SolarWinds UDT Service manual
ADMINISTRATOR GUIDE
User Device Tracker
Version 3.2.4
Last Updated: May 30, 2017
Retrieve the latest version from:
https://support.solarwinds.com/Success_Center/User_Device_Tracker_(UDT)/UDT_Documentation
© 2016 SolarWinds Worldwide, LLC. All rights reserved.
This document may not be reproduced by any means nor modified, decompiled, disassembled, published
or distributed, in whole or in part, or translated to any electronic medium or other means without the prior
written consent of SolarWinds. All right, title, and interest in and to the software and documentation are
and shall remain the exclusive property of SolarWinds and its respective licensors.
SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS OR OTHER TERMS, EXPRESS OR IMPLIED,
STATUTORY OR OTHERWISE, ON SOFTWARE AND DOCUMENTATION FURNISHED HEREUNDER INCLUDING
WITHOUT LIMITATION THE WARRANTIES OF DESIGN, MERCHANTABILITY OR FITNESS FOR A PARTICULAR
PURPOSE, AND NONINFRINGEMENT. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS
BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY EVEN
IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
The SolarWinds and other SolarWinds marks, identified on the SolarWinds website, as updated from
SolarWinds from time to time and incorporated herein, are registered with the U.S. Patent and Trademark
Office and may be registered or pending registration in other countries. All other SolarWinds trademarks
may be common law marks or registered or pending registration in the United States or in other countries.
All other trademarks or registered trademarks contained and/or mentioned herein are used for
identification purposes only and may be trademarks or registered trademarks of their respective
companies.
Version 3.2.4, revised 9/1/2016
2
Introduction to UDT 19
What Is a Device? 19
What SolarWinds User Device Tracker Offers 19
How SolarWinds User Device Tracker Works 20
Installing SolarWinds User Device Tracker 21
Scalability 21
Requirements for SolarWinds UDT 21
UDT Server Software Requirements 21
SolarWinds Server Hardware Requirements 22
Requirements for Virtual Machines and Servers 23
Requirements for the Orion Platform database Server (SQL Server) 23
Additional SolarWinds UDT Requirements 25
Scalability 25
FIPS Support 25
Server Sizing 26
SNMP Requirements for Monitored Devices 26
Enabling Microsoft Internet Information Services (IIS) 27
Enabling IIS on Windows Server 2003 and Windows XP 27
Enabling IIS on Windows Vista and Windows Server 2008 (R2) 27
Enabling IIS on Windows 7 28
Installing SolarWinds User Device Tracker 29
Activating Your License 30
To evaluate the software without a license 30
To license the software on a server with Internet access 30
To license the software on a server without Internet access 30
Finishing SolarWinds UDT Installation 31
Moving SolarWinds UDT to a New Server 31
Licensing 32
Maintaining Licenses with License Manager 33
3
Installing License Manager 33
Deactivating and Registering Licenses with the License Manager 34
Excluding Orion Data Directories from Anti-Virus Scanning 34
Exclude for Windows XP/Server 2003 34
Exclude for Windows Vista/7/Server 2008 35
Running SolarWinds UDT 35
Internet Explorer Security Settings 35
Discovering and Adding Network Devices 36
Adding Devices 36
Adding Ports 36
Network Discovery 36
Adding Multiple Devices (Network Sonar Discovery) 37
Using the Network Sonar Results Wizard 41
Adding a Node (Add a Single Device) 42
Manage Nodes 43
User Device Tracker Port Discovery 43
Adding Orion Nodes to UDT 44
Event Notification for Nodes and Ports added to UDT 44
Adding Active Directory Controllers and Users 46
Managing Active Directory Credentials 46
Adding a New AD Credential 46
Editing an AD Credential 47
Deleting an AD Credential 47
Domain controller configuration validation 47
Managing Active Directory Domain Controllers 48
Adding a New AD domain controller 48
Editing an AD domain controller 49
Assign a credential to an AD domain controller 49
Deleting an AD Domain Controller 49
4
Setting Up Polling of User Data Across Domains 50
Defining Credentials for Polling Across Domains 50
Setting WMI Namespace Security 50
Adding a New AD Credential 51
Managing the UDT White List 52
Enabling DNS Resolution for Wireless Nodes 53
Adding Endpoints to the White List 53
Add Endpoints to the DNA Whitelist by Adding Rules 53
Add Endpoints to the Whitelist by Enabling Rules 54
Removing Endpoints from the White List 54
Removing Endpoints from the White List by Editing Rules 54
Remove Endpoints from the White List by Disabling Rules 55
Ignoring Endpoints in UDT 55
Ignoring Endpoints in the White List by Adding Rules 56
Ignoring Endpoints in the White List by Enabling Rules 56
Deleting White List Rules 57
Managing UDT 58
Getting Started with Orion 59
Discovery Central 59
Network Sonar Discovery 60
Add a Node 60
Node & Group Management 60
Manage Nodes 60
Manage Dependencies 60
Manage Groups 60
Accounts 61
Manage Accounts 61
Account List 61
Credentials 61
5
Manage Windows Credentials 61
Customize 61
Customize Menu Bars 61
Color Scheme 62
External Websites 62
Manage Alerts 62
Manage Advanced Alerts 62
Product Updates 63
Available Product Updates 63
SolarWinds product Team Blog 63
Views 63
Manage Views 63
Add New View 64
Views by Device Type 64
Settings 64
Web Console Settings 64
Polling Settings 64
Orion Thresholds 64
UDT Settings 64
Details 65
Database Details 65
Polling Engines 65
Orion Platform Details 65
License Details 65
Configuring SolarWinds UDT 66
Port Management 66
Manage Ports 66
User Device Tracker Discovery 66
Track Users and Endpoints 66
6
Manage the White List 67
Manage Active Directory Domain Controller 67
Manage Watch List 67
UDT Settings 67
Polling Interval 67
Data Retention 67
Port Thresholds 67
View UDT Job Status 68
Advanced Settings 68
License Summary 68
UDT License Summary 68
thwack Community 68
UDT thwack Forum 69
UDT Credentials 69
Manage Active Directory Administrator Credentials 69
Viewing Status: Device, Port, User, SSID 70
Using the Device Tracker Summary 70
Using the Device Tracker Port Details 72
Viewing Node and Port Data in Tooltips 73
Using the Device Tracker Access Point Details 74
Using the Device Tracker SSID Details 76
Using the Device Tracker User Details 77
Viewing User Data in Tooltips 78
Common Tasks with SolarWinds UDT 79
Finding the switch and port where a particular hostname, IP, or MAC address is or was connected 79
Seeing Rogue Endpoint Connections in Real-time 80
Tracking Status for a Group of Ports 81
Shutting Down a Network Device Port 83
Creating and Managing a Watch List 83
7
Finding Wireless Endpoint Connections 84
Finding a User's Connections 84
Finding Endpoints in a Subnet 85
Resolving IP Address Conflicts with IPAM and UDT Integration 87
Alerting and Reporting 90
Editing Alerts 90
Configuring SolarWinds UDT Alerts 90
Configuring a default UDT alert 91
Setting up the alert trigger action 91
Creating SolarWinds UDT-Specific Reports 93
Using Predefined SolarWinds UDT Reports 93
Viewing and Editing Reports 94
Filtering and Grouping Data in Resources 98
SQL Syntax 98
SWQL Syntax 99
SolarWinds Core Components 102
Discovery Central 102
Network Discovery 103
Additional Discovery Central Resources 103
Discovering and Adding Network Devices 103
Network Discovery Using the Network Sonar Discovery Wizard 104
Using the Network Sonar Discovery Results Wizard 110
Importing a List of Nodes Using a Seed File 112
Managing Scheduled Discovery Results 114
Using the Discovery Ignore List 115
Managing the Orion Web Console 117
Logging in for the First Time as an Administrator 118
Windows Authentication with Active Directory 118
Using the Web Console Notification Bar 119
8
Navigating the Orion Web Console 120
Using Web Console Tabs 120
Using and Disabling Web Console Breadcrumbs 121
Administrative Functions of the Orion Web Console 122
Changing an Account Password 122
Orion Website Administration 122
Viewing Secure Data on the Web 127
Handling Counter Rollovers 127
General Thresholds 128
General Threshold Types 128
Setting General Thresholds 130
Customizing Views 130
Creating New Views 131
Editing Views 131
Configuring View Limitations 133
Copying Views 134
Deleting Views 134
Views by Device Type 134
Resource Configuration Examples 135
Using the Orion Web Console Message Center 144
Exporting Views to PDF 145
Creating a Custom Summary View 145
Creating and Editing External Website Views 146
Customizing the Orion Web Console 147
Customizing Web Console Menu Bars 147
Changing the Web Console Color Scheme 149
Changing the Web Console Site Logo 149
Configuring the Available Product Updates View 150
Updating Your SolarWinds Installation 150
9
Orion Web Console and Chart Settings 151
Web Console Settings 151
Chart Settings 152
Discovery Settings 153
Using Node Filters 153
Applying a Node Filter 153
Example Filters with Associated SQL Queries 153
Valid Status Levels 154
Custom Charts in the Orion Web Console 154
Customizing Charts in the Orion Web Console 154
Custom Node Charts 156
Custom Volume Charts 157
Custom Chart View 158
Custom Object Resources in the Orion Web Console 160
Editing a Custom Object Resource 160
Selecting Custom Objects and Resources 160
Available Custom Resources 161
Integrating SolarWinds Engineer's Toolset 161
Configuring a Toolset Integration 161
Adding Programs to a Toolset Integration Menu 162
Accessing Nodes Using HTTP, SSH, and Telnet 164
Using Integrated Remote Desktop 164
Managing Orion Web Console Configurations 164
Creating a Web Console Configuration Backup 165
Restoring a Web Console Configuration Backup 165
Clearing a Web Console Configuration 166
Managing Devices in the Web Console 167
Adding Devices for Monitoring in the Web Console 168
Deleting Devices from Monitoring 171
10
Viewing Node Data in Tooltips 172
Editing Object Properties 173
Promoting a Node from ICMP to SNMP Monitoring 174
Viewing Node Resources 176
Setting Device Management States 176
Unscheduled Device Polling and Rediscovery 177
Monitoring Windows Server Memory 178
Scheduling a Node Maintenance Mode Time Period 178
Managing Groups and Dependencies 179
Managing Groups 179
Creating Groups 180
Editing Existing Groups 181
Managing Group Members 182
Deleting Groups 182
Managing the Display of Group Status 182
Managing Dependencies 184
Creating a New Dependency 185
Editing an Existing Dependency 186
Deleting an Existing Dependency 187
Viewing Alerts on Child Objects 188
Managing Web Accounts 189
Creating New Accounts 189
Editing User Accounts 190
User Account Access Settings 191
Setting Account Limitations 192
Defining Pattern Limitations 194
Setting Default Account Menu Bars and Views 195
Configuring an Account Report Folder 196
Configuring Audible Web Alerts 197
11
Managing SolarWinds UDT Polling Engines 198
Viewing Polling Engine Status in the Web Console 198
Configuring Polling Engine Settings 199
Orion Platform Polling Settings 199
Polling Intervals 199
Polling Statistics Intervals 200
Database Settings 201
Network 202
Calculations & Thresholds 203
Calculating Node Availability 204
Node Status 204
Percent Packet Loss 204
Calculating a Baseline 205
Using the Polling Engine Load Balancer 205
Setting the Node Warning Level 206
Managing Packet Loss Reporting 207
Monitoring Network Events in the Web Console 209
Viewing Event Details in the Web Console 209
Acknowledging Events in the Web Console 210
Using Orion Platform Advanced Alerts 211
Creating and Configuring Advanced Alerts 212
Creating a New Advanced Alert 212
Naming, Describing, and Enabling an Advanced Alert 214
Setting a Trigger Condition for an Advanced Alert 215
Setting a Reset Condition for an Advanced Alert 218
Setting a Suppression for an Advanced Alert 219
Setting the Monitoring Period for an Advanced Alert 221
Setting a Trigger Action for an Advanced Alert 221
Setting a Reset Action for an Advanced Alert 222
12
Alert Escalation 222
Understanding Condition Groups 223
Using the Advanced Alert Manager 224
Adding Alert Actions 228
Available Advanced Alert Actions 228
Sending an E-mail / Page 229
Playing a Sound 230
Logging an Advanced Alert to a File 231
Logging an Advanced Alert to the Windows Event Log 232
Logging an Advanced Alert to the NetPerfMon Event Log 233
Sending a Syslog Message 234
Executing an External Program 235
Executing a Visual Basic Script 236
Emailing a Web Page 237
Using Text to Speech Output 238
Sending a Windows Net Message 239
Sending an SNMP Trap 240
Using GET or POST URL Functions 241
Dial Paging or SMS Service 241
Testing Alert Actions 242
Viewing Alerts in the Orion Web Console 243
Acknowledging Advanced Alerts in the Web Console 243
Escalated Advanced Alerts 244
Escalated Alert Example 244
Creating a Series of Escalated Alerts 245
Viewing Alerts from Mobile Devices 248
Creating Network Maps 249
Creating and Viewing Reports 250
Predefined Orion Platform reports 250
13
Availability 251
Current Node Status 252
Current Volume Status 253
Daily Node Availability 254
Events 255
Historical CPU and Memory Reports 256
Historical Response Time Reports 257
Historical VMware ESX Server Reports 258
Groups: Current Groups and Groups Members Status 259
Groups: Daily Group Availability 260
Groups: Group Availability (with members) 261
Groups: Historical Groups Status 261
Historical Volume Usage Reports 262
Inventory 263
Viewing Reports 264
Viewing Reports in the Orion Web Console 264
Viewing Reports in the SolarWinds UDT Report Writer 265
Using Report Writer 265
Preview Mode 266
Design Mode 266
Creating and Modifying Reports 266
General Options Tab 267
Select Fields Options Tab 268
Filter Results Options Tab 269
Top XX Records Options Tab 269
Time Frame Options Tab 270
Summarization Options Tab 270
Report Grouping Options Tab 270
Field Formatting Options Tab 271
14
Customizing the Report Header and Footer Image 271
Exporting Reports 272
Example Device Availability Report 272
Using Orion Report Scheduler 278
Creating a Scheduled Report Job 279
Using Orion Report Scheduler with HTTPS 280
Troubleshooting the Orion Report Scheduler 281
Reports and Account Limitations 282
Monitoring Syslog Messages 283
Configuring the Orion Syslog Port 284
Syslog Messages in the Web Console 284
Syslog Resources 284
Viewing Syslog Messages in the Web Console 286
Acknowledging Syslog Messages in the Web Console 287
Using the Syslog Viewer 287
Viewing and Acknowledging Current Messages 288
Searching for Syslog Messages 288
Syslog Server Settings 288
Configuring Syslog Viewer Filters and Alerts 289
Available Syslog Alert Actions 292
Forwarding Syslog Messages 293
Syslog Alert Variables 294
Syslog Date/Time Variables 294
Other Syslog Variables 296
Syslog Message Priorities 296
Syslog Facilities 296
Syslog Severities 297
Monitoring SNMP Traps 299
The SNMP Trap Protocol 300
15
Viewing SNMP Traps in the Web Console 300
Using the Trap Viewer 301
Viewing Current Traps 301
Searching for Traps 301
Trap Viewer Settings 302
Configuring Trap Viewer Filters and Alerts 302
Available Trap Alert Actions 305
Trap Alert Variables 307
Trap Date/Time Variables 307
Other Trap Variables 309
Creating Custom Properties 310
Creating a Custom Property 311
Removing a Custom Property 311
Importing Custom Property Data 312
Custom Property Editor Settings 313
Editing Custom Properties 313
Using Filters in Edit View 314
Creating Custom Properties Filters 314
Removing Custom Properties Filters 315
Creating Account Limitations 316
Using the Account Limitation Builder 316
Creating an Account Limitation 317
Deleting an Account Limitation 317
Managing the SolarWinds UDT Database 319
Using Database Manager 320
Adding a Server 320
Using SQL Server Management Studio 320
Database Maintenance 323
Running Database Maintenance 323
16
Common Orion Tasks 324
Creating an Alert to Discover Network Device Failures 324
Creating a Custom Property 324
Creating an Alert Using a Custom Property 326
Configuring Alert Actions 327
Testing Alerts 331
Scheduling and Emailing Business Hours Reports 333
Creating a Business Hours Report 334
Scheduling and Emailing a Report 335
Creating Geographic or Departmental Views 336
Creating a Custom Group 337
Creating a Custom View 337
Additional Polling Engine and Web Console 340
Additional Polling Engine System Requirements 340
Installing an Additional Polling Engine 341
Upgrading an Additional Polling Engine 343
Configuring an Additional Polling Engine 343
Changing Polling Engine Node Assignments 344
Installing an Additional Web Console 345
Copying the Default Reports 346
Troubleshooting 347
Checking Device Compatibility 347
Scanning a Device 348
Analyzing Test Results 348
Node Discovery Completely Fails 349
Node Discovery Fails for Some Devices 350
UDT Missing User Data 350
UDT Polling Spikes CPU on Target Device(s) 351
Wrong Hostname Reported for Endpoint 352
17
Wrong IP Address Reported for Endpoint 352
Wrong MAC Address Reported for Endpoint 352
Wrong Connection Type Reported for Endpoint 353
Wrong VLAN Reported for Endpoint 353
No DNS Data for a Device 353
No Layer 3 Data for a Device 354
No Layer2 Data for a Device 354
No User Data Retrieved Via WMI (Windows Server 2003) 355
UDT Not Receiving User Data from Domain Controllers 355
Event code setup 355
Adding a Deleted Port Back into UDT 356
Orion Platform Components 356
Verify Program Operation 357
Stop and Restart 357
Run the Configuration Wizard 358
Using Full Variable Names 358
Working with Temporary Directories 358
Slow Performance on Windows Server 2008 359
Regular Expression Pattern Matching 361
Characters 361
Character Classes or Character Sets [abc] 361
Anchors 363
Quantifiers 364
Dot 366
Word Boundaries 366
Alternation 366
Regular Expression Pattern Matching Examples 367
18
Introduction to UDT
SolarWinds User Device Tracker (SolarWinds UDT) allows you to monitor devices, ports, and users for your
network. With SolarWinds UDT, you can analyze your port usage and capacity and be alerted to issues
before or as soon as they occur.
SolarWinds UDT allows you to find where devices are connected in your network and offers detailed
information about capacity analysis. UDT regularly polls switches and routers for information about what
is connected to them. Based on this information, SolarWinds UDT stores current and historical information
about where a device has been connected. It also provides alerts and reports about devices connected to
the network. For capacity analysis, SolarWinds UDT can report on how many ports are used on switches
currently, as well as over time, so you can better understand the true utilization of the ports on your
switches.
UDT also polls Active Directory domain controllers event logs for user login activity and based on it
provides current and historical views of endpoints to which users have been connected on the network.
What Is a Device?
A device is a MAC address, hostname, or IP Address. SolarWinds UDT allows you to search on this
information to find where the device is connected in the network and where it has been connected in the
past.
nWhat SolarWinds User Device Tracker Offers
nHow Does SolarWinds User Device Tracker Work?
What SolarWinds User Device Tracker Offers
SolarWinds UDT provides focused device and port monitoring for network engineers. SolarWinds UDT
provides many features to help, including:
nDiscover IPv4 and IPv6 devices.
nQuickly find where a device (MAC address, hostname or IP Address) or user is connected on the
network
nFind out where a device or user has been connected in the past
nFind out what has been connected to a port over time
nProvides port capacity analysis for a switch (how many ports are being used, including both
monitored and un-monitored ports)
nProvides global port capacity analysis for used/available ports and network capacity planning
nConfigure a watchlist to track when specific devices appear on the network and alert when the
devices appear
19
nProvides enhanced network topology mapping
nGenerates 7 new predefined reports on connected devices, device capacity, and AD users
How SolarWinds User Device Tracker Works
Using SNMP calls to your network framework, SolarWinds User Device Tracker provides real time feedback
on your monitored devices and users and trending through statistics stored in the Orion Platform
database. Keeping with the SolarWinds common components infrastructure, there are no agents installed
on your servers and no remote software to maintain. All calls are made in real time and displayed on a
Web Console accessible from any supported browser.
The following diagram provides an overview of the current SolarWinds UDT architecture, including
interactions among SolarWinds UDT components, the SolarWinds UDT database, Active Directory domain
controllers, and the managed devices on your network.
20
Table of contents
Other SolarWinds GPS manuals
