Recent Discussions
Example scripts
Hi community, I'm running into a limitation with reporting on Scheduled Downtime (SDT) in LogicMonitor. Right now, i' m able to pull alerts that occurred during SDT' s but i cannot generate a single report that shows all historcal SDTs across all my resources/devices. is there any way to generate such a historical SDT report, does someone have a script or code to share to get that trough the API Thanks in advance!
Alert Tsunami: Why the Huge Delay and Flood of Post-Resolution Power Alerts?
Subject: Alert Tsunami: Why the Huge Delay and Flood of Post-Resolution Power Alerts? Hello LM Exchange community and LogicMonitor team, We recently experienced an issue that's causing significant frustration and making our alerting system less reliable. We had a couple of anticipated power cable pull-outs (testing/maintenance), which were quickly resolved. However, we then received a massive backlog of LogicMonitor alerts for this event hours after the issue was fixed and the system logs were clear. The Problem Massive Alert Delay: The initial power loss events occurred and were resolved around 7:00 PM and 8:00 PM (based on the Lifecycle Log). However, we started getting a huge flood of critical alerts via email at 9:13 PM, 9:43 PM, 10:13 PM, and 10:43 PM—hours after the issue had been mitigated and redundancy was restored. Excessive Alert Volume: We received dozens of separate critical alerts (e.g., LME205086576, LME205086578, etc.) for a single, contained event, all arriving en masse hours later. Past "Fix" is a Concern: The last time this occurred, the only way I could stop the flood of delayed emails was to turn off alerting for the device and then turn it back on. This is not a scalable or sustainable solution for a reliable monitoring platform. Key Questions for the LogicMonitor Team What is causing this significant delay in alert processing and delivery? It appears the system is holding a large backlog of alerts and then releasing them all at once hours later. What is the recommended, official way to clear an alert backlog without having to resort to manually disabling and re-enabling alerting? Is there a known configuration or polling issue that would cause a single event (like a brief power loss) to generate dozens of unique critical alerts over a short period, and how can we consolidate these into a single, actionable notification? Data for Review LogicMonitor Email Log (Image 1): Shows critical alerts arriving long after the issue was resolved (9:13 PM to 10:43 PM). Device Lifecycle Log (Image 2): Shows the power events (PSU0003, RDU0012) occurring and being resolved between 8:01 PM and 9:22 PM. Any insight or official guidance on how to prevent this "alert tsunami" would be greatly appreciated. We rely on timely and accurate alerting, and this behavior significantly undermines that trust.
Ubiquiti Unifi 'Source Errors
We're having some difficulties getting the Unifi 'Sources to properly complete their Active Discovery Scripts, leading to building thread counts in the collector, leading to collector service restarts... (ScriptADTasks - 7 days - Red = Failures): I've been chasing the issues (some is the 'Source's appliesTo not properly targeting devices based on the gathered SNMP initial discovery properties) and have not quite found the smoking gun as the error I'm being given doesn't directly point to the issue. Running AD Test from the DS "Ubiquiti_UniFi_Security_Gateways" against a UXG Pro device gives me this error: "Text must not be null or empty" It doesn't identify which text is needed. The line numbers mentioned don't seem to relate directly to the DS AD code's line numbers.
Can't install collectors on Windows core DC's
As it says on the tin. Error installing watchdog service. On separate customers core DC's, different networks, different proxies, same error. Failed to install watchdog. Browser access to LM works and we're installing as system. Proxies do not require auth and we're installing with domain admin rights. We've had/have support tickets opened but we haven't been able to resolve this. Anybody got any ideas.Custom Threshold export
Im trying to automate the export of all custom ("INSTANCE") alert thresholds from a specific LogicMonitor device group (org.org.devices) using PowerShell and the LogicMonitor REST API. I want to get a total count and optionally a breakdown per device. I have the following script which: Authenticates using the LMv1 HMAC scheme Finds the device group by its full path Recursively retrieves all subgroups and devices Fetches datasources and instances for each device Counts thresholds where thresholdSource == 'INSTANCE' Runs in parallel across devices for performance param ( [string]$AccessId, [string]$AccessKey, [string]$Company, [string]$GroupPath, [int] $MaxThreads = 10 ) function Invoke-LmApi { param( [string]$Method, [string]$ResourcePath, [string]$QueryParams = '', [string]$Body = '' ) $epoch = [math]::Round((Get-Date).ToUniversalTime() - [datetime]'1970-01-01').TotalMilliseconds $toSign = "$Method$epoch$Body$ResourcePath" $hmac = New-Object System.Security.Cryptography.HMACSHA256 $hmac.Key = [Text.Encoding]::UTF8.GetBytes($AccessKey) $hash = $hmac.ComputeHash([Text.Encoding]::UTF8.GetBytes($toSign)) $signature = [Convert]::ToBase64String($hash) $auth = "LMv1 ${AccessId}:${signature}:${epoch}" $url = "https://$Company.logicmonitor.com/santaba/rest$ResourcePath$QueryParams" return Invoke-RestMethod -Uri $url -Method $Method -Headers @{ Authorization = $auth } } function Get-GroupIdByPath { param([string]$Path) $resp = Invoke-LmApi -Method GET -ResourcePath '/device/groups' -QueryParams "?filter=fullPath:$Path&size=1" if (-not $resp.data.items) { throw "Group '$Path' not found" } return $resp.data.items[0].id } function Count-CustomThresholds { param([string]$RootPath) $rootId = Get-GroupIdByPath -Path $RootPath $groupIds = @($rootId) # TODO: collect subgroups, devices and count thresholds in parallel } Count-CustomThresholds -RootPath "$Company/$GroupPath" However, I'm having trouble getting the script to reliably find my target group and export the counts. It either reports "Group not found" or hangs/slowly processes. Here is the current PowerShell script: What I've tried so far: Switching between filtering on name: vs fullPath: Adjusting group path prefixes (with/without company) Serial vs parallel loops Verifying the group exists via manual API calls Questions: What is the recommended way to filter by device group path (fullPath) using LogicMonitor's API? Are there any pitfalls in the LMv1 authentication or parallel Invoke-RestMethod calls I should avoid? How can I streamline this script to reliably export a summary of custom thresholds with minimal API calls? Any guidance would be greatly appreciated. Thanks in advance!Observability & Edwin AI steps
Hi fellow LM wizards, We want to elevate our monitoring as a big MSP. Did someone try to elevate to monitoring as code and create advanced observability? We are not aware what should be fixed or in place to follow the path to Edwin AI or advanced observability. Is there anyone who can share a roadmap with logical steps? Thank you in advance!Alert Escalation Throttle Auditing?
Is there somewhere logging alert throttling for the escalation chains... it's currently a tedious process to unravel what would have caused (random example: ~1623 throttle alert tickets in our ticketing system). The throttle ticket doesn't contain any researchable information. The Audit Log doesn't show those events. Looking at the closed alerts didn't show the volume that would account for that quantity of throttle tickets. Does it consider throttling in a sliding time window and alert a new throttle for every new alert at the far end of the window? If so, that would negate the purpose of the throttling once it scales past the quantity set for the throttling threshold.SQL Query Datasource (T-SQL)
I have a T-SQL query for showing disk IO stats (from 'sys.dm_io_virtual_file_stats'). I'd like to present this table data to a widget on a dashboard. What is the best/most efficient way of doing this? This is something I've not explored before (T-SQL specifically), but have done similar with custom PowerShell/WMI/Groovy so the principle knowledge is good. Thanks
