Submit a ticketCall us

Bridging the ITSM Divide
Integrated help desk and remote support software for faster resolution

Join us on Wednesday, November 29, 2017 at 11 a.m. CT, as we discuss the benefits of effectively integrating your help desk software with remote support solutions to help increase the efficiency of IT administration, improve communication, and decrease mean time to resolution (MTTR) for IT issues of all sizes. This directly impacts end-user satisfaction and your business’ bottom line. Register Now.

Home > Success Center > Log & Event Manager (LEM) > LEM Administrator's Guide > About LEM nDepth search

About LEM nDepth search

Updated: September 15, 2017

The nDepth search engine can locate any event data that passes through a particular LEM Manager instance. You can use nDepth to conduct custom searches, investigate your search results with a graphical tools, investigate event data in other explorers, and take action on your findings.

Click the video File:Success_Center/Reusable_content_-_InfoDev/LEM/Log_and_Event_Manager_Administrator's_Guide/LEM_Administrator's_Guide/1330-Troubleshoot_alerts_in_the_LEM_console/button_videocamera_18x12.png icon to learn how to use nDepth in LEM.

nDepth visual tools

nDepth summarizes and displays search results with several different visual tools that can also be combined into a customizable dashboard. The tools are intuitive and interactive—you can point and click to refine your searches. Each graphical tool provides an alternative view of the same data, so you can examine your data from several perspectives. You can also view and explore a text-based view of the actual data.

nDepth employs drag-and-drop tools that let you configure simple or even complex search criteria. You can use these tools to dig deeper into your findings by adding search conditions, or by appending text to existing search strings. nDepth also includes a tool called Search Builder that lets you configure complex search criteria using the same sort of drag-and-drop interface found in Filter Creation.

nDepth primary uses

Use nDepth to do the following:

  • Search normalized event data.

    If the nDepth log retention option is enabled, nDepth search can also search raw (non-normalized) log messages that are stored separately. See Configure LEM to store original log messages (nDepth log retention) to learn more about nDepth log retention.

  • View, explore, and search significant event activity. nDepth summarizes event activity with simple visual tools that you can use to easily select and investigate areas of interest.

  • Use existing filter criteria from the Monitor view to create similar searches.

  • Conduct custom searches. You can also create complex searches with the Search Builder, which is a tool that behaves just like the Filter Builder. You can also save any search, and then reuse it at any time by clicking it.

  • Save and reuse custom searches.

  • Schedule saved searches.

  • Create your own custom widgets for the nDepth Dashboard.

  • Export your findings to a printable report in PDF format, or your search results to a spreadsheet file in CSV format.

  • Use the Explore menu to investigate nDepth search results with other explorers.

  • Use the Respond menu to take action on any of your findings.

  • Export your findings to a report in PDF format.

Events and Log Messages

If the nDepth log retention option is enabled, LEM uses two data stores: the first data store is for normalized event data, and the second data store is for original (raw) event data. Use the following nDepth modes if nDepth log retention is enabled:

  • Events mode. nDepth summarizes and explores your normalized event data. Normalized data appears in Monitor view and is stored in the LEM database.

  • Log Messages mode. nDepth summarizes and explores raw log messages received from the original event logs. Use this mode if you have specific data analysis needs and understand how to interpret raw log messages generated by network devices and tools.

Data storage is limited. If you have not configured a CMC option for archiving data, LEM will delete the oldest data to make room for new data.

Common data fields in nDepth search

See Common data field categories in LEM nDepth search

Last modified