Submit a ticketCall us

AnnouncementsCome see SolarWinds at VMUG Frankfurt

SolarWinds is delighted to attend the upcoming VMUG which will take place at Kap Europa in Frankfurt on June 19th, 2018.

See event details.

Home > Success Center > Log & Event Manager (LEM) > LEM Administrator's Guide > Open nDepth search

Open nDepth search

Updated: September 15, 2017

This topic briefly describes the nDepth view and documents how to open it in the LEM console.

Open nDepth search

To conduct custom searches in the LEM console, choose Explore > nDepth. Log in as an administrator or auditor to use nDepth.

 

By default, the nDepth search period includes the last 10 minutes. Specifically, the search period starts at the time you open nDepth, and stops 10 minutes prior.

The following illustration provides an overview of the nDepth view.

Number Item Description
1 History Displays links to your recent nDepth search results.
2 Saved Searches Displays links to your saved nDepth search results.
3 List pane Displays categorized lists of events, event groups, event variables, and additional options you can use to create conditions for your filters.
4 Search bar Searches all event data or the original log messages that pass through a LEM Manager. Drag the toggle switch to select Drag & Drop or Text Search mode.
5 Respond Displays a list of corrective actions you can execute when an event occurs, such as shutting down a workstation or blocking an IP address.
6 Explore Displays several utilities you can use to research an event, including Whois, Traceroute, and NSlookup.
7 Time Provides a drop-down menu to select the time range for your search.
8 Play Executes the selected search.
9 Histogram

Displays the number of events or log messages reported within the selected search time range.

10 Dashboard

Displays the search results in all available widgets. You can change this view by clicking a widget in the nDepth toolbar.

The icon indicates you are exploring event data. The icon indicates you are exploring log messages.

11 nDepth Toolbar Organizes log data into categories to identify activity in your network. Click a selection to display the category below the histogram.

Open nDepth from another data source

You can open nDepth from an existing data source, such as an event field or another explorer (such as NSLookup, Whois, Traceroute, and Flow) to search for similar events and data.

  1. Select the data you want to explore using one of the following methods:
    • In the Monitor view event grid, select the event row or field you want to explore.
    • In the Event explorer’s Event Details pane, event map, or event grid, click the item or field you want to explore.
    • In an explorer, select the data source you want to explore.
  2. In the Explore menu on the Event grid, click nDepth.

    The nDepth screen appears, and the nDepth search box contains the event or event field you are exploring.

    When you initiate an nDepth search from Monitor view, nDepth automatically searches all hosts and sources for every instance of the selected event field that has occurred within a ten-minute period around the event that you are exploring. This way, you can identify similar events that occurred before and after the event you are exploring.

Last modified

Tags

Classifications

Public