Submit a ticketCall us

Have You Auto Renewed? If not, you're missing out.
The SolarWinds Renewal Program comes with a host of benefits including the most recent product updates, 24/7 technical support, virtual instructor-led training and more. Experience all of this with the convenience of Auto Renewal, and never worry about missing any of these great benefits. Learn More.

Home > Success Center > Log & Event Manager (LEM) > LEM Administrator's Guide > Use the explorer utilities in LEM to search or analyze nDepth query results

Use the explorer utilities in LEM to search or analyze nDepth query results

Updated: September 15, 2017

This topic describes how to open the explorer utilities in LEM. The explorer utilities are available from Monitor view, the Explore > nDepth view, and the Explore >Utilities view.

About the Explorer utilities

LEM includes the following Explorer utilities:

  • Event
  • nDepth
  • NSLookup
  • Whois
  • Traceroute
  • Flow

 

See Utilities view in the LEM console for documentation about each explorer. For the Flow utility, also see Collect and view NetFlow and sFlow data in LEM.

 

Use these explorers to investigate event details in your nDepth search results. For example, you can investigate a suspicious IP address with the NSLookup, Traceroute, or Whois explorers to better understand who the IP address is assigned to.

Open the explorer utilities from the nDepth view to investigate event details

  1. Run a search in nDepth. See Search normalized data using nDepth search in LEM or Search raw log messages using nDepth search in LEM for help.

  2. Select a results entry and then click the Explore menu to choose an explorer utility.

  3. Type the event details into the appropriate explorer field, and then click Search or Analyze (depending on the type of explorer you chose).

Open the explorer utilities from Monitor view or the Utilities view

You can manually explore an IP address, host name, or domain name by opening an explorer in Monitor view or the Utilities view.

  1. Open the LEM console. See Log in to the LEM web console or Log in to the LEM desktop console for steps.

  2. Choose Explore > Utilities, or choose Monitor.

  3. Click the Explore menu in the top-right corner to choose an explorer utility.

  4. Type the event details into the appropriate explorer field, and then click Search or Analyze (depending on the type of explorer you chose).

Last modified

Tags

Classifications

Public