Submit a ticketCall us

Webinar: Web Help Desk for HR, Facilities and Accounting Departments
This webinar will focus on use cases for HR, Facilities and Accounting.

Having a unified ticketing and asset management system for all the departments in your company can provide end-users with a seamless experience and make things easier for your IT team. Yet, with different business tasks and objectives, many departments don’t fully understand the capabilities of Web Help Desk and how the software can be customized for effective use in their departments.
Register Now.

Home > Success Center > Log & Event Manager (LEM) > SolarWinds LEM 6.3 User Guide > Explore view in the LEM console > Explorer types

Explorer types

Created by Caroline Juszczak, last modified by Caroline Juszczak on Aug 29, 2016

Views: 11 Votes: 0 Revisions: 4

The Console contains the following explorers:

  • Event
  • nDepth
  • NSLookup
  • Whois
  • NSLookup
  • Traceroute
  • Whois
  • Flow

Explorer views include Respond and Explore drop-down menus, The Respond menu provides corrective actions you can initiate on an event or other information presented in an explorer, such as shutting down a workstation when you see a problem reported in the console. The Explore menu provides a list of utilities you can use to investigate an event, event, event detail, or nDepth search result.

Event explorer

Event explorer displays all sequential and concurrent events related to the active event in the Console. You can view the events that occurred before, during, and after the event occurred. You can also monitor events in real time to determine their origin and destination. Use this explorer to determine what caused a rule to fire.

The Event explorer can only be opened from the Monitor view,

nDepth explorer

nDepth is a search engine that locates all event data or the original log messages that pass through a particular manager. The log data is stored in real time as it occurs from each host (network device) and source (application or tool) that is monitored by the manager. You can use nDepth to conduct custom searches, investigate your search results with a graphical tools, investigate event data in other explorers, and take action on your findings.

NSLookup explorer

The NSLookup explorer is a network utility that resolved IP addresses to host names and host names to IP addresses. Use this explorer to locate a name that corresponds to the IP address that caused the rule to fire. For example, you can resolve to an IP??address.


In this example, NSLookup explorer is searching for IP address of The explorer retrieved the corresponding host name, which is

Opening the NSLookup explorer adds an NSLookup explorer File:Success_Center/Reusable_content_-_InfoDev/LEMUserGuide_MT/060/030/Icon-NSLookup.png icon to the History pane in the Explore view.

Traceroute Explorer

Traceroute explorer is a network utility that traces network links (or hops) from your host computer to a specific destination. Use this explorer to determine the network connections between yourself and the IP address that caused a rule to fire.


In this example, Traceroute explorer is tracing IP address The interface displays the hops between your computer and the destination IP address. In this example, connecting to the IP address required two hops.

Opening the Traceroute Explorer adds a a Traceroute explorer File:Success_Center/Reusable_content_-_InfoDev/LEMUserGuide_MT/060/030/Icon-Traceroute.png icon in the History pane of the Explore view.

Whois Explorer

Whois explorer is a network utility that identifies the source of an IP address or domain name based on how it is registered with domain and network authorities. This explorer contacts the central databases for IP addresses and domain names and returns the results of any of your searches. It can tell you where something is located physically in the world, and who actually owns the device you are trying to locate. For example, you can use this explorer to identify who owns a domain that corresponds to the IP address that caused a rule to fire.


The example on the left shows the results for an IP address. The example on the right shows the results for the SolarWinds domain name, From these results, you can find out who owns the IP address and where the server is hosted.

Opening the Whois Explorer adds a Whois explorer File:Success_Center/Reusable_content_-_InfoDev/LEMUserGuide_MT/060/030/Icon-Whois.png icon in the History pane of the Explore view.

Flow explorer

Flow explorer performs flow analysis to determine which IP addresses or ports are generating or receiving the most network traffic. Use this explorer to analyze the volume of data (in bytes or packets) transferring to or from an IP address or port number on your network.

For example, if an unknown IP address displays at the top of the Flow explorer's activity list, you can select a bar on the graph or a row in the table and choose the Whois explorer from the Explore menu to identify the IP address and why it is transmitting so much data.

Manually Exploring an Item

You can manually explore an IP address, host name, or domain name by opening a new explorer or entering the appropriate information into the search box of an open explorer.


Last modified
10:47, 29 Aug 2016