I'm new to using DPA - while monitoring some alerts, I found that we had repeated attempts for a "login failed for user 'domain\User': attempting to use an NT account name with SQL Server Authentication [CLIENT: local machine]"
After doing a bit of research, we have identified that the attempted logins were coming from a Task Manager Detail with a PID associated to SWJobEngineWorker2.exe that runs every 5 minutes, and everything I've found seems to be that this is related to NPM.
There are also 3 other Detail/Services that are constant: SWJobEngineSvc2.exe, and 2 instances of SWJobEngineWorker2x64.exe
We do not have any stored credentials in Solarwinds for this particular domain\User, and it doesn't appear that we're using AppInsights to monitor, and nothing seems to be failing, as DPA is monitoring the SQL server just fine.
How can I remove/change this process or adjust the credentials/connection settings it is using?
NOTE: There are NO services on this particular server that use this domain\User account and the only SW service running is 'SolarWinds Agent' using LogOnAs Local System, and there is nothing to uninstall from Control Panel.
SOLVED!
In Solarwinds, under the "Product Specific Settings > SAM Settings", the account 'domain\User' was attempting to use an incorrect Authentication Type and likely an incorrect password (not sure how long ago this was set up in our environment).
After changing the account and authentication type, we were able to quiet the false alerts.