Submit a ticketCall us

Looking to compare latest NPM features with previous versions of NPM?
The NPM new feature summary offers a comparison of new features and improvements offered with this release.

 

Home > Success Center > Log & Event Manager (LEM) > SolarWinds LEM 6.3 User Guide > Explore view in the LEM console > Common nDepth data fields

Common nDepth data fields

Created by Caroline Juszczak, last modified by Caroline Juszczak on Aug 29, 2016

Views: 7 Votes: 0 Revisions: 4

These categories frequently appear in the Refine Fields list, the Tree Map view, and the Result Details view.

Common data field categories in Events Mode

This table describes the data fields that are most commonly seen when working with event data. The fields are listed here alphabetically.

Field Description

Event Name

The name of the event.

Detection IP

The network node that created the event data. The node is usually a manager or an agent.

The DetectionIP is identical to the InsertionIP field, but can also be a network device (such as a firewall or an intrusion detection system) that sends log files over a remote logging protocol.

Inference Rule

The name of the correlation that caused the event. The Inference Rule field will generally be blank, but displays the rule name when the event is related to a rule.

Insertion IP

The manager or agent that created the event. This is the source that first read the log data from a file or other source.

IP Address

The IP address associated with the event. This is a composite field drawn from several different event fields. It shows all the IP??addresses that appear in event data.

Manager

The manager that received the event. For data generated from an agent, this is the manager connected to the agent.

Provider SID

A unique identifier for the original data. Generally, this field includes information used in researching information on the event in the originating network device vendor documentation.

Severity

The severity (0-7) of the event

Tool Alias

The alias name entered used to configure the tool on the manager or agent.

User Name

The user name associated with the event. This is a composite field, drawn from several different event fields. It shows all the places that user names appear in event data.

Common data field categories in Log Messages mode

This table describes the data fields that are most commonly seen when working with log messages. The fields are listed here alphabetically.

Field Description

Host

The node the log message came from (that is, the LEM or Agent that collected the message for forwarding to nDepth).

HostFromData

The originating network device (if different than the node) that the message came from. Normally, Host and HostFromData are the same. In the case of a remote logging device (such as a firewall) this field reports the original remote device's address.

ToolId

The tool that generated the log message.

ToolType

The category for the tool that generated the log message.

 
Last modified
09:57, 29 Aug 2016

Tags

Classifications

Public