Recent Discussions
Aggregate data over different time ranges
I have a scenario where I need to monitor the storage utilization on one of the drives for a windows server. Currently, I'm using the OOTB monitoring (WinVolumeUsage module), and this collects data every 3m. What I really want is this data summarized in larger time-chunks, and to alert on that view of things. The disk space on the drive can vary wildly in the short-term, so variations in the 3m data collection results cause alert noise. What I do know is that if the disk utilization is high at certain times during the day, then there could be a problem (e.g. in-between batch runs, for example) I'd like to look at larger time windows to see changes - hourly or even just a few times a day - and then alert on those larger time-trends in the storage data. I've thought of two ways to do this: 1. Utilize the Aggregate Data collection method for a custom module, but I'm not seeing much for documentation around this collection type. I tried setting it up to give me min/max/avg of the disk instance's utilization over larger time periods, but no data is being collected. So I couldn't get this to work, and LogicMonitor Support told me I created a custom module, thus they can't assist. 2. Clone the WinVolumeUsage module, and have its data collection be less often. While this solves the problem, I feel strange duplicating code/effort like this when I feel data-summarization is the right way to solve this. Are there other ways that I could be accomplishing this?
Microsoft 365 Email Usage Monitoring
I'm trying to set up Microsoft 365 Email Usage Monitoring through Logic Monitor. I need to get alerts when the inbox is full or reaches a certain threshold (ex. 90%). The help guides direct me to go to Resources → Add → Cloud Account → Office 365 (or Microsoft 365 SaaS) . But I'm not able to find such options. Anyone with previous experience with setting up this kind of requirement, appreciate your help.
Summarized Alerts Based on Resource
Looking back at other tools (PRTG/Solarwinds), they both used to automatically summarize email and other alerts if a lot of alerts were coming from the same device in a brief timeframe. LogicMonitor could create a lot less alert noise for us by using this simple trick of combining all alerts associated with one resource into one email or one PD incident if a lot of alerts are being fired in a brief timeframe. LogicMonitor alerts seems to always be per instance datapoint all the time which maximizes the number of alert emails we get. Then it seems like we need to rely on other tools to correlate these alerts together to reduce the number of alert notifications. For example, ServiceNow could be setup to keep appending new alerts to the same incident ticket based on the resource or through more complex types of correlation. But the simplest correlation of alerts by resource could be very helpful by itself despite being imperfect. This seems like this is a built-in (on by default) feature in other monitoring platforms. Is there any way to do this with LogicMonitor?
🤖 Announcing the LogicMonitor MCP Server: Bringing Real-Time Observability to AI Agents! 🚀
Hello LogicMonitor Community! TL;DR: Visit https://github.com/monitoringartist/logicmonitor-mcp-server and use LogicMonitor with your favorite AI agents (e.g., ChatGPT Enterprise, Cursor, Visual Studio Code, Claude, and more!). It's clear that AI is ruling the world, and the new standard for intelligence isn't just a powerful Large Language Model (LLM)—it's the AI Agent that can autonomously take action. This new wave of Agentic AI relies on a crucial open standard: the Model Context Protocol (MCP). MCP is the common language that allows AI agents to securely connect to external tools, access live data, and execute real-world tasks. It defines a standardized way for an AI agent to request context, and for external services—like LogicMonitor—to provide it. The Power of the LogicMonitor MCP Server I'm thrilled to announce and share the LogicMonitor MCP Server project! This lightweight, open-source server acts as the critical bridge, transforming your rich, real-time observability data into structured context that any MCP-compatible AI agent can understand and act upon. This integration allows an AI agent—whether running in an IDE, a chat interface like Claude, or an internal operations portal—to ask natural language questions and receive precise, real-time answers directly from your LogicMonitor platform, moving beyond static knowledge to truly dynamic, context-aware IT automation. Use Cases: What Can Your AI Agent Ask? Once connected, your AI agent gains powerful new abilities to query and interact with your monitoring environment. You can ask your agent to: Check my recent LogicMonitor audit logs and summarize any errors found. Check the health of all my collectors in the LogicMonitor. Make an ASCII visualization of ping datapoints in LogicMonitor for resource RESOURCE-A. Make a health check of RESOURCE-B via LogicMonitor. Ask in your local language: Current AI agents/LLM models don't have a problem with that usually! Get Started and Contribute! I encourage everyone to explore the repository, set it up, and see the possibilities: https://github.com/monitoringartist/logicmonitor-mcp-server. Please feel free to open any pull requests for LogicMonitor MCP Server improvements and share how you're using this integration in your work! Thanks, Jan
Recommendations monitoring Windows Core 2025
We recently upgraded a client environment to HPE windows core 2025 servers running Hyper-V and are configured with HPE cluster manager for failover. In addition, we are Azure stack HCI configured for the environment. I added the Core Windows 2025 servers in LM but didn't discover anything based on WMI. From what I see, WMI is not included in the core installation, and I'm seeing Microsoft is depreciating it. There are mentions of using WMIC via powershell. I also see there are some logic modules for HPE and may logic modules for Azure. With that said, I'm looking for recommendations and best practices to monitor an HPE core environment with Hyper-V, cluster manager and Azure HCI stack.
Changed the IP of my collector server and now it shows as offline...
Hi, We had to change the subnet of our Collector and it now shows as offline in the LM portal even though the server is up and running and the LM Services are both running and everything seems fine. Is there somewhere I need to manually update the IP or anything like that? Thanks.Rubrik Integration Not Reporting Data After CDM 9.2.3 Upgrade
Hey everyone, has anyone else run into issues with the Rubrik integration after upgrading to CDM 9.2.3? We’ve been using LogicMonitor’s Rubrik_Cluster_GlobalPerformance module for a while without problems, but since moving to 9.2.3 all datapoints are showing as NaN. When we enabled debug mode, every API call returned an HTTP 422 response. Network connectivity and credentials are fine, so it looks like Rubrik changed how authentication or sessions work in this release. The LogicMonitor documentation still lists support only for CDM 9.1x and doesn’t mention anything about the new token or CSRF requirements introduced in 9.2. Any insight would be appreciated.
Dynamic Alerting/Threshold Setup
Hi, I've just started experimenting with Dynamic alerting, probably something I should have done ages ago! I've read the documentation and been through the training module. I'm experimenting with the SQL Server Global Performance LogicModule which seems a good candidate for this, we get a fair bit of alert noise from this in our environment. I've gone into the Global definition for this module and turned on dynamic alerting for any of the datapoints that have a static threshold alert set. Seems to be working nicely. I've set the Dynamic threshold to suppress notifications, but what is the best way to remove the static threshold all together. I'm not too keen on just deleting them from LogicModule. I suppose one approach could be to duplicate the LogicModule, and modify deleting the static thresholds that one so that my original one is still intact in case I want to go back to it for refer to what the static values were set too. Then disable the original LogicModule. I don't really want the static alert threshold showing up in my alert list at all. Another thing that would be nice (Let me know if it's already there) would be if I was able to see at a glance if an alert had been triggered by a breach in dynamic or static threshold?
