SolarWinds User Device Tracker (UDT) is a software tool that helps network administrators monitor and track the devices connected to their network. It uses network discovery and SNMP protocols to automatically identify and map devices and then provides detailed information about each device, including IP address, MAC address, manufacturer, and device type.
This allows administrators to quickly identify and locate devices on the network, and to keep track of changes to the network topology over time. UDT also provides alerts and notifications for new or changed devices and can be integrated with other SolarWinds network management tools for further analysis and troubleshooting.
UDT also allows administrators to track the location of the devices, by using the IP or MAC addresses, it will trace the location of the device and if it is connected to the network or not. It also gives information about the last time the device was connected, and how long it was connected.
This feature is useful for monitoring the security of the devices, as it allows administrators to detect and respond to potential security breaches or unauthorized access. Here let’s see how to use Solarwinds UDT. To try and purchase Solarwinds UDT click on this link.
How to use SolarWinds UDT
To begin using SolarWinds User Device Tracker (UDT), the first step is to install it in an existing SolarWinds environment or as a standalone environment. The installation process is similar to that of any other SolarWinds product.
Once UDT is installed, it is necessary to run a Network Discovery scan to add the devices to SolarWinds. If UDT is being installed in an existing environment, it is not necessary to run the discovery again as the existing monitored nodes can be added directly to SolarWinds UDT.
Add Nodes to SolarWinds UDT
Once you have added nodes into SolarWinds or if you want to add existing nodes for UDT monitoring follow the below steps.
- Go to Settings and then All Settings.
- Click on UDT Settings under Product Specific Settings.
- Click on Manage Ports under Port Management.
- Select Nodes in the Show drop-down list and then select the nodes you want to add to UDT and click on Monitor Node with UDT.
- Now we have added the nodes for UDT monitoring. We can follow the same steps to add/remove nodes and ports for UDT monitoring.
- Added nodes and ports will be regularly scanned by UDT to keep up-to-date information.
Accessing SolarWinds UDT Summary Page
Follow the below steps to access SolarWinds UDT summary page to check device and user information.
- Go to My Dashboards and then click on Device Tracker Summary in the Device Tracker sub-menu.
- Now we will be re-directed to the UDT summary page.
The User Device Tracker (UDT) home page displays a variety of widgets that provide important information about the devices on your network. Let’s see some of the major widgets that can be found on the UDT home page here.
All UDT Nodes Widget
The All UDT Nodes widget, located on the UDT home page, provides a comprehensive view of all the nodes that are currently being monitored by UDT. By drilling down the node tree, users can access detailed information about the ports that are being monitored within each node.
To check the ports monitored on the node, expand the node details by clicking on the triangle icon.
To check the port-related details click on the port you want to check under the node, you can see the port-related information like Port Description, Status, IP address configured on the port, MAC address and etc. We can also shut down or turn on the interface from here itself.
Rogue Devices Widget
The Rogue Devices widget, located on the UDT home page, displays a list of suspicious devices that have been detected on the network. UDT allows for the creation of a whitelist, where devices that are not part of the whitelist will be marked as rogue devices. This feature helps network administrators quickly identify and address any unauthorized or potentially harmful devices on the network.
If a whitelist is not available, SolarWinds UDT uses three default rules to determine which devices are considered whitelist devices. These rules are based on the device’s IP address, MAC address, and hostname, and help ensure that only legitimate devices are allowed on the network.
We can review the list of devices that have been flagged as rogue. If a device is determined to be a genuine device and not a threat, it can be marked as a safe device by clicking on the “Safe device”. If a device is determined to be suspicious, it can be added to the watch list by clicking on “Watch this device”. The watch list can be reviewed as necessary to monitor the activity of suspicious devices. Administrators can also set up alerts for rogue devices so they are notified whenever they appear on the network. This can help to quickly address any potential security threats. By following these steps, network administrators can effectively manage rogue devices and keep their networks secure.
To further check the devices that appeared in the rogue device widget, click on the device and we can see all the details related to that device and we can decide whether the device needs to be added to the watch list.
Apart from these widgets, there are other widgets available on the summary page that we can use to get more information about the devices or users connected to the environment.
Device Inventory in Solarwinds UDT
The Device Inventory feature within SolarWinds UDT offers a comprehensive view of all the devices being monitored by UDT. The inventory page provides several functionalities like search, filter, and review the port inventory and connected endpoints.
To access the Device Inventory page, click on My Dashboards and select Device Inventory from the Device Tracker sub-menu.
Now we can view the device inventory where we can search any specific device-related information like device details, connected to which device on which port, etc. Click on the device to get more details about the device.
User Inventory in SolarWinds UDT
The User Inventory feature within SolarWinds UDT offers a comprehensive view of all the users connected to the environment. The inventory page allows you to search, filter, and review the login history of users.
To access the User Inventory page, click on My Dashboards and select User Inventory from the Device Tracker sub-menu.
Now we can see all the users connected to the environment. User details like user name, connected to which device, last seen, etc will be available in the user inventory. We can click on a specific user to get more details about the user.
Reports in SolarWinds UDT
SolarWinds UDT provides 11 out-of-the-box reports, these reports will be populated once the devices are added to UDT monitoring. Below is the list of reports available in SolarWinds UDT.
- Active Endpoints (per node): This report displays currently connected endpoints grouped by
node and port.
- Active Wireless Endpoints (per node): This report displays currently connected wireless
endpoints grouped by node.
- Connected MAC and IP Addresses: This report provides a count of connected MAC and
IP addresses for all monitored devices.
- Inactive User Accounts for last 30 days: This report provides a list of user accounts that were inactive over the last 30 days.
- List of IPv6 Addresses: This report provides a list of IPv6 addresses connected with all
- OUI Report: This report provides the vendor name for all available MAC addresses.
- OUI Summary Report: This report provides a count of available endpoints grouped by vendor
- UDT Capacity: This report provides a history of port usage for each UDT node.
- UDT Unused Ports: This report provides an overview of ports UDT is not currently using.
- User History Report: This report provides an overview of users logging in to UDT.
- VLAN Devices: This report provides a list of VLAN devices monitored by UDT.
To access these reports go to Reports and click on All Reports.
Select Product fromt the Group By drop-down list.
Now click on UDT Reports to check the list of available UDT reports.
Click on any of the reports to view the report, we have options to download the reports for further analysis. Also, we can use these report templates to create our own custom reports.
Alerts in Solarwinds UDT
Solarwinds UDT comes up with a few out-of-the-box alerts. We can use those alerts to trigger alert notifications. To check the UDT alerts, go to Settings and All Settings.
Click on Manage Alerts under Alerts & Reports.
Search the user device tracker in the search box, we can see all the alerts available for UDT.
We can use these alerts to trigger the alert notifications. Also, we can customize these alerts based on our needs. To learn how to customize the alerts refer to this article.
This is how we can use the SolarWinds UDT to track the devices and users connected to the network environment.