Computer networks are everywhere now and to no surprise. This could have been anticipated pretty easily taking in mind the benefits of a network. Every business, in this digital world, has a computer network. These networks are used to make sure that the servers are operating properly. Computer networks can, at times, go down due to one reason or another. One of the important tasks for each computer networking engineer is to pinpoint the cause of the issue to get the servers back up before a huge impact. This can be easily done by logging your computer network at all times.
Each electronic device, whenever connected to a network, generates logs that contain information about the activity of the devices. These logs are of immense importance to network administrators. These logs play a vital role in pinpointing the cause of various issues that can potentially take down your network; which, of course, should be avoided at all times. You can deploy automated tools on your network that will analyze the generated logs for you. In this article, we will be covering the Log Analyzer tool developed by Solarwinds. So, let us get to it.
Installation of Log Analyzer
The first thing you have to do before you begin logging your network is to install the automated tool on your system. To do this, head to this link and download the tool by clicking ‘Download Free Trial’ so you can have a go at the tool. Provide the required information and once done, you will be generated with your download link. After you have downloaded the tool, follow the instructions below:
- Run the downloaded file.
- Solarwinds uses Orion Installer which is a suite for all their premium products. Wait for the installation wizard to open up.
- Once the installation wizard loads up, click Lightweight Installation and choose where you wish to install the tool by clicking Browse. Click Next.
- Make sure Log Analyzer is selected. Click Next.
- The installer will run a few tests, wait for it to complete.
- Accept the license terms and then click Next.
- Wait for Log Analyzer to be downloaded and installed.
- Once the installation has finished, the configuration wizard will open up automatically. Click Next.
- On the Service Settings page, just click Next.
- Now, on the Database Settings page, select any of the two options. Information regarding each option is provided below it. Click Next.
- In case you have a separate database, enter the credentials of the SQL Server. Choose one of the options provided for authorization. Click Next.
- If you wish to use an existing database, select the ‘Use an existing database’ option and provide the required information. Otherwise, just click Next.
- Click Next again to begin the configuration wizard, wait for it to complete.
- Once the configuration wizard for Log Analyzer has finished, click Finish.
Discovering Networks using the Discovery Wizard
With that, the Log Analyzer tool has been installed and configured for your system successfully. Now, it is time to discover your networks using the Discover Wizard. Here’s how to do it:
- Once you click Finish, the Orion web console is opened in a web browser. Provide a password for the admin account and login.
- After that, go to Settings > Network Discovery.
- Click on Add New Discovery.
- These are four ways using which you can discover your network. You can either provide a range of IP addresses, provide subnets, enter individual IP addresses or use the Active Directory Controller. Use one and then click Next.
- On the Agents page, tick the ‘Check existing nodes polled by an agent for node changes and updates’ and then click Next.
- If you are not using SNMPv3 community strings, then just click Next. In case you are, click Add New Credential and provide the information.
- If you are using Windows Servers, provide the credentials on the Windows page by clicking Add New Credential. Click Next.
- On the Monitoring Settings page, use WMI as the polling method instead of SNMP if you are discovering Windows devices. Leave the ‘Manually set up monitoring after devices are discovered’ option selected and click Next.
- Leave Discovery Settings on their default values and just click Next.
- If you wish to perform the network discovery once, just click Next on the Discovery Scheduling page. Otherwise, you can adjust per your needs.
- Click Discover.
Adding Discovered Devices to LA
Once the discovery wizard finishes discovering your network devices, it is time to add them to Log Analyzer and start logging. To do this, follow the below instructions:
- Select the devices you want to log and then click Next.
- Select the Volume types and then click Next.
- Preview the devices to be imported and then click Import.
- Wait for the Network Sonar Results Wizard to finish importing and then click Finish.
- The devices have been added successfully.
- To view the summary, head to My Dashboard > Log Viewer.
Enable or Disable Log Monitoring
With Solarwinds Log Analyzer, you can enable or disable log monitoring for different nodes. To do this, follow the below instructions:
- Go to Settings > Manage Nodes.
- On the left-hand side, you can choose what nodes to display by choosing the Group type. Choose No Grouping if you want all the nodes to be displayed.
- Afterward, select the nodes you wish to enable or disable log monitoring for and then click Edit Properties.
- Scroll down to the bottom and make sure the Status box under Log and Event Monitoring is ticked. Choose Enabled or Disabled from the drop-down menu and click Submit.
Log Analyzer comes with a set of predefined rules that help you monitor the important logs. You can configure the rules per your needs by doing the following:
- Go to My Dashboard > Log Viewer.
- On the right-hand side under the toolbar, click Configure Rules.
- You can configure the predefined rules by expanding the entries given on the left-hand side and then click Log Manager Rules.
- Use the search bar to search for specific rules.
Creating Custom Rules
If you wish to create custom rules for Log Analyzer, you can do so pretty easily. Here’s how to do it:
- If you wish to create a rule for Syslog, expand the entry and click My Custom Rules. The same goes for the other entries.
- Then, click on Create A Rule.
- You will be asked to provide a name for the name and whether you wish to enable or disable it. Once done, click Next.
- On the Rule Conditions page, you can choose whether to apply the Rule to all sources or a specific one. The same goes for Log Entries. Click Next.
- Now, you can add Actions that are to be executed when the rule fires. To add an action, click Add an Action. Choose the type of action and then provide the details.
- If you wish to be alerted when the rule fires, tick the ‘Send a Log Rule Fired event to Orion Alerting’ option and then click Next.
- Check the rule again and then click Save.