Submit a ticketCall us

Get a crash course on Network Monitoring delivered right to your inbox
This free 7-day email course provides a primer to the philosophy, theory, and fundamental concepts involved in IT monitoring. Lessons will explain not only how to perform various monitoring tasks, but why and when you should use them. Sign up now.

Home > Success Center > Log & Event Manager (LEM) > SolarWinds LEM 6.3 User Guide > Explore view in the LEM console > nDepth search engine

nDepth search engine

nDepth is a search engine that locates all event data or the original log messages that pass through a particular manager. The log data is stored in real time as it occurs from each host (network device) and source (application or tool) that is monitored by the manager. You can use nDepth to conduct custom searches, investigate your search results with a graphical tools, investigate event data in other explorers, and take action on your findings.

Click the video File:Success_Center/Reusable_content_-_InfoDev/LEMUserGuide_MT/060/010/Button_videoCamera_18x12.png icon to view a tutorial on how to view all admin activity using nDepth.

nDepth visual tools

nDepth summarizes and displays search results with several different visual tools that can also be combined into a customizable dashboard. The tools are intuitive and interactive - you can point and click to refine your searches. Each graphical tool provides an alternative view of the same data, so you can examine your data from several perspectives. You can also view and explore a text-based view of the actual data.

nDepth employs drag-and-drop tools that let you configure simple or even complex search criteria. You can use these tools to dig deeper into your findings by adding search conditions, or by appending text to existing search strings. nDepth also includes a tool called Search Builder that lets you configure complex search criteria using the same sort of drag-and-drop interface found in Filter Creation.

nDepth primary uses

Use nDepth to do any of the following:

  • Search either normalized event data or the original log messages. You can also use nDepth to explore log messages that are stored on a separate nDepth appliance.
  • Intuitively view, explore, and search significant event activity. nDepth summarizes event activity with simple visual tools that you can use to easily select and investigate areas of interest.
  • Use existing filter criteria from the Monitor view to quickly create similar searches.
  • Create your own custom widgets for the nDepth Dashboard.
  • Conduct custom searches. You can also create complex searches with the Search Builder, which is a tool that behaves just like the Filter Builder. You can also save any search, and then reuse it at any time by clicking it.
  • Save and reuse custom searches.
  • Schedule saved searches.
  • Export your findings to a printable report in PDF format, or your search results to a spreadsheet file in CSV format.
  • Use the Explore menu to investigate nDepth search results with other explorers.
  • Use the Respond menu to take action on any of your findings.
  • Export your findings to a report in PDF format.

Events and Log Messages

LEM includes two data storage areas that store the messages from the original event logs and the normalized event data that the Console reports in the Monitor view. You can use nDepth to explore the following modes:

  • Events mode. nDepth summarizes and explores your event data. This is the normalized data that appears in the Monitor view and stored in the LEM database.
  • Log Messages mode. nDepth summarizes and explores the raw log messages moving into nDepth Log Storage from the original event logs. This mode is intended for customers with specific data analysis needs who fully understand how to interpret the raw log messages generated by their network devices and tools.

The virtual appliance must be configured to store log message data. For more information, see Configuring Your LEM Appliance for Log Message Storage.

Data storage is limited. If you have not configured a CMC??option for archiving data, LEM will delete the oldest data to make room for new data.

The following sections describe how to perform a basic search with nDepth, use nDepth's graphical tools, use nDepth with other explorers, and respond to your results.

 

 
Last modified
10:30, 19 Jun 2017

Tags

Classifications

Public