SolarWinds Log & Event Manager



Similar documents
F-Secure Messaging Security Gateway. Deployment Guide

VMware vcenter Log Insight Getting Started Guide

Using SolarWinds Log and Event Manager (LEM) Filters and Alerts

SSL VPN. Virtual Appliance Installation Guide. Virtual Private Networks

The Bomgar Appliance in the Network

Installing and Configuring vcloud Connector

VMware Identity Manager Connector Installation and Configuration

Virtual Appliance Setup Guide

Installing and Configuring vcenter Support Assistant

Virtual Web Appliance Setup Guide

Preinstallation Requirements Guide

VMware vcenter Log Insight Getting Started Guide

SolarWinds Certified Professional. Exam Preparation Guide

Table of Contents. Contents

How To Set Up Foglight Nms For A Proof Of Concept

OnCommand Unified Manager 6.2

Installing and Configuring vcloud Connector

VMware vsphere-6.0 Administration Training

How to Configure an Initial Installation of the VMware ESXi Hypervisor

NMS300 Network Management System

It should be noted that the installer will delete any existing partitions on your disk in order to install the software required to use BLËSK.

F-SECURE MESSAGING SECURITY GATEWAY

Virtual Managment Appliance Setup Guide

Online Help StruxureWare Data Center Expert

Network Load Balancing

Application Discovery Manager User s Guide vcenter Application Discovery Manager 6.2.1

vcloud Director User's Guide

NETWORK PUBLIC TRAINING CLASS

VMware vcenter Log Insight Security Guide

OnCommand Unified Manager 6.3

NOC PS manual. Copyright Maxnet All rights reserved. Page 1/45 NOC-PS Manuel EN version 1.3

OnCommand Performance Manager 1.1

vcenter Server Appliance Configuration

SonicWALL SRA Virtual Appliance Getting Started Guide

6.0. Getting Started Guide

Copyright 2015 SolarWinds Worldwide, LLC. All rights reserved worldwide. No part of this document may be reproduced by any means nor modified,

Rally Installation Guide

PineApp Surf-SeCure Quick

Using WhatsUp IP Address Manager 1.0

LifeSize Transit Virtual Appliance Installation Guide June 2011

Deployment and Configuration Guide

Goliath Performance Monitor Prerequisites v11.6

Virtual Appliance Setup Guide

CTERA Portal Datacenter Edition

Kaseya 2. User Guide. Version R8. English

GRAVITYZONE HERE. Deployment Guide VLE Environment

Infrastructure Navigator Installation and Administration Guide

Virtual Appliance Installation Guide

Syncplicity On-Premise Storage Connector

SolarWinds Log and Event Manager

GX-V. Quick Start Guide. VMware vsphere / vsphere Hypervisor. Before You Begin SUMMARY OF TASKS WORKSHEET

VMware vcenter Log Insight Administration Guide

CounterACT 7.0 Single CounterACT Appliance

CommandCenter Secure Gateway

Network Monitoring Comparison

Installing and Using the vnios Trial

How To Authenticate An Ssl Vpn With Libap On A Safeprocess On A Libp Server On A Fortigate On A Pc Or Ipad On A Ipad Or Ipa On A Macbook Or Ipod On A Network

Manage Dell Hardware in a Virtual Environment Using OpenManage Integration for VMware vcenter

WhatsUpGold. v3.0. WhatsConnected User Guide

BlackBerry Enterprise Service 10. Version: Configuration Guide

How To Get Started With Whatsup Gold

DameWare Server. Administrator Guide

RSA Authentication Manager 8.1 Setup and Configuration Guide. Revision 2

WhatsUp Gold 2016 Getting Started Guide

Personal Telepresence. Place the VidyoPortal/VidyoRouter on a public Static IP address

Getting Started with Clearlogin A Guide for Administrators V1.01

SOLARWINDS ENGINEER S TOOLSET FAST FIXES TO NETWORK ISSUES

A Guide to New Features in Propalms OneGate 4.0

Management, Logging and Troubleshooting

Quick Setup Guide. 2 System requirements and licensing Kerio Technologies s.r.o. All rights reserved.

Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding

NexentaConnect for VMware Virtual SAN

CommandCenter Secure Gateway

How To - Implement Clientless Single Sign On Authentication with Active Directory

OnCommand Performance Manager 1.1

Using SolarWinds Orion for Cisco Assessments

Configuration Guide. BES12 Cloud

Check Point Security Administrator R70

Networking Guide Redwood Manager 3.0 August 2013

ANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details

Course Syllabus. Fundamentals of Windows Server 2008 Network and Applications Infrastructure. Key Data. Audience. Prerequisites. At Course Completion

Extreme Control Center, NAC, and Purview Virtual Appliance Installation Guide

Stratusphere UX Prerequisites & Preparation Overview. Stratusphere Requirements Stratusphere Hub Appliance (SHA)... 2

In order to upload a VM you need to have a VM image in one of the following formats:

Virtual Appliance Setup Guide

Installing and Configuring VMware vcenter Orchestrator

F-Secure Internet Gatekeeper Virtual Appliance

1Y0-250 Implementing Citrix NetScaler 10 for App and Desktop Solutions Practice Exam

Quick Start Guide for VMware and Windows 7

Symantec Messaging Gateway 10.0 Installation Guide. powered by Brightmail

WatchGuard Training. Introduction to WatchGuard Dimension

CMB 207 1I Citrix XenApp and XenDesktop Fast Track

About the VM-Series Firewall

Cyberoam Virtual Security Appliance - Installation Guide for VMware ESX/ESXi. Version 10

Common Services Platform Collector 2.5 Quick Start Guide

BaseManager & BACnet Manager VM Server Configuration Guide

VWVCVIM5.5 VMware vcenter Configuration Manager for Virtual Infrastructure Management [v5.5]

Setting Up Scan to SMB on TaskALFA series MFP s.

CXS Citrix XenServer 6.0 Administration

VMware vcenter Support Assistant 5.1.1

Transcription:

Corona Technical Services SolarWinds Log & Event Manager Training Project/Implementation Outline James Kluza 14

Table of Contents Overview... 3 Example Project Schedule... 3 Pre-engagement Checklist... 4 Deployment... 7 Appliance... 7 Collection... 7 Knowledge Transfer... 8 2

Overview This document is to be used as a general outline when scheduling or accomplishing a SolarWinds LEM professional services engagement. Example Project Schedule Knowledge Transfer - Introduction to LEM o Purpose o Licensing o Architecture o Terms o Customer Portal o Thwack Knowledge Transfer - Planning for LEM o Requirements o Retention o Scalability o Pre-engagement Checklist o Monitoring logs that aren t ready out of the box o Any other decisions that should be considered to ensure a good deployment overall Deployment of Appliance Configuring Non-Agent Devices o Typical commands Deploying Agents to Devices o Process o Upgrade agents process Knowledge Transfer - Console Overview o Web o Desktop o Reports Knowledge Transfer - Modules o OPS Center o Monitor o Explore o Build o Manage o Analyze Knowledge Transfer - Reports Console o Purpose o Running o Filtering 3

o Scheduling Pre-engagement Checklist The following items should be accomplished prior to any installation engagements: Validate access to the SolarWinds Customer Portal with SWID and password Document license key for the LEM product for use during deployment Validate VMware vsphere access and ensure OVF template can be deployed in an initial environment that provides a DHCP scope (after activation process, the appliance can be migrated into any other context with static configuration) Ensure the necessary ports are open between the appliance subnet and any other networks on which agents will be deployed or logs will be collected. Ports are as follows: 4

Port TVs 25 TCP Deemlotion Traffic from the SolarWinds LEM appliance to your email server for automated email notifications I II 139. 445 TCP Standard Windows file shanng ports used for the SolarWinds LEM Remote Agent Installer and traffic from the SolarWinds LEM appliance to a Windows destination for exporting functions 182 TCP Traffic from devices sending SNMP trap messages to the SolarWinds LEM appliance 389 TCP Traffic from the SolarWinds LEM appliance to a designated server (usually a domain controller) for use with the Directory Service tool 514 TCP or UDP Traffic from devices sending syslog to the SolarWinds LEM appliance 2100 UDP Traffic from devices sending NetFlow to the SolarWinds LEM appliance 5433 TCP Traffic from SolarWinds LEM Reports to the SolarWinds LEM appliance Port Requirements for SolarWinds Products 9 Port Typo Description 6343 UDP Traffic from devices sending sflow to the SolarWinds LEM appliance 8080 TCP Non-secure traffic from the SolarWinds LEM Console to the SolarWinds LEM appliance; used during the evaluation period 8443 TCP Secure traffic from the SolarWinds LEM Console to the SolarWinds LEM appliance; used once SolarWinds LEM is activated 32022 TCP Non-standard port for SSH traffic to the SolarWinds LEM appliance 37890-37892 TCP Traffic from SolarWinds LEM Agents to the SolarWinds LEM appliance 37893-37896 TCP Return traffic from the SolarWinds LEM appliance to SolarWinds LEM Agents 5

Download the latest release of the following items from the Customer Portal as close to the implementation date as possible to ensure the latest versions are utilized: o LEM Appliance package OVF template Reports Console o Desktop Console that consists of two parts Adobe Air Desktop console application o Applicable Agents Windows (local and remote installer) Linux (32 and 64 bit) Ensure credentials are available for the following o Administrator access for any servers on which the agent will be deployed o Enable level access on any network devices on which logging will be enabled o If LDAP authentication will be utilized, a service account will be required to authenticate to the LDAP server during the query process o A CIFS based share for the export of the Appliance certificate during the activation process. If a static IP address will be assigned, the following needs to be identified: o IP Address o Subnet Mask o Gateway Address o DNS server (multiple recommended) o Hostname Console Restrictions o If access to the console will be restricted, the IP Addresses of the administrator machines will need to be collected Report Console Restrictions o If the ability to create reports from the report console will be restricted, the IP Addresses of the administrator machines will need to be collected Inventory o An initial inventory of all machines that will be added for collection to be conducted and classified as the following: OS Based (Windows or Linux) Non- agent Based (Routers, Switches, Firewalls, etc.) DNS Entry o An accurate DNS entry to the identified IP and hostname needs to be created 6

Deployment Appliance At a minimum, a 1 /2 day of effort should be scheduled solely for the process for deploying, activating, and configuring user access on the appliance. The following items are key points during the deployment and configuration process: Deploy OVF template in virtual environment Deploy desktop console to administrator machine Validate appliance access from Desktop Console to facilitate the activation process Activate the console Activate the Appliance Validate SSL access through the Web Console and Desktop Console Configure users either local LEM, LDAP Users, or LDAP Groups Collection Collection falls into two categories: Agent Non-Agent Agent Agent based collection requires that an agent be deployed on the server on which collection is to occur. This requires administrator or root level access (Windows & Linux respectively) and while both operating systems can be done using a standalone installer, a remote installer is available for Windows based machines. Non-Agent Non-Agent based collection occurs when devices such as routers, switches, and firewalls send logging information (Syslog or otherwise) to an identified logging facility (log file) on the Appliance. The Appliance then uses an Appliance based Connector to parse these log file repositories and normalize these entries into events in the Appliance. On the Agent based servers, this action occurs at the agent on the server and the real-time alert data is then sent to the Appliance for processing. 7

Knowledge Transfer During and after the deployment phase of an engagement, knowledge transfer will occur. Knowledge transfer normally follows a general outline focusing on the following portions of the console and console operation: General overview of the console and feature layouts o Differences between the Web, Desktop and Report Consoles In depth discussion of each of the following modules o OPS Center Widgets and their uses o Monitor Filters How to create them How to modify How to group How to use as jumping point for ndepth search o Explore ndepth Introduction to ndepth How to build queries How to save queries How to build and export ndepth Reports Other Utilities o Build Users How to add, modify and delete users Groups The purpose of the different groups How to add, modify and delete groups Rules The purpose of rules How to add, modify, delete and activate rules o Manage Appliances Connectors Settings Policies Nodes How to manage nodes How to configure Tools (Connectors) o Analyze (This module is discussed in the Reports Console Overview) Introduction to Reports Console 8

o Purpose of the console o Running reports o Filtering reports o Scheduling reports 9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information