Recent Discussions
Active Discover Filters with non-existent properties
I've been looking for an easy way to exclude instances by manually creating properties like ##exclude.volumes## or ##exclude.replicationjobs## which can be referenced in Active Discovery filters. Normally you can use something like NotContain or RegexNotMatch (ie "Name NotContain ##exclude.volumes##") but that only works if the property exists. If it doesn't existing (which provides an empty string) then that filter ends up excluding everything. Which means you can't just add it when you need to exclude something. I tried several different ways to write regex to make this work but I don't think it's possible (but open to hearing a way!). Note that this needs to account for instances that can change automatically, like temporary drive mounts for example. So just disabling the instances manually wouldn't be enough. I also don't really want to set a "default" value for all these possible Exclude properties at the root level. I also wanted something that can be easily modified on any existing multi-instance DataSources, including common built-in ones and DataSources that just use WMI or SNMP without scripting. I could clone the existing DataSource and switch to using a scripted Active Discovery to deal with it in code. But I already have so many parallel DataSources with official ones and a simple Filter change would be better. So what I would like to see, and I'm sure it's come up before, is for Active Discover filters to support nested AND. So a filter can contain something like (##exclude.volumes## Exists AND Name RegexNotMatch ##exclude.volumes##). That should provide a way to do what I'm looking to do. Or something that might be easier but messier is a new option like NotContainUnlessBlank or similar that will ignore values that are blank, although that sounds messy and confusing. I'm open to any suggestions to workaround if anyone has any.
Windows agent-based monitoring
By far the most time consuming and difficult parts of onboarding a customer into our managed services is getting servers onboarded. We advise customers use Group Policy to push out settings for Windows Firewall and add the monitoring users to some groups. We also advise using it to run a PowerShell script on each server to implement least priv access. This is based largely on the same code LM uses in the Non-Admin script with a bunch of extra features we've added ourselves. Getting this GPO implemented though often requires jumping through a lot of change control and security related questions. In larger organisations, it often requires several levels of approval before it can be implemented. Then we have the non-domain joined machines, which need this all run manually. It's often not practical to install collectors in each subnet, so we also need to get a whole host of firewall rules opened up across the network to allow the collectors to reach each server to be monitored. Again, time consuming to explain the requirements, get approval and get implemented. In cases where we need to monitor applications, like SQL Server, this requires a more ports being opened - sometimes custom ports depending on how it's been setup and additional permissions for user accounts, which again we always try to do with 'least priv' in mind. I know LM is all about "agentless" but it would be great if we could have a lightweight agent for Windows (and maybe Linux) that could collect data for a machine then forward it to a local collector for onward transmission to LM. It would reduce requirements for a lot of network changes. I'm not sure if this could also reduce the need for running scripts etc for "least priv" access. Possibly not as I guess running this agent thing as system wouldn't be ideal either. I'm talking out loud here a little, but wondering if others have similar frustrations with getting servers into monitoring.
Service nesting and topology mapping
I would like to see that services can be be nested and relationship based on the nesting with alert settings on the relationship. For instance we have products that contain multiple components now each is monitored and using group strucure we can kind of do a root cause. But it we can use services with maps and build relationships between them we could for instance see that a website goes down because on a sql server the logdisk fails. the service than from a user perpective is the website. But from tech perspective it is the whole chain. If we can use services to include the websitecheck, the webserver, the database, the hardware stack each connected using a service depending on the other service shown on a map would directly point you to the root cause. Guess here LM lacks in my opinion.Collector configuration management - API/Ansible
Hi, We recently had to change the collector cache to a new baseline. Needed to be applied to every collectors. To avoid slow and repetitive actions, we tried using APIs/Ansible. But to my understanding the following APIs call don't support "Agent config" changes : /setting/collector/groups/{id} /setting/collector/collectors/{id} Also tried using Ansible lm_collector module https://galaxy.ansible.com/ui/repo/published/logicmonitor/integration/content/module/lm_collector/
Alert Exports : Please add export to CSV option
From the Alerts Option, I can build my custom alert (filtered on Datasource, group etc). Select the time period. Then.... I need to take a screenshot to send it to someone. Or start the work again with an Alert Report. Can we get an export to csv/pdf option?
Alert Tuning : Please add export to CSV option
This comes up on a weekly basis for us but can you please add the ability to export all the items displayed on the Alert Tuning tab to a CSV. Many clients, dev groups ask us for a report on all the metrics that we are monitoring for a group of devices, location, technology and what thresholds are in place. The alert tuning tab has exactly this info but we cannot share with anyone in a meaningful manner. The "Threshold Report" is not a viable option as it spits out EVERYTHING and quickly maxes out on the 50k line limit. We just need the Entries listed in the Alert Tuning tab when clicking on a any device in the tree.
