SRM 2024.2 release notes
Release date: June 4, 2024
Here's what's new in SRM 2024.2. You can find the applicable system requirements here.
To view release notes, system requirements, and product guide PDFs for supported versions of SRM, see SRM previous versions. To view release notes for multiple versions
SRM runs on the SolarWinds Platform (self-hosted). SRM release notes include the updates from the SolarWinds Platform (self-hosted).
Attention 2024.2 customers
Starting with 2024.2, SolarWinds Information Service (SWIS) will officially move to TCP 17774 by default and will stop listening on port TCP 17778. Please ensure all firewalls have been updated accordingly prior to upgrading.
New features and improvements in SRM
SRM introduces API-based polling for NetApp E-Series devices
NetApp E-Series and EF-Series storage arrays, as well as Lenovo DE Series and FUJITSU Storage ETERNUS AB/HB Series, can now be monitored using SANtricity Web Services (REST API). The SMI-S Provider (SANtricity SMI-S Provider) is deprecated by the vendor.
When adding a new storage array, you can choose from different polling methods (SANtricity Web Services Proxy, SANtricity Web Services Embedded, or SANtricity Web Services (REST API) polling.
Other features available only with SANtricity Web Services include hardware health monitoring and controller status and host port monitoring for E-Series devices (available only on some models).
New features and improvements in SolarWinds Platform
Maps improvements
In Intelligent Maps, users can:
- Define custom topology links based on the status of child entities
- Hide manually created links
- Track wireless heat maps history
- Draw curved lines
Users can import Network Atlas maps to Intelligent Maps. See Import maps.
Additional updates
- Administrators can configure a mandatory notice to be displayed and acknowledged before users log in.
- When users log in to the web console, a toast message with the date and time of the previous successful login is displayed in the top right.
- Improved stability, installation, and upgrade experience.
- Improved performance of the SolarWinds Observability Self-Hosted.
- Various security and compliance improvements.
- Stability improvements for agents and pollers.
- SNMP v3 traps with the authentication method SHA-256 or SHA-512 are supported.
Fixed CVEs
At SolarWinds, we prioritize the swift resolution of CVEs to ensure the security and integrity of our software. In this release, we have successfully addressed the following CVEs.
SolarWinds CVEs
SolarWinds would like to thank our Security Researchers below for reporting on the issue in a responsible manner and working with our security, product, and engineering teams to fix the vulnerability.
| CVE-ID | Vulnerability Title | Description | Severity | Credit |
|---|---|---|---|---|
| CVE-2024-28996 | SolarWinds Platform SWQL Injection Vulnerability | The SolarWinds Platform was determined to be affected by a SWQL Injection Vulnerability. Attack Complexity is high for this vulnerability. | 7.5 High | Nils Putnins from NATO |
| CVE-2024-28999 | SolarWinds Platform Race Condition Vulnerability | The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console. | 6.4 Medium | ElHussain Fathy (0xSphinx) |
| CVE-2024-29004 | SolarWinds Platform Stored XSS Vulnerability | The SolarWinds Platform was determined to be affected by a stored cross-site scripting vulnerability affecting the web console. High-privileged user credentials are needed, and user interaction is required to exploit this vulnerability. | 7.1 High | Jakub Brzozowski, Kamil Falkiewicz, Szymon Jacek with STM Cyber |
Third-party CVEs
| CVE-ID | Vulnerability title | Description | Severity |
|---|---|---|---|
| CVE-2021-4321 | Authenticated XSS Vulnerability | A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 11.0.5 and 11.1.0-next.3 is able to address this issue. The name of the patch is ba8da742e3b243e8f43d4c63aa842b44e14f2b09. It is recommended to upgrade the affected component. | 5.4 Medium |
| CVE-2023-0215 | Denial of Service Vulnerability | The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected. | 7.5 High |
| CVE-2022-0778 | Denial of Service Vulnerability | The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc). | 7.5 High |
| CVE-2021-23840 | Denial of Service Vulnerability | Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x). | 7.5 High |
| CVE-2023-0286 | Denial of Service Vulnerability | There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network. | 7.4 High |
| CVE-2021-3712 | Denial of Service Vulnerability | ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own "d2i" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the "data" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y). | 7.4 High |
| CVE-2018-0732 | Denial of Service Vulnerability | During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o). | 7.5 High |
| CVE-2020-1971 | Denial of Service Vulnerability | The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate. This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the "-crl_download" option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w). | 5.9 Medium |
| CVE-2019-1559 | Denial of Service Vulnerability | If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q). | 5.9 Medium |
| CVE-2018-0737 | Side Channel Attack Vulnerability | The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o). | 5.9 Medium |
| CVE-2017-3736 | Sensitive Data Disclosure Vulnerability | There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. This only affects processors that support the BMI1, BMI2 and ADX extensions like Intel Broadwell (5th generation) and later or AMD Ryzen. | 6.5 Medium |
Fixed customer issues
| Case number | Description | Platform product |
|---|---|---|
| 413124, 00583729, 00917555, 01509843, 01590830 | On the Manage Nodes page, all nodes are displayed when nodes are grouped by Maintenance Window, even for users connecting to the SolarWinds Platform server from a different time zone. |
Platform |
| 01570284, 01589174 | On the modern Manage Nodes page, custom properties can be successfully imported. |
Platform |
| 01558137, 01573518, 01583277, 01585187, 01585743 | Installing an additional polling engine no longer fails if the SolarWinds Administration Service (SWA) was updated on the main polling engine, resulting in the message |
Platform |
| 00347151, 00583729, 00609433, 00808352, 01086612, 01351960, 01445837 | Scheduled maintenance mode times are displayed correctly when multiple nodes are selected and when the nodes and the SolarWinds Platform server are in different time zones. |
Platform |
| 00971087, 01337532, 01522899, 01526029, 01526147, 01550288, 01570302 | A memory leak in the |
Platform |
| 01560597, 01562147, 01565729, 01567347, 01571619, 01571639, 01558789, 01566874, 01561654, 01560265, 01573988, 01571865, 01572094, 01580802, 01564082 | Object icons on the Active Alerts page are displayed correctly. |
Platform |
| 01559327, 01556253, 01562533 | The check to determine whether time settings across agents are synchronized was removed from the Deployment Health check in the SolarWinds Platform Web Console. In the stand-alone Active Diagnostics application, the check no longer indicates problems when there are none. |
Platform |
| 01051176, 01221567, 01314256, 01546461, 01563438, 01560376, 01564113, 01564143, 01568945, 01576335, 01564113 | The test to identify mismatches between the SWIS URI System Identifier and the system identifiers in URIs no longer fails. The test has been added back to Active Diagnostics. |
Platform |
| 01521004, 01567098 | On the Collect new diagnostics page, the search results display the correct nodes, and pagination works correctly. |
Platform |
| 01550125 | Remote installation of an agent no longer fails on non-English computers running a Linux-based operating system. |
Platform |
| 01559272, 01561292, 01563910, 01566566, 01550711, 01560088 | Intelligent Maps no longer display black objects instead of icons. |
Platform |
| 01550299 | Intelligent Maps display all icons correctly when they are selected from the Icon property panel. |
Platform |
| 01562091 | Hovering over interfaces on an Intelligent Map no longer causes an error to be displayed, similar to:
|
Platform |
| 01533680, 01552117 | Job engine clear messages are no longer sent between polling engines, which could cause polling to stop. |
Platform |
| 01455555, 01423586 | The Linux agent no longer uses the wrong path to search for certificates, which prevented the agent service from starting. |
Platform |
| 01502617, 01544348 | A query that lead to deadlocks in the SolarWinds Platform database has been tuned. |
Platform |
| 00894876, 00952370, 01316477, 01542041 | When a user logs out of the SolarWinds Platform Web Console, the resulting login dialog populates the Username field based on the credentials of the user who logged out, rather than always |
Platform |
| 01488421 | Node availability data is no longer displayed incorrectly if a node enters fast poll from the |
Platform |
| 01507890 | On the configuration dialog for the Send a GET or POST Request to a Web Server alert action, you can enter user names and passwords of up to 150 characters when you choose Basic or NTLM authentication. The previous limit was 50 characters. |
Platform |
| 01510957 | On the Add SMTP Server dialog, you can enter a host name with a segment that starts with a number. |
Platform |
| 01494432 | A view in the SolarWinds Platform database has been tuned to improve performance when retrieving application availability data and to prevent high database CPU usage. |
Platform |
| 00158062, 00334434, 01459950 | Reports that contain a SWQL query are displayed correctly when they are sent through the report scheduler as an HTML email. |
Platform |
| 01507494 | Special characters, such as the German umlaut, are displayed correctly in the user interface. |
Platform |
| 01423540, 01499591, 01508573 | Database maintenance performance has been improved to run more quickly. |
Platform |
| 01330047, 01395989, 01469949, 01511737 | The speed and accuracy of topology calculation to show connections on network maps has been improved. |
Platform |
| 01462551, 01399856 | During provisioning, the AIX agent no longer queries its DNS server to resolve its IP address in order to send this information to the SolarWinds Platform. |
Platform |
| 00655331, 01492460 | Searches based on a custom property value work correctly when the custom property name is SiteID. |
Platform |
| 01496061 | If any metrics are missing from a PerfStack project, the PerfStack Widget displays the available metrics instead of the Load PerfStack Project button. |
Platform |
| 01430167, 01497213 | In a deployment with High Availability configured, the Deployment Health tab no longer shows invalid issues on standby servers because of SWIS connection failures. |
Platform |
| 00637986, 00640711, 01504141 | Having special characters in a report name no longer causes the report scheduler to fail. |
Platform |
| 01253523, 01468220, 01495488 | The next poll and next rediscovery times for volume polling are shown in the time zone of the server, not in the UTC time zone. |
Platform |
| 01453924 | When multiple alert actions are triggered simultaneously, the AlertDetailsUrl and AlertObjectID macros return the correct values. |
Platform |
| 01250912, 01384999, 01493532 | The Power Control Unit (PCU) status is displayed on Node Details page after an upgrade. |
Platform |
| 01311212 | The software version and other information about PCU/UPS devices is updated with the latest polled values. |
Platform |
| 01196102 | When you run the Discovery Wizard with a set of more than 35 nodes, statistics for PCUs are not lost. |
Platform |
| 00787337, 01266827 | Assigning UPS devices to a Universal Device Poller (UnDP) in bulk is successful, data is polled from UPS devices, and UPS inventory reports are displayed correctly. |
Platform |
| 01155223, 01424647 | Polling of UPS devices without Battery Temperature no longer results in UPS and Battery Status being reported as unknown. |
Platform |
| 00384424, 00483466, 00565220, 01482010 | Custom reports and charts with custom time periods no longer incorrectly add "UTC" to the title, even though the time is shown in the server's local time zone. |
Platform |
| 01459302 | Network Discovery using Seed Router on some newer devices no longer fails with the error |
Platform |
| 01477323 | An issue that resulted in the incorrect notification |
Platform |
| 01002109, 01231236, 01140657, 01198400, 01353300, 01428595 | An issue was fixed that caused alert actions to fail with errors such as:
|
Platform |
| 01405094 | Hovering over a location on a map no longer produces unexpected results, such as the pop-up appearing in the wrong location or staying open after the mouse moves. |
Platform |
| 01415696 | Applying account limitations no longer slows down operations with the Orion.Group entity, causing performance issues in widgets, such as active alerts or maps. |
Platform |
| 01373197 | The issue with inconsistent SNMP information is resolved by updated OIDs. |
Platform |
| 00909898, 01119224, 01385636 | Operations on custom properties no longer cause deadlocks, which were leading to issues such as the inability to delete a custom property or to edit multiple nodes at the same time. |
Platform |
| 01359275, 01389703 | Duplicating a dashboard from the Manage Dashboards page no longer assigns the same ID, which was causing upgrades to fail. |
Platform |
| 01352738 | When a Group Member alert is triggered, macros in the alert notification are parsed correctly. The notification no longer shows the macro instead of the resulting text. |
Platform |
| 01227054, 01335583 | When you create a report, the Resource Preview pane includes orange column width indicators, and Custom is selected as the default column width setting. |
Platform |
| 01228625, 01242391, 01468064 | The installer no longer fails while attempting to upgrade the Oracle ODBC driver. |
Platform |
| N/A | If you use Windows Agents with disabled automatic update of Agents and upgrade your deployment to the latest version, Agents no longer stop polling CPU, memory, and disks. |
Platform |
| N/A | The Map It feature is displayed correctly when you hold the Alt key on an Intelligent Map. |
Platform |
| 01539957, 01579210 | The timeout limit for the Verify MessageBus connection test on the Deployment Health page has been increased. This change prevents tests that should succeed from failing with the message |
Platform |
| 01559991, 01564082, 01571168, 01571561, 01580158, 01580981, 01600664, 01608819 | When a node is added to an existing Network Atlas map that is already displayed, the node's status is shown correctly instead of always being shown as Unknown. |
Platform |
| 01624138 | *The SecObs Bussiness Layer in the SolarWinds Platform no longer uses the Microsoft Distributed Transaction Coordinator (MSDTC) service, which could lead to the following error:
|
Platform |
| 01567667, 01567696, 01583341, 01590138, 01602301 | *When Microsoft Visual C++ (MSVC) 14 is installed on an agent, the installation is accurately detected. |
Platform |
| 01572326, 01573594 | *The Search For option in the Add/Edit Groups wizard works correctly and can be used to locate objects to add to the group. |
Platform |
| 01495450, 01568838, 01590138 | *When an agent service gets into a status of 5, the SolarWinds Platform attempts to redeploy it. (This status indicates that a dependent prerequisite 'Core Polling Agent Plugin' failed to be installed.) |
Platform |
| 01487914 | *If you click the Submit button multiple times after editing a node, the operation no longer fails with an error. |
Platform |
| 01610271, 01610891, 01613582 | *In certain environments, upgrades no longer fail because the Configuration Wizard cannot create a table due to legacy time series driver structures in the database. |
Platform |
| 01517572 | For NetApp Active IQ Unified Manager devices, the discovery finds all arrays from a provider even if there are more than 20 arrays. |
SRM |
*This fix was added after the RC release.
Installation or upgrade
For new SolarWinds Platform deployments, download the installation file from the product page on https://www.solarwinds.com or from the Customer Portal. For more information, see Get the installer.
To activate your product in an existing SolarWinds Platform deployment, use the License Manager.
For upgrades, go to Settings > My Deployment to initiate the upgrade. The SolarWinds Installer upgrades your entire deployment (all SolarWinds Platform products and any scalability engines).
For more information, see the SolarWinds Platform Product Installation and Upgrade Guide.
For supported upgrade paths, see Upgrade an existing deployment.
Known issues
Date range is one day behind on Wait Time resources
The date on Wait Time Trends resources is one day behind for environments where the DPA server and SolarWinds Platform server are in different time zones. The affected resources are:
-
All Instances with the Highest Wait Times
-
Instances with the Highest Wait Times
-
Greatest Downward Wait Time Trends
-
Greatest Upward Wait Time Trends
Resolution or workaround: Set the DPA and SolarWinds Platform servers to the same time zone.
DPAIM stops working after failover
If you have High Availability configured, the DPA Integration Module stops working when a failover occurs after you re-integrate with a previously integrated DPA server.
Resolution or workaround: Re-integrate the DPA server.
End of life
| Version | EoL announcement | EoE effective date | EoL effective date |
|---|---|---|---|
| 2022.4 | June 4, 2024: End-of-Life (EoL) announcement – Customers on SRM version 2022.4 or earlier should begin transitioning to the latest version of SRM. | July 4, 2024: End-of-Engineering (EoE) – Service releases, bug fixes, workarounds, and service packs for SRM version 2022.4 or earlier will no longer actively be supported by SolarWinds. | July 4, 2025: End-of-Life (EoL) – SolarWinds will no longer provide technical support for SRM version 2022.4. |
| 2022.3 | February 6, 2024: End-of-Life (EoL) announcement – Customers on SRM version 2022.3 or earlier should begin transitioning to the latest version of SRM. | March 7, 2024: End-of-Engineering (EoE) – Service releases, bug fixes, workarounds, and service packs for SRM version 2022.3 or earlier will no longer actively be supported by SolarWinds. | March 7, 2025: End-of-Life (EoL) – SolarWinds will no longer provide technical support for SRM version 2022.3. |
| 2022.2 | November 1, 2023: End-of-Life (EoL) announcement – Customers on SRM version 2022.2 or earlier should begin transitioning to the latest version of SRM. | December 1, 2023: End-of-Engineering (EoE) – Service releases, bug fixes, workarounds, and service packs for SRM version 2022.2 or earlier will no longer actively be supported by SolarWinds. | December 1, 2024: End-of-Life (EoL) – SolarWinds will no longer provide technical support for SRM version 2022.2. |
See the End of Life Policy for information about SolarWinds product life cycle phases. To see EoL dates for earlier SRM versions, see SRM release history.
End of support
This version of SRM no longer supports the following platforms and features.
Port 17778
SWIS REST Endpoint on port 17778 is deprecated as of 2023.1 and will be replaced with port 17774 in a future release. SolarWinds recommends that you start migrating SWIS REST Endpoint to port 17774.
If you are using DPAIM, make sure you are running DPA 2024.2 or later to switch to port 17774. Earlier DPA versions cannot send data to DPAIM on port 17774. See Specify the port DPA uses... for more information.
Starting with 2024.2, you can enable the port in Advanced Configuration by clearing the DisableSwisRestEndpointOnPort17778 option. See Enable/disable the SWIS endpoint port.
Deprecation notice
The following platforms and features are still supported in the current release. However, they will be unsupported in a future release. Plan on upgrading deprecated platforms, and avoid using deprecated features.
Legacy charts
Legacy charts are deprecated as of this release. Migrate your charts to their modern version.
Classic charts
Classic charts are deprecated as of this release. Migrate your charts to their modern version.
Report writer
Use the web-based Report Manager to create reports.
MAPI User Experience Monitor
MAPI User Experience Monitor, a component monitor that can be added to an application template, is deprecated as of 2024.2. It is still available and supported in the current release, but will be removed in a future release. Deprecation is an indication that you should avoid expanded use of this feature and formulate a plan to discontinue using the feature.
Network Atlas
Network Atlas is deprecated as of Orion Platform 2020.2. It is still available and supported in the current release, but will be removed in a future release. Deprecation is an indication that you should avoid expanded use of this feature and formulate a plan to discontinue using the feature. SolarWinds recommends that you start using Intelligent Maps in the SolarWinds Platform Web Console to display maps of physical and logical relationships between entities monitored by the SolarWinds Platform products you have installed.
Starting with 2024.2, you can import Network Atlas maps to Intelligent Maps. See Import maps.
Legal notices
© 2024 SolarWinds Worldwide, LLC. All rights reserved.
This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software, services, and documentation are and shall remain the exclusive property of SolarWinds, its affiliates, and/or its respective licensors.
SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS, OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON THE DOCUMENTATION, INCLUDING WITHOUT LIMITATION NONINFRINGEMENT, ACCURACY, COMPLETENESS, OR USEFULNESS OF ANY INFORMATION CONTAINED HEREIN. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY, EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks) of their respective companies.