Recent Discussions
Windows Patching Dashboard
i all, We’re looking to build a comprehensive Windows patching dashboard in LogicMonitor to support compliance, vulnerability management, and visibility across our customer environments (we're an MSP). We currently monitor patching via the WinUpdate_PatchStatus DataSource, but we’d like to expand that with more widgets and deeper insights. Host-level metrics we want: Pending updates count Failed updates count Last successful update time Reboot required (true/false) Recent installed or pending KBs (if possible) Dashboard-wide summary widgets: Top 10 hosts with most pending updates Percentage of Windows servers that are fully patched Pie chart: compliant vs pending vs failed Compliance trends over time Breakdown by group, tag, or customer Nice to have: Table view showing last 5 patches per server Alert integration (e.g., warning if failed updates > X) Multi-tenant filters using tags like env=prod or customer=x Reusable dashboard layout for other clients or environments What we already have in place: WinUpdate_PatchStatus active Proper WMI permissions & Collector access Basic auto properties like auto.updatecount, auto.lastupdate Looking for: Dashboard JSON exports with any of the above Custom DataSources (PowerShell-based?) to enrich with KBs General tips on patching visibility and compliance via LogicMonitor Would appreciate anything you can share — we’ll happily post our version once we finalize it! Thanks in advance! Admine LM certified Monitoring ProfessionalObservability & Edwin AI steps
Hi fellow LM wizards, We want to elevate our monitoring as a big MSP. Did someone try to elevate to monitoring as code and create advanced observability? We are not aware what should be fixed or in place to follow the path to Edwin AI or advanced observability. Is there anyone who can share a roadmap with logical steps? Thank you in advance!
Alert Escalation Throttle Auditing?
Is there somewhere logging alert throttling for the escalation chains... it's currently a tedious process to unravel what would have caused (random example: ~1623 throttle alert tickets in our ticketing system). The throttle ticket doesn't contain any researchable information. The Audit Log doesn't show those events. Looking at the closed alerts didn't show the volume that would account for that quantity of throttle tickets. Does it consider throttling in a sliding time window and alert a new throttle for every new alert at the far end of the window? If so, that would negate the purpose of the throttling once it scales past the quantity set for the throttling threshold.
SQL Query Datasource (T-SQL)
I have a T-SQL query for showing disk IO stats (from 'sys.dm_io_virtual_file_stats'). I'd like to present this table data to a widget on a dashboard. What is the best/most efficient way of doing this? This is something I've not explored before (T-SQL specifically), but have done similar with custom PowerShell/WMI/Groovy so the principle knowledge is good. ThanksOthers Having Challenges with Least Privilege (POLP)?
Hi all. Just wanted to reach out to the community to see if others are running into the same challenges deploying the LM least-privilege service accounts as we are. This is what we've identified so far: LM can't retrieve metrics for disks where NTFS permissions don't include read access for the service account. I've scripted a PowerShell permissions check for disks in our environment, but I feel like this isn't a scalable solution. LM can't retrieve metrics for HyperV clusters. The workaround would be similar to the above. There doesn't appear to be a scalable way to confirm monitoring works across all instances/datasources after migration. I've written a script that retrieves all monitoring data for all resources from the LM API, puts it into a SQLite database, for later before/after comparison. The onboarding/migration script only sets SDDL permissions on currently installed services. If a service is newly-installed, or updated, LM can no longer monitor the service. I was considering scheduling the script to run on a regular basis, but read in this forum that it can exceed the max security descriptor length because it writes duplicate permissions. I've reach out to support on all of these issues and been told everything is 'working as expected', and that their devs 'can't anticipate every scenario'. Which is true! But none of what I described is due to an exotic configuration or niche software. Given that switching to a least-privilege model was portrayed as a 'mandate' a few months ago, I feel like remarkably little thought has gone into how this would impact customer environments, but I digress. Has anyone encountered similar issues? What's the consensus on whether the LM least-privilege model actually makes sense in the real world?
How could I add my other monitoring checks like OS, SQL and third party software to ec2 instance?
I recently added our cloud resources to logic monitoring. However we need to add more monitoring checks that were registered under our local collector server. How could I add my other monitoring checks like OS, SQL and third party software to ec2 instance?
