Recent Discussions
Documentation page Disclaimer
I've noticed several of these recently while digging for information on multiple topics. None of them offer any further context about why, when the info on this page stops being valid (calendar date, collector version?), or where to go for update/replacement info. Anybody have any insight? 🤔8Views1like1CommentCustomer Support a Dumpster Fire
Went to create a support ticket, which has to be done on a different website and portal login. Clicking the "GET SUPPORT" button opens an AI chat with the intelligence of a toddler who just drank a red bull and fell down the stairs trying to fly. Is this a joke? Locking support tickets behind a cheap low effort AI chatbot is not how you should be implementing AI. AI needs to be looking at alert trends and datasource outputs for anomalies that might not trigger an alert but should be investigated further. Not for gatekeeping your support people from the customers.Drew_Hawkins24 hours agoNeophyte153Views5likes8CommentsWindows Least Privilege and polling (WinServer)
Regarding the Dec 31 Windows Least Privilege nightmare fuel (I know the page claims it wont be strictly enforced) I started testing the script. I've just run it on one collector right now, and it seemed to work for me. I had to wait overnight instead of just 10 minutes, but it did switch accounts, and that account does seem to be able to allow the collector service to do what it needs to do. HOWEVER. We also use that same account for the wmi user. So for the subset of windows VMs that run LM Collector software, the collector runs as DOM\user1 (redacted example). We ALSO use DOM\user1 as the wmi polling account for ALL VMs including the collector ones. We make out collectors all monitor themselves, and so its monitoring itself using that same account. I've discovered that MOST LogicModules continued polling normally after I ran the script, but ONE of them does not: File Server (WinServer). Whatever permissions the LM script (Windows_NonAdmin_Config.ps1) gives to that user, it looks like they overlooked something. Most LogicModules such as CPU, Cores, File Systems, Memory, everything ... the user can poll it. But File Server (WinServer) fails (error message: No data collected from sbproxy). So my final TL;DR question is: has anyone else discovered any limitations in this scenario? Not all Windows LogicModules get applied to every server, so I'm wondering if others have had this experience, and if there might be other LogicModules that suddenly cant be collected when polling with the same user that the collector runs as (after running their script). Thanks!Lewis_Beard2 days agoExpert20Views1like0CommentsMeraki Access point Monitoring
Hi, We have Added Meraki Monitoring in LM,but the Access points IP are not static and they dont have any DNS entries created,we are seeing lot of Ping loss alerts as the IP's are dynamic and LM is still having the old IP . Is there any way we can capture the dynamic ip's to avoid these false positives ,we cannot create dns entries for the samevenkat2 days agoNeophyte13Views1like0CommentsOCI APplication log Monitoring
Hi All, We are trying to Monitor OCI Application log Monitoring in LM,we have setup the fluentd config and Updated the COnfig file as well,but still we dont see the logs captured in LM.The Log file has all the reqired permissions. Here is the output of Fluentd.log file 2024-10-28 03:08:01 -0500 [info]: #0 flushing all buffer forcedly 2024-10-28 11:40:21 -0500 [info]: Received graceful stop 2024-10-28 11:40:21 -0500 [info]: Received graceful stop 2024-10-28 11:40:21 -0500 [info]: #0 fluentd worker is now stopping worker=0 2024-10-28 11:40:21 -0500 [info]: #0 shutting down fluentd worker worker=0 2024-10-28 11:40:21 -0500 [info]: #0 shutting down input plugin type=:tail plugin_id="object:8c0" 2024-10-28 11:40:21 -0500 [info]: #0 shutting down output plugin type=:lm plugin_id="object:898" 2024-10-28 11:40:21 -0500 [info]: #0 shutting down filter plugin type=:record_transformer plugin_id="object:870" 2024-10-28 11:40:21 -0500 [info]: Worker 0 finished with status 0 2024-10-28 11:40:22 -0500 [info]: init supervisor logger path="/var/log/fluent/fluentd.log" rotate_age=nil rotate_size=nil 2024-10-28 11:40:22 -0500 [info]: parsing config file is succeeded path="/etc/fluent/fluentd.conf" 2024-10-28 11:40:22 -0500 [info]: gem 'fluentd' version '1.16.5' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-calyptia-monitoring' version '0.1.3' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-elasticsearch' version '5.4.0' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-flowcounter-simple' version '0.1.0' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-kafka' version '0.19.2' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-lm-logs' version '1.2.2' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-metrics-cmetrics' version '0.1.2' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-opensearch' version '1.1.4' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-prometheus' version '2.1.0' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-prometheus_pushgateway' version '0.1.1' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-record-modifier' version '2.1.1' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-rewrite-tag-filter' version '2.4.0' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-s3' version '1.7.2' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-sd-dns' version '0.1.0' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-systemd' version '1.0.5' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-td' version '1.2.0' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-utmpx' version '0.5.0' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-webhdfs' version '1.5.0' 2024-10-28 11:40:22 -0500 [info]: using configuration file: <ROOT> <source> @type tail path "/xxxx/xxxxx/xxx/xx/xxx/xxx/xxx/xxxx/xxx/xxx/xxxxx/xxxx/server1.out" pos_file "/tmp/server1.pos" tag "xxxxx_log" <parse> @type "multiline" format_firstline "/^(?<time>\\w{3} \\d{2}, \\d{4} \\d{2}:\\d{2}:\\d{2} [APM]{2})$/" format1 /^(?<message>.*java.lang.OutOfMemoryError*)$/ unmatched_lines </parse> </source> <filter OCI.**> @type record_transformer <record> hostname xxxxxx tag ${tag} </record> </filter> <match OCI.**> @type lm resource_mapping {"hostname":"system.displayName"} company_name "xxx" access_id "xxxxxxxxxxxx" access_key xxxxxx debug true compression "gzip" include_metadata true <buffer> @type "memory" flush_interval 1s chunk_limit_size 5m </buffer> </match> </ROOT> 2024-10-28 11:40:22 -0500 [info]: starting fluentd-1.16.5 pid=3684 ruby="3.2.3" 2024-10-28 11:40:22 -0500 [info]: spawn command to main: cmdline=["/opt/fluent/bin/ruby", "-Eascii-8bit:ascii-8bit", "/opt/fluent/bin/fluentd", "--log", "/var/log/fluent/fluentd.log", "--daemon", "/var/run/fluent/fluentd.pid", "--under-supervisor"] 2024-10-28 11:40:23 -0500 [info]: #0 init worker0 logger path="/var/log/fluent/fluentd.log" rotate_age=nil rotate_size=nil 2024-10-28 11:40:23 -0500 [info]: adding filter pattern="OCI.**" type="record_transformer" 2024-10-28 11:40:23 -0500 [info]: adding match pattern="OCI.**" type="lm" 2024-10-28 11:40:23 -0500 [info]: adding source type="tail" 2024-10-28 11:40:23 -0500 [info]: #0 starting fluentd worker pid=3761 ppid=3756 worker=0 2024-10-28 11:40:23 -0500 [info]: #0 fluentd worker is now running worker=0venkat2 days agoNeophyte4Views1like0CommentsAlert persisting falsely
This alert was present in the portal for some time, significantly after it should have cleared. It was saying the status of the interface was at value = 2 when the raw data tab was showing 1 for several hours. The alert clear interval was still set to clear immediately. As part of the trouble shooting I disabled alerts on this interface and re-enabled it, the alert didn't re-occur. Has this been encountered before?DagW3 days agoNeophyte17Views0likes1CommentLM Servicenow Integration
We have integrated service now with LogicMonior and we see that the Auto resolution of Incidents is not happening even when the Alert is cleared in LogicMonitor. We see that there is no clear even in logs of the integraion even after he alert is cleared which is causing the Incident in open stateSolvedvenkat4 days agoNeophyte79Views1like8CommentsI don't mind the new logos but an we make them a bit bigger
I'm having a bit or trouble reading this..Andy_C5 days agoNeophyte23Views0likes0CommentsSQL Server Connection Status critical
I added SQL server to Logic Monitor. All properties are correct. I have SQL Server Connection Status critical error: Database connection returned an error of 1.0 on ...... Value 1 : General/Unknown error. I also have SQL Server Troubleshooter with this message: MSSQLSERVER error: Read timed out ClientConnectionId: ..... SQL related data sources are not getting any data for monitoring. WMI permissions are correct. SQL permissions seem to be correct too. I am not sure what is the Read timed out message related to. Any ideas how to troubleshoot this issue?lucjad5 days agoNeophyte23Views1like4CommentsCentOS IP Tables?
We don't do much monitoring of servers at the moment, but I received an inquiry about the possibility of monitoring iptables data for a CentOS server. I've looked through modules in the exchange and I'm not seeing much that seems to do this but I was curious if anyone else has ever looked into this. I'm not a server person so I am also not as knowledgeable about how this works as I'd like to be Thank youpgordon6 days agoAdvisor8Views0likes0Comments