What is real-time change detection?

The Troubleshoot a network issue caused by a network config change section provides an example scenario of a system administrator resolving an alert caused by a config change. If the system administrator had enabled real-time change detection, the config change could have been viewed and resolved before the alert was sent. Real-time change detection provides instant notification through email whenever a change occurs to any of your device configurations.

Real-time notifications are coordinated and sent by Message Center, a built-in syslog server and SNMP trap receiver. The notification provides log information you can use to quickly determine if a configuration change is the cause of a network problem. This access to real-time visibility of your network helps you improve your network security, prevent unexpected downtime or delays, and resolve known errors faster.

Unlike the Config Change Report, changes are detected only on the same configuration type. For example, if you download a startup configuration, make changes, and then upload it as a running configuration, the changes are compared against the previous running configuration. A comparison is not made between running and startup configuration types.

Real-time change detection requirements

Real-time change detection requires:

  • A Windows user account with administrative rights.
  • Network devices configured to send syslog or SNMP trap messages when configurations change.
  • The SolarWinds syslog service account must have read-write access to the Orion Platform database. For example, if your SQL Server resides on the same server as NCM, consider using a local administrator account for the SolarWinds syslog service.
  • The SolarWinds trap service account must have read-write access to the Orion Platform database. For example, if your SQL Server resides on the same server as NCM, consider using a local administrator account for the SolarWinds trap service.
  • Ensure the SNMP trap service is running. If the SNMP trap service is not listed as a running service in the service control manager (services.msc), you can enable SNMP in the Management and Monitoring Tools through Add/Remove Windows Components in the Add/Remove Programs application.

Learn more

The following topics walk you through the process of enabling real-time change detection fo ra Cisco router:

  1. Configure a Cisco device to send syslog messages.
  2. Configure alerts and filters triggered by syslog and trap messages.
  3. Configure SolarWinds NCM for real-time change detection.

The example in this guide enables a Cisco router to send syslog messages. To learn how to enable other devices, see configure real time change detection.