Submit a ticketCall us

Have You Auto Renewed? If not, you're missing out.
The SolarWinds Renewal Program comes with a host of benefits including the most recent product updates, 24/7 technical support, virtual instructor-led training and more. Experience all of this with the convenience of Auto Renewal, and never worry about missing any of these great benefits. Learn More.

Home > Success Center > Log & Event Manager (LEM) > LEM Administrator's Guide > Open nDepth search

Open nDepth search

Updated: September 15, 2017

This topic briefly describes the nDepth view and documents how to open it in the LEM console.

Open nDepth search

To conduct custom searches in the LEM console, choose Explore > nDepth. Log in as an administrator or auditor to use nDepth.

 

By default, the nDepth search period includes the last 10 minutes. Specifically, the search period starts at the time you open nDepth, and stops 10 minutes prior.

The following illustration provides an overview of the nDepth view.

File:Success_Center/Reusable_content_-_InfoDev/LEM/Log_and_Event_Manager_Administrator's_Guide/LEM_Administrator's_Guide/1240-nDepth_view_in_the_LEM_console/lem_qsg_view_historical_data34_731x394.png

NumberItemDescription
1HistoryDisplays links to your recent nDepth search results.
2Saved SearchesDisplays links to your saved nDepth search results.
3List paneDisplays categorized lists of events, event groups, event variables, and additional options you can use to create conditions for your filters.
4Search barSearches all event data or the original log messages that pass through a LEM Manager. Drag the toggle switch to select Drag & Drop or Text Search mode.
5RespondDisplays a list of corrective actions you can execute when an event occurs, such as shutting down a workstation or blocking an IP address.
6ExploreDisplays several utilities you can use to research an event, including Whois, Traceroute, and NSlookup.
7TimeProvides a drop-down menu to select the time range for your search.
8PlayExecutes the selected search.
9Histogram

Displays the number of events or log messages reported within the selected search time range.

10Dashboard

Displays the search results in all available widgets. You can change this view by clicking a widget in the nDepth toolbar.

The File:Success_Center/Reusable_content_-_InfoDev/LEM/Log_and_Event_Manager_Administrator's_Guide/LEM_Administrator's_Guide/1240-nDepth_view_in_the_LEM_console/icon-alerts_14x14.png icon indicates you are exploring event data. The File:Success_Center/Reusable_content_-_InfoDev/LEM/Log_and_Event_Manager_Administrator's_Guide/LEM_Administrator's_Guide/1240-nDepth_view_in_the_LEM_console/icon-logmessage_14x14.png icon indicates you are exploring log messages.

11nDepth ToolbarOrganizes log data into categories to identify activity in your network. Click a selection to display the category below the histogram.

Open nDepth from another data source

You can open nDepth from an existing data source, such as an event field or another explorer (such as NSLookup, Whois, Traceroute, and Flow) to search for similar events and data.

  1. Select the data you want to explore using one of the following methods:
    • In the Monitor view event grid, select the event row or field you want to explore.
    • In the Event explorer’s Event Details pane, event map, or event grid, click the item or field you want to explore.
    • In an explorer, select the data source you want to explore.
  2. In the Explore menu on the Event grid, click nDepth.

    The nDepth screen appears, and the nDepth search box contains the event or event field you are exploring.

    When you initiate an nDepth search from Monitor view, nDepth automatically searches all hosts and sources for every instance of the selected event field that has occurred within a ten-minute period around the event that you are exploring. This way, you can identify similar events that occurred before and after the event you are exploring.

Last modified

Tags

Classifications

Public