Recent Discussions
Ad integrated Zone transfer monitoring
Hi We are Monitoring Domain controllers in LogicMonitor and the environment has AD integrated zones transfers for LDAP is there any way we can monitor these as the existing DNS- datasource doesnot meet our requirements as it has only non-AD integrated zone transfers
Rename a collector?
I swore that in the old UIv3 you could rename a collector hostname. I dont mean the resource representation of the collector, when it monitors itself, I mean the actual name it has in the collector context. When I try to manage the collector on the collectors page, there is no option to change it. But we have a situation where we have to. Does this mean we need to rebuild and redeploy the collector to change it? The 2 collectors have similar collector names (collector hostnames), and while their respective resource names (for self-monitoring) have different displaynames etc, on the machines themselves, they have the same system.sysname. So this is causing some weird bug where alerts on either collector cause the alert to show on both. Kind of amusing. COLLECTOR "DEVICE NAME" /// RESOURCE DISPLAYNAME /// SYSTEM.SYSNAME ------------------------------------------------------------------- CORP\FF-FF01 /// FF-FF01.CompanyA.Com /// FF-FF01 WAN\FF-FF01 /// FF-FF01.CompanyB.Com /// FF-FF01 Because the sysnames are also the same (they sit in completely different networks) I think its confusing LogicMonitor, so I suspect the team that deploys there is going to have to honestly redo one of the collectors completely. But when fishing around in the UIv4 collectors page, I saw no way to change the "CORP\FF-FF01" or "WAN\FF-FF01" part. I think the sysname is going to force a complete redeploy on one, but its just weird I cant change the name.LM API Auth - Bearer or LMv1 Token
Hi all I've been using the Logic Monitor API for a while and tend to use the LMv1 token auth method. You have to calculate a base64 signature for each request, which is fine, I've written a function to handle that for me. But, given that Bearer tokens are available, I wonder if I'm just making this all a bit too difficult on myself 🤣 As I understand it, if the API call was intercepted somehow, exposing the signature calculated from an LMv1 token would be less problematic because it's not the token itself, it has a limited lifetime and is valid just for the endpoint that was being used on that API call. Am I thinking along the rights lines security wise, or should I just make my life a little easier and switch to using Bearer tokens? DaveBMC Remedy Integration
Hi all I'm looking to do an ITSM integration with BMC Helix/Remedy, which isn't natively supported. It looks as though we can create a new incident by making a POST request to their API. But, if we want to do an update, it seems their API requires that you first query the API for an internal ID for the Incident, then make a second call with the update referring to that internal ID. Apparently this behaviour in the API cannot be altered. I don't see any way to achieve this in LogicMonitor. Has anyone successfully integrated LM and BMC Helix/Remedy? I think we will likely need to build something to sit between and receive the updates from LM and then call the Helix API. Interested in hearing what others may have done to achieve this. DaveAPI v3: Alert ServiceNow field
Sarah_Terry​ The V4 API can view/modify the ServiceNow link. Please add this to APIv3 (or permit system integration access to APIv4)? { "alertExternalTicketUrl" : { "servicenowIncidentLinks" : { "INC0010101" : "https://acme.service-now.com/now/nav/ui/classic/params/target/incident.do%3Fsys_id%3D1234211bda7ad090a6c7feaac8915678" } } }LM / ServiceNow Integration
I'm working on some API commands for ServiceNow from LogicMonitor and am trying to see if there's a way to see further information from the return payload from ServiceNow when a ticket is generated via the integration. In particular, I'm trying to capture the sys_id field from ServiceNow so that I can use this to access the ticket in an escalation step using a custom HTTPS API command. I can see the payload includes sys_id in the integration logs, and indeed LogicMonitor uses it to generate the link to the ticket on the alert screens. Does anyone know if there's a token or such that can be used to access this info, or if there would be a way of storing it for access?Meraki Security Appliance Tunnels
We monitor several large Meraki networks for customers, and we’ve recently switched to LogicMonitor’s newer Meraki monitoring method for a few of them. One challenge we're running into is with the Meraki Security Appliance Tunnel datasource. With the Hub(Mesh) configuration, each Meraki security appliance gets a tunnel datasource instance for both WAN1 and WAN2, even if only one WAN is in use. The issue: when a firewall at Location A goes down, it triggers an alert from the Cisco_Meraki_SecurityApplianceHealth datasource (which is expected). But in addition to that, we also receive multiple alerts: A tunnel alert for every tunnel on the device 2 tunnel alerts on each remote firewall in the mesh that has a tunnel to that location(wan1 & wan2) This results in a flood of alerts, even though it all stems from a single tunnel being offline. To cut down on the noise, I tried building a Service and adding all the tunnel instances to it. That helps, but the Service alert only says the service is out of compliance—it doesn’t tell me which tunnel is down. Has anyone come up with a better way to monitor Meraki tunnels using the newer integration, without generating excessive alerts when one device goes offline? I'd almost prefer some ORG level device like the legacy method has and put the tunnel connections there whether they are Site-to-Site or 3rd Party. When a tunnel goes down I don't need every FW in the environment alerting that the tunnel is down.
US-W1:VBA_worker_<instand-id>
Hi Everyone, I would like to ask help because lately we enable cloud monitoring from both our AWS and Azure however we keep seeing this instances that were already terminated or its not active anymore from our either AWS and Azure console. How can we setup LM to stop adding those dead instances automatically. Sample instances below:
