nDepth is a search engine that locates all event data or the original log messages that pass through a particular manager. The log data is stored in real time as it occurs from each host (network device) and source (application or tool) that is monitored by the manager. You can use nDepth to conduct custom searches, investigate your search results with a graphical tools, investigate event data in other explorers, and take action on your findings.
nDepth summarizes and displays search results with several different visual tools that can also be combined into a customizable dashboard. The tools are intuitive and interactive - you can point and click to refine your searches. Each graphical tool provides an alternative view of the same data, so you can examine your data from several perspectives. You can also view and explore a text-based view of the actual data.
nDepth employs drag-and-drop tools that let you configure simple or even complex search criteria. You can use these tools to dig deeper into your findings by adding search conditions, or by appending text to existing search strings. nDepth also includes a tool called Search Builder that lets you configure complex search criteria using the same sort of drag-and-drop interface found in Filter Creation.
Use nDepth to do any of the following:
LEM includes two data storage areas that store the messages from the original event logs and the normalized event data that the Console reports in the Monitor view. You can use nDepth to explore the following modes:
The virtual appliance must be configured to store log message data. For more information, see Configuring Your LEM Appliance for Log Message Storage.
Data storage is limited. If you have not configured a CMC??option for archiving data, LEM will delete the oldest data to make room for new data.
The following sections describe how to perform a basic search with nDepth, use nDepth's graphical tools, use nDepth with other explorers, and respond to your results.