suggestions are greatly appreciated. Thanks.
Our specs -- NPM 10.5, Nexus 7010 NX-OS v6.1(4), Nexus 5020 NX-OS v5.0(3)N2(1)
Continuous Alerting Based on State
I would like the ability to continue to generate alerts (such as email) so long as something exists in a specific state.
An example...
- When I receive a log indicating a service has gone down I set a State Variable called Service Status to "Service Down"
- Another Alert is configured to send an email when Service Status is equal to "Service Down"
- Every 30 minutes the Service Status variable is re-evaluated and if it's still equal to "Service Down" then another email is sent.
This would give me the ability to take logs which are generally regarded as stateless events and turn them into something stateful and continue to alert so long as the state is undesirable.
When you enable SSH on the LEM, please tell me what port its on...
When you enable SSH on the LEM, it doesn't tell you what port SSH is on. You would assume 22, but this is a security device... so it isn't. A simple message like:
SSH is now enabled and using port #####
I realize its in the manual, somewhere, but a simple message on the console would have saved me time and frustration when something is not set to the default. I just thought it wasn't working.
Use Domain\Username instead FQDN\username for AD Auth in LEM
I'll be helpful to modify the way to log in in LEM thru Active Directoy. I must write FQDN\username instead Domain\Username after I have activated the connector Directory Service Query Tool. I know is a small change but why have to be different compared to standart AD login modules?.
secure syslog
The ability to use secure syslog. My cisco ASA uses port 1470 (of course I can change this to any port above 1000) but the RFC states the use of port 6514. The LEM should be the same but currently cannot. Allow a range of ports for secure syslog on TCP.
Unable to use port 514 for secure syslog only on cisco asa. Can for switches. FYI
FILE SHARING EMAIL FIELD AUTOPOPULATED FOR LDAP USERS
We are using Serv-u and use LDAP for authentication. Now with the new file sharing option when users goes to send files they have to enter their email twice because the field isn't populated via the email field found in LDAP even if it's configured under the LDAP Server, same thing for the name which is equal to the login name instead of the full name.
So autopopulation of EMAIL and NAME field for the file sharing when using LDAP authentication is a must I think and all the information is there so I'm sure it's not a big deal.
Time Tracking Forensics
I think it would be cool to take the data that LEM collects and provide a historic visualization of where somebody (User Account, IP, and/or System) was over a time series. This would provide a forensic path that a potential intruder took during a breach.
I got this idea when reading another article regarding features of a different product HERE. I think LEM already has the data necessary to provide this information, its just a matter of taking that data and applying a visualization to make the data useful in a real-world use case.
Below I included a quick throw together of what I picture when I think about it. It would also allow you to click on any of the destinations and would then take you to a screen showing you all of the activity associated with both the source and destination at that time. I would love to hear any feedback people might have on this idea.
Of course such a feature would need a cool geeky name like Time Tracking, Time Trace, Chrono Path, etc.
P.S. If something like this already exists please let me know... and then ignore this request.
Ability to use other community names for snmp
The Ability to use any community name other then public.
For security reasons plus everyone knows public is the default for snmp.
Automatic de-duplication of identical alerts
Similar to the request for a giant "pause" button (see: Pause button for outbound alerts), it would be useful if Alert Central could consolidate identical alerts. If there's a constant interface problem, routes flapping, or other up/down/up/down scenarios, de-duplicating alerts would be helpful.
If anyone has thoughts on HOW you'd like to see them de-duplicated, or what kind of configuration you'd expect to see here, that'd be awesome to know.
What is the overhead (CPU, Memory and disk space) to run the LEM agent on a sharepoint 2013 running on Windows server 2012?
Will the agent cache logs?
Is there a chart I can review?
Our Sharepoint servers are running a bit hot right now and we need to know the overhead.
Any information I can get from tech articles or from folks that have real time experience with this environment and LEM would be great.
Can I also install the agent on a different drive then C?
snmp v3 full feature support
enable support of snmp v3 w/ hash of sha / encryption of aes. Also the ability to use any community string I want.
Currently snmp v1 & 2 can only use the public community string. This is a problem for all companies worried about security.
I noticed snmp v3 request for lots of other solarwinds products but not the LEM yet. I really would like it in this product. With it more companies will buy it.
3000 points is nice but I'll put a SW badge on my site just for the cool factor
New JRE7u55 (Upgrade) packages
Anyone else having a problem with the new JRE7u55 (Upgrade) packages? They came down from Solar Winds yesterday and I went to test them on my VMs today. I approved the packages to my test group and on both my XP VM and Win7 VM the updates showed up, I installed them successfully but they are still being advertised as needed. Even rebooted both and rescanned and they still showed as needed but I can see it is installed on both and tested it on Oracle's site.
If I try to install it a second time the package fails since it is already installed. Possibly a mistake in the detection logic for the package? I haven't analyzed the package yet to see if there is a problem.
I've upgraded both of these VMs to JRE7u51 using the Patch Manager packages in the past without any issues. But 7u55 is not cooperating.
Think I found the problem in the package. The package is looking for java.dll v7.0.550.14 but the java.dll in the JRE7u55 I'm downloading from Oracle is v7.0.550.13. I just downloaded them again from Oracle to make sure and they were still v7.0.550.13. I modified my packages to look for v7.0.550.13, republished and then ran update scans from my XP and Win7 VMs and the needed update disappeared. Now I'm a happy camper! :-)