Categories
Netops

SolarWinds Alert Timers

We use Solarwinds to monitor IP SLA performance on some important MPLS connections.

We have them set up to alert us if a circuit starts responding at slower than 160 ms.

An email went get sent to Tier 1 support to investigate.

You can read how to set up alerts on Solarwinds: https://support.solarwinds.com/Success_Center/Server_Application_Monitor_(SAM)/Create_a_component_alert

Now, A slow ping every once in a while is expected and fine. We don’t want to cry wolf. To keep the noise level down and actually only raise an incident when the line is degraded we need to implement alert timers.

There are 3 timers we can use in a Solarwinds Alert:

1. Trigger Condition Timer

How long an issue needs to be reported before an alert is raised.

Adjust this to make the alert more or less sensitive.

2. Reset Condition Timer

How long an issue needs to stop happening before the alert is automatically cleared.

Adjust this to keep the alert from flapping. you don’t want a million emails on a link that keeps going up/down.

3. Triger Action Timer

How long the alert needs to be active before the action happens (usually an email, but can do a lot of things.)

Adjust this to give the link a chance to stabalize. Set it longer than the reset timer (or 2x the reset timer depending on urgency)

There are also polling timers that come in to play, but we don’t generally alter them.

solarwinds-alertTimingFlow

Categories
Tips and Tricks

Delayed or slowed typing in office

Every time I get a new computer I have to make some adjustments.

One that kills me is the delayed or slow typing in Outlook and Excel. Other office products like word also have the issue.

It’s caused by animations in windows 8.1

Search “edit system environment variables”

Advanced tab.

Performance settings.

Uncheck animate controls and elements.

You could uncheck a bunch of other stuff as well to make windows feel more snappy.

Categories
Security Related

IIoT harbinger of doom

interesting Friday reading.

A hypothetical look at the year 2025 and how infosec (or lack there of) could cause some major disruptions in a few years.

We’ve already seen IoT devices used in DDoS attacks. What happens when someone hacks the elevators or cars…

https://www.csis.org/analysis/iot-automation-autonomy-and-megacities-2025

endofdays

Categories
Security Related

Ransomeware – Popcorn Time

New ransomeware that lets people unlock their pcs by​ infecting other people.

​Since computer security is getting better the hackers need to be a bit more clever with how they spread their malware.

This is kind of interesting idea. if someone is embarrased that they got infected they might try to spread it to other people to get themselves unlocked before netops finds out.

I could see this spreading through a company with bad policies in place and poorly educated users.

https://www.wired.com/2016/12/popcorn-time-ransomware/

Thanks Tony for passing along the story.

Categories
Security Related

Automated Network Security

IBM’s Watson is now being employed by 40 test companies to monitor/handle network security.

https://www.wired.com/2016/12/ibm-watson-for-cybersecurity-beta/

This is going to be an awesome tool once it’s done.

I could see it changing the roles of network security professionals around the world.

you could also look at this as an example of smarter computers replacing humans. Nobody’s job is safe from automation.

Keep learning. Keep growing.

Categories
Notes Tips and Tricks

Solarwinds – Thwack

​You should have a thwack ​account. if you don’t have one, get one.

You’ll get notices on some interesting things from time to time and you’ll be able to ask the usergroup questions and learn some cool things.

Today I got an alert about a lab on scripting happing.

It was informative discussion on using the compliance manager tools in solarwinds. You can create your own compliance settings or use one of the pre-built scripts.

They spoke of using remediation from right inside the script, but I would feel a lot more comfortable running, checking the devices that failed, and then remediating manually or then using the remediation scripting portion.

http://lab.solarwinds.com