New! v.1.01 Advansed Syslog search, Syslog Parser like Cisco Works, Advanced Syslog Summary and Syslog Counts
http://thwack.com/files/folders/orion_custom_views__orion_nodeinterface_views/entry30734.aspx
Comments?
Gob
Looks good from the screen shot but I'm not sure where to place the files or where to put the block of code that you mention in the TXT I don't have an Orion foler off the Solarwinds Inetpub folder, do I have to creat the folder and legacy file?
Thanks
Jon
Gob:Comments?
This is great work Gob! I really like it. It is a bit rough around the edges, but it is something that I am able to take and get working easily.
jonchill:Looks good from the screen shot but I'm not sure where to place the files or where to put the block of code that you mention in the TXT I don't have an Orion foler off the Solarwinds Inetpub folder, do I have to creat the folder and legacy file?
Gob:NO! You must find Your Oion website folder!
NO! You must find Your Oion website folder!
I think it might help if you specify which version(s) this works with. I don't think the Orion folder appeared until lately (8.5 I think?). These resources work for me running Orion 8.5.1.
SamuelB:I think it might help if you specify which version(s) this works with. I don't think the Orion folder appeared until lately (8.5 I think?). These resources work for me running Orion 8.5.1.
I'm currently running 8.1 will it work with my version and if so how can I get it to work?
I have installed it and got great feedback from my (webconsole) users.Thanks for the effort!!Greetings,
This looks great, but I do get an error
SQL Open Error: Invalid column name 'access'.
I get this when I click on the 'who' link
Malvado:SQL Open Error: Invalid column name 'access'.
That worked... :)
That works a treat in v8.1.
Nice!I like it - a few minor issues I seem to be having - The syslog search resource doesnt seem to work - I just get a blank IE page appear with no content at all - not even an error msg. I get the same when I try to use either the "msg" or "summ" links in Advanced Syslog Parser and also if I try to change the Time Period to minute/hour/day etc.But the links to the servernames and the syslog message (where it displays as a number) works, as does the Advanced Syslog summary.Any ideas?Thanks for creating a great resource btw - very useful already!
BTW I'm running this on v8.5.1 SP2
Hi.Have You Header in syslog_search_action.asp (Syslog search results for "traceback" pattern.)Try to run it directly with your message pattern. Have You syslog messages with this pattern in selected period?http://my_solarwinds_server/NetPerfMon/syslog_search_action.asp?Time=day&message=*snmp*traceback*Have You error 404 (The page cannot be found)?>Try to view C:\Inetpub\SolarWinds\OrionWeb.logHave You any error with my files? Access error? Not found error?!!!! Have You table ACCESS in your NODES tables?
If You do not have ACCESS table You must remove "nodes.access" from any of my files!Nodes.acces is an undocument feature :)Try run sql query directly in ReportWriter or MS SQL Management Studio.
This source sql query from syslog_search_action.aspSELECT SysLog.IP, Nodes.Caption, Nodes.NodeID,nodes.access, SysLog.MessageType,syslogseverity, COUNT(*) AS totalFROM SysLog inner JOIN Nodes on SysLog.IP=nodes.ip_address --Add here your message pattern---------------WHERE syslog.message like '%protocol%' --Add here your period (minute,hour,day,week,month)---------------and (SysLog.DateTime >dateadd(hour,-1,getdate()))
GROUP BY SysLog.IP, Nodes.Caption, Nodes.NodeID,nodes.access, SysLog.MessageType,SysLog.syslogseverity order by total desc This source from syslog_by_msg.asp
SELECT MessageType,syslogseverity, Count(*) As Total ,caption , (select nodes.nodeID from nodes where nodes.ip_address='10.10.10.10') as NodeID FROM SysLog left join nodes on (syslog.ip=nodes.ip_address)Where (SysLog.DateTime >dateadd(day,-1,getdate())) And (SysLog.IP='10.10.10.10') AND(SysLog.Acknowledged=0) GROUP BY MessageType,syslogseverity,caption Order By syslogseverity
This source sql query from syslog_parser_simple.asp
select caption,NodeID,IP, syslogseverity, cnt = count(*) from syslog left join nodes on (nodes.ip_address=syslog.ip) where ip='10.10.10.10' and (SysLog.DateTime >(DateAdd(>hour,-1, GetDate())) ) group by caption,NodeID,IP, syslogseverity order by syslogseverity desc
Any results?
Do i have to restart the Solarwinds Website after making these chances to see the outcome.. and it would all be visible under the syslog tab right..
kulastone:Do i have to restart the Solarwinds Website after making these chances to see the outcome.. and it would all be visible under the syslog tab right..
No. No. :)
You do not need to restart Website, You just add a new resourses. See page 112 on OrionAdministratorGuide.pdf.
Point 5. If you want to add a resource, repeat the following steps for each resource that you want to add:
Like i mentioned before our network pro's are enthusiastic about this feature.They asked me if something similar is possible available with Traps (The parser).Any suggestion for me in terms of already discussed or available.Thanks in advance for info.Gerjan
Mars:They asked me if something similar is possible available with Traps (The parser).
Advanced syslog parser v.1.01 Small bugfix, added custom period for each resource, added SyslogMessagesRate chart. http://thwack.com/files/folders/orion_custom_views__orion_nodeinterface_views/entry30734.aspx