Documentation forLog Analyzer
Analyzing logs is a key capability of Hybrid Cloud Observability and is also available in a standalone module, Log Analyzer (LA). Hybrid Cloud Observability and LA are built on the self-hosted SolarWinds Platform.

Install and configure LA

As a SolarWinds Platform product, LA uses the SolarWinds Platform Installer. Please see the SolarWinds Platform Installation and Upgrade Guide for help installing LA.

Do not install SolarWinds Platform products on the same server as SolarWinds Access Rights Manager (ARM).

When installation is complete, the Configuration wizard appears to guide you through additional steps. During the configuration sequence, the wizard also prompts you to apply additional settings to configure the LA (or SolarWinds Platform Log Viewer) database.

Note that as of LA 2020.6, Microsoft Access Database Engine is no longer required to run LA.

Users may experience performance degradation while using synchronous-commit mode for SQL availability groups on Log Analyzer's database. For high-load environments, asynchronous-commit mode is strongly recommended.

If you are installing LA on Microsoft Azure, review the system requirements, follow the pre-deployment notes, and then review the Azure deployment guide.

  1. On the Database Settings for Log and Event Monitoring screen, select one of the following options:
  • Place the SolarWinds Platform log and event database on the same SQL server as the primary database. Select this option if you expect to send low to moderate log traffic to the SolarWinds Platform.
  • Place the SolarWinds Platform log and event database on a dedicated SQL server (recommended for high volumes*). Select this option if you expect to send a large volume of log traffic to the SolarWinds Platform.
  1. If you have a separate database, on the following screen, enter your credentials for the additional SQL Server instance.
    • Authenticate as currently logged in user. Pass through authentication to the SQL server using the account currently logged in for installing the SolarWinds Platform product.

    • Switch user. Provide credentials automatically detected as either SQL, Windows, or Azure credentials, allowing Windows Authentication for the initial setup even if the SolarWinds Platform server is not joined to a domain or the current account does not have permissions to the SQL server.

  2. Select either the Create a new database or Use an existing database option.
  3. Continue the Configuration wizard sequence.

When installing and configuring SQL Server 2016, enable full-text search to ensure optimum event log search performance within LA. You can still install LA and initiate event log searches without enabling this capability, but the speed and quality of your search may be significantly reduced.

*If you have a large environment, you must provide your own SQL server and use the standard installation. During installation, you will receive a server requirement notification as part of the installer preflight check. For additional guidance, refer to the multi-module system guidelines.

Evaluators

After installing LA, you can add nodes to the SolarWinds Platform and enjoy an unlimited number of SolarWinds Platform and LA nodes, including all paid features. When the evaluation period expires, both the SolarWinds Platform and LA licenses expire. You can then only use the SolarWinds Platform Log Viewer to load historical log messages. No new logs are stored.

The standard installation of LA requires Microsoft SQL Server 2016 SP1. The lightweight installation typically used by evaluation customers installs Microsoft SQL Server 2017.

Customers

LA replaces the existing legacy syslog and trap services. After installation of LA over the legacy syslog and trap services, the records remain in the database, but will not be used by LA. You can still access the read-only legacy records in the Syslog Viewer and Traps Viewer applications until they're removed by database maintenance after the retention period. All rules will remain available after the retention period. All new syslog and trap messages will be stored in the dedicated LA database.

During installation, you will receive a data migration notification as part of the installer preflight check. You can then choose to proceed or cancel the installation.