The document outlines a webinar hosted by SolarWinds on their Orion platform, focusing on best practices for alerting integration within workflows for government and education sectors. It covers topics such as advanced alerting, reducing alert noise, and provides resources for users to enhance their alert management. Additionally, it highlights SolarWinds' offerings, customer base, and key security principles.

1. 1
@solarwinds
Orion Platform: Audit and Streamline
Alerting to Integrate With Workflows
Government and Education Webinar
November 4, 2021

2. 2
@solarwinds
© 2021 SolarWinds Worldwide, LLC. All rights reserved.
Speaker Information
Sean Martinez
Senior Solution Architect
sean.martinez@solarwinds.com
512.682.9554 (office)

3. 3
@solarwinds
Agenda
© 2021 SolarWinds Worldwide, LLC. All rights reserved.
• SolarWinds overview
• Best practices and tips for alerting
• Alerting overview
• Advanced alerting
• Reducing noise
• Demonstrations
• Resources
• Q&A

4. 4
@solarwinds
SolarWinds at a Glance
1. IDC defined Network Management Software functional market, IDC’s Worldwide Semiannual Software Tracker, October 15, 2020.
2. Gartner, Market Share Analysis: ITOM: Performance Analysis Software, Worldwide, 2019. June 17, 2020. (AIOps/ITIM/Other Monitoring Tools Software Market). SolarWinds term, Systems Management, refers to the AIOps/ITIM/Other Monitoring
Tools Software Market Taxonomy referenced in the Gartner report. All statements in this report attributable to Gartner represent SolarWinds interpretation of data, research opinion, or viewpoints published as part of a syndicated subscription service
by Gartner, Inc., and have not been reviewed by Gartner. Each Gartner publication speaks as of its original publication date (and not as of the date of this presentation). The opinions expressed in Gartner publications are not representations of fact
and are subject to change without notice.
3. Customers are defined as individuals or entities that have an active subscription for our subscription products or that have purchased one or more of our perpetual license products since our inception under a unique customer identification number.
We may have multiple purchasers of our products within a single organization, each of which may be assigned a unique customer identification number and deemed a separate customer.
#1
in network
management1
300,000+
customers in 190 countries3
60+
IT management
products
Every branch of the DoD and
nearly every civilian and
intelligence agency
150,000+ registered members of THWACK®, our global IT community
Founded in 1999
More than 3,200
employees globally
Austin, TX headquarters
Reston, VA, government office
30+ offices globally
Leader
in remote monitoring and
management
#3
in systems
management2
Growing security
portfolio
498 of the
Fortune 500®
© 2021 SolarWinds Worldwide, LLC. All rights reserved.

5. 5
@solarwinds
Our Approach to Product
© 2021 SolarWinds Worldwide, LLC. All rights reserved.
Our
Core
Principles
Notable
Examples
Simple and
powerful
Deliver complete
visibility for hybrid IT
Grow with our
customers
Enable
application-centric
management
• Quick value after
install
• Seamless UX across
product portfolio
• Native support of the major
on-premises and public
clouds
• Unified, integrated
experience
• Start small, solve the first
problem, and be ready for
the next
• Add new capabilities
quickly
• AppStack™ – manage the
entire app, not just
components
• PerfStack™ – real-time
troubleshooting across the
modern app and infrastructure
stack
• NetPath™ – manage the network,
not just elements
• Cloud infrastructure monitoring
– AWS® and Azure® infrastructure
monitoring
• Support management of
traditional and modern
apps
• Network Insight™ – deep
visibility for the modern
network stack across
performance and
configuration
• AppInsight™ – deep
visibility for packaged
application performance
• Increased scale – support
for 400,000 NPM elements
in a single instance
• Simplified multiproduct
installer – single installer to
automatically resolve
upgrade and install
dependencies

6. 6
@solarwinds
Alerting – Know Your Entities
• Node, interface, volume, virtual host, cluster, application
• Utilizing groups – best, worst, mixed
• Combine with dependencies to tier failure root cause.
• Alert manager view
• Alert pre-configuration tasks
• Alert custom properties
• Creating alerts
• Alert trigger and reset condition logic
• Alert and reset actions
© 2021 SolarWinds Worldwide, LLC. All rights reserved.

7. 7
@solarwinds
The SolarWinds Approach to Security
Make security simple, powerful, and affordable
© 2021 SolarWinds Worldwide, LLC. All rights reserved.
Asset management
Business environment
Governance
Risk assessment
Risk-management strategy
Access control
Awareness training
Data and security protection
Processes and procedures
Patch management
Vulnerability assessment
Anomalies and events
Continuous security monitoring
Recovery planning
Learning and improvement
System restoration
Communications
Response planning
Incident response
Communications
Analysis
Mitigations
“Framework Resources,” NIST. https://www.nist.gov/image/framework-01png
“Cybersecurity Framework,” NIST https://www.nist.gov/cyberframework/framework (Accessed October 2021)

8. 8
@solarwinds
Best Practices and Tips for Alerting
• Leverage device/entity statuses and thresholds
• Establish upstream workflow/notification
• Slack, Discord, Teams, xMatters, ServiceNow, Service Desk, Web Help Desk®
• Examine and customize from the out-of-the-box alerts
• Restrict who receives alerts – alerts can have custom properties
• Plan which devices to monitor – custom property nodes by criticality
• Establish dependencies – topology, grouping, enhanced node status
Enhanced node status: https://thwack.solarwinds.com/product-forums/the-orion-platform/f/forum/1598/orion-platform-2019-2---enhanced-node-status
© 2021 SolarWinds Worldwide, LLC. All rights reserved.

9. 9
@solarwinds
Advanced Alerting
• Alert management and escalation
• Utilizing baselines and thresholds
• Creating custom properties
• Defining object dependencies
• Capacity planning
• Using alerts to ensure a persistent issue is present
• SWQL functions
• Alert Lab on THWACK (includes example alerts from other
users)
© 2021 SolarWinds Worldwide, LLC. All rights reserved.

10. 10
@solarwinds
Reducing Alert Noise
• Complex trigger conditions
• Alerts with multi-element triggers
• Use duration in the alert trigger
• The “Do Not Alert” alert
• Send alerts to specific contacts
• Alerts with device-specific thresholds
• Single alert when multiple devices go down
• Event correlation alerts (Y after X)
© 2021 SolarWinds Worldwide, LLC. All rights reserved.

11. 11
@solarwinds
DEMO
© 2021 SolarWinds Worldwide, LLC. All rights reserved.

12. 12
@solarwinds
Slack or Discord Alert Notification Workflow
{
"text":"",
"attachments":[{"text":"POC: ${N=SWQL;M=SELECT ResponsibleTeam FROM
Orion.AlertConfigurationsCustomProperties where AlertID='${N=Alerting;M=AlertID}’}
n n
Additional Node Reporting:
n n
Packet Loss Problem?
n
${N=SwisEntity;M=PercentLossThreshold.IsLevel1State;F=YesNo}
n n
Latency Issue?
n
${N=SwisEntity;M=ResponseTimeThreshold.IsLevel1State;F=YesNo},
${N=SwisEntity;M=ResponseTime}
n n
CPU Problem?
n
${N=SwisEntity;M=CpuLoadThreshold.IsLevel1State;F=YesNo},
${N=SwisEntity;M=CPULoad}
n n
Memory Issue?
n
${N=SwisEntity;M=PercentMemoryUsedThreshold.IsLevel1State;F=YesNo}, Utilization
${N=SwisEntity;M=PercentMemoryUsed}
Note: Built for Slack/Discord. n means new line. SolarWinds variables can be reused.
© 2021 SolarWinds Worldwide, LLC. All rights reserved.

13. 13
@solarwinds
PerfStack™ Report Auto-Generation
Information About the device can be found here:
n
Node:
${N=SwisEntity;M=DetailsUrl}
n n n
https://<ORIONSERVER>/ui/perfstack/
?presetTime=last30Days&charts=0_Orion.Nodes_$
{N=SwisEntity;M=NodeID}-Orion.PerfStack.Status;
0_Orion.Nodes_${N=SwisEntity;M=NodeID}-Orion.PerfStack.Alerts;
0_Orion.Nodes_${N=SwisEntity;M=NodeID}-Orion.CPUMultiLoad.MaxLoad;
0_Orion.Nodes_${N=SwisEntity;M=NodeID}-
Orion.ResponseTime.MinResponseTime,0_Orion.Nodes_${N=SwisEntity;M=NodeID}-
Orion.ResponseTime.MaxResponseTime;0_Orion.Nodes_${N=SwisEntity;M=NodeID}
-Orion.PerfStack.Events;",
"title": "${N=SwisEntity;M=Caption} is ${Status}",
"title_link": "${N=Alerting;M=AlertDetailsUrl}",
"color":"#FEE529" }]
}
Note: Built for Slack/Discord, but the entities should be reused for any notification situation
© 2021 SolarWinds Worldwide, LLC. All rights reserved.

14. 14
@solarwinds
Alerting Resources for Orion Platform Products
• Review Success Center article on Orion Platform alerting:
https://support.solarwinds.com/SuccessCenter/s/article/Alerting-resources-for-Orion-Platform-products
• Review Success Center article on reducing noise in the Orion Platform alerting:
https://documentation.solarwinds.com/en/success_center/orionplatform/Content/Onboarding/Core-
OB_Parent_Reduce_Alert_Noise.htm
• Visit the Alert Lab on THWACK: https://thwack.solarwinds.com/community/resources/alert-lab
• View SolarWinds Lab Episode #42 All About Alerts: https://thwack.solarwinds.com/community/solarwinds-lab/lab-
42
• Blog Poston Advanced Alerting, from Leon Adato, SolarWinds Head Geek™:
• Advanced reporting part 1: re-creating the "all alerts" resource with extras
• Advanced reporting part 2: making web-based reports do your bidding
• Advanced alert reporting part 3: hyperlinks in data output
• Advanced alert reporting part 4: creating an acknowledge link where once there was none
© 2021 SolarWinds Worldwide, LLC. All rights reserved.

15. 15
@solarwinds
Q&A
© 2021 SolarWinds Worldwide, LLC. All rights reserved.
Contact federal sales:
877.946.3751
federalsales@solarwinds.com
Contact state and local government sales:
governmentsales@solarwinds.com
Contact education sales:
educationsales@solarwinds.com

16. 16
@solarwinds
Contact Us
• Visit our THWACK government group: http://thwack.com/government
• Watch a short demo video: http://demo.solarwinds.com/sedemo/
• Download a free trial: http://www.solarwinds.com/downloads/
• Visit our government website: http://www.solarwinds.com/government
• Call government sales: 877.946.3751
• Email SolarWinds federal government sales: federalsales@solarwinds.com
• Email SolarWinds state and local government sales: governmentsales@solarwinds.com
• Email SolarWinds education sales: educationsales@solarwinds.com
• Follow us on LinkedIn®: https://www.linkedin.com/company/solarwinds-government
Let us know how we can help you
© 2021 SolarWinds Worldwide, LLC. All rights reserved.

17. 17
@solarwinds
THANK
YOU
© 2021 SolarWinds Worldwide, LLC. All rights reserved.

18. 18
@solarwinds
The SolarWinds, SolarWinds & Design, Orion, and THWACK
trademarks are the exclusive property of SolarWinds Worldwide,
LLC or its affiliates, are registered with the U.S. Patent and
Trademark Office, and may be registered or pending registration
in other countries. All other SolarWinds trademarks, service
marks, and logos may be common law marks or are registered or
pending registration. All other trademarks mentioned herein are
used for identification purposes only and are trademarks of (and
may be registered trademarks) of their respective companies.
© 2021 SolarWinds Worldwide, LLC. All rights reserved.