Submit a ticketCall us
Home > Success Center > Log & Event Manager (LEM) > LEM - Knowledgebase Articles > Send to nDepth result: No Matching Results Found

Send to nDepth result: No Matching Results Found

Created by Craig O’ Neill, last modified by Abdul.Aziz on Nov 09, 2018

Views: 1,006 Votes: 0 Revisions: 7

Updated Nov 9th, 2018

Overview

Your LEM is perfectly fine and you see all the events you like to see in the Monitor tab + the built in filters or new filter you created for a particular events you are trying to track.

Ex: Local account authentication/changes displays alerts in monitor tab in LEM web console but returns the following message when sending to nDepth:

"No matching results found" 

Environment

All LEM versions

Cause 

  • This occurs when the search is broad, such as using a filter to Send to nDepth.
  • The event is filtered out from storing in DB using Event Distribution Policy feature

Resolution

Instead of using the All Alerts group for an nDepth search, SolarWinds recommends the following:

  1. Run an nDepth search for the last 10 minutes.
  2. Go to ToolAlias in Refine Fields.
  3. Double click on one of the tool aliases.
  4. Change the search criteria to Windows or something that will help you get the alias.
  5. Run a search for the last hour with those parameters.

 

If the above does not help, then refer to the Event name in Monitor tab where you saw this event and Configure the LEM event distribution policy to enable events related to this event name be stored in AlertDB as you may have this filtered out.

Last modified

Tags

Classifications

Public