Hide this message
Looking to compare latest NPM features with previous versions of NPM?
The NPM new feature summary offers a comparison of new features and improvements offered with this release.
Each device configured to send log data to the SolarWinds LEM uses the Tools Alias field. Use this field in filters, rules and searches to monitor specific type of traffic from a specific network device. You can also use the
DetectionIP event to monitor data from a specific device. For example,
To view device traffic in the LEM console, create a filter that captures traffic from a specific device.
Use the same principles to create rules and searches with a similar purpose.
Select a condition from the Events or Event Group for your filter.
Select Any Alert from the Events group to view all traffic from your device.
Select Network Audit Alerts in the Event Groups to view all network from your device.
WebTrafficAudit from the Events group to view web traffic from your device.
ToolAliasand drag it into the Conditions box.
In the Constant field in the Group box, enter the Tool Alias related to the device you want to track. Use asterisks (*) as wildcard characters to avoid entering the entire value.
For example, the default Firewall filter uses similar logic. Its conditions read,
Any Alert.ToolAlias = *firewall*. This assumes that the firewall connector was configured with a ToolAlias that includes firewall in the name.
The following procedure applies to devices configured to send logs to your LEM manager. Use a similar procedure to verify agent connectors when appropriate, applying it on the agent associated with the connector instead.
Select the connector instance you want to verify.
Configured tool instances appear with a in the Status column.