Recent Discussions
Does a change in a Dynamic Threshold reset the training data?
We rarely use dynamic alerts but someone wanted to test for it. We set something up but accidentally left the polling interval at 5 (50 minutes). It happened to be set that way for a few weeks before we got around to testing an actual event that exceeded the band we set. But it DID work, it just took almost an hour to get the alert. Well today when we realized this, I tweaked the dynamic threshold, mainly just changing it to 1 interval (2 minutes) because we want the shortest possible response. But the engineer also dropped the bandwidth on the port to a super low value at basically the same time. Its been an hour or more, no alerts. But literally all i changed was the qualification to make it happen sooner. So the TL;DR is ..... does a change to a threshold make the training of the datapoint start over? I see references to how long it takes to train, but nothing on whether changes reset the training, or anything that would explain this.
NetScan via CSV import Description=xxxx
So while doing a netscan CSV import it is possible to populate the "Description" field on each device someway? There's only 4 columns but but nothing for Description details. I have over 300 devices that I need to add the description to and would be great if one of the columns was for Description. I see no way to do this but just wanted to ask.
SDT-current and upcoming report schedule
Hi Folks, i have a requirement to schedule a report or dashboard for current and upcoming SDT's. so that our NOC team see SDT details in their handover document. as of now they are taking screenshot manually from device by type. Note- i dont have access for REST API. Regards, Neelesh
Groovy Script Module - secondary hostProps
I am attempting to create a Topology module to address ongoing topology issues. Is there a way to target dataobjects (hosts) outside of the host that the module is targeting? Example: import org.json.JSONArray import com.santaba.agent.groovyapi.snmp.Snmp import com.santaba.agent.groovy.utils.GroovyScriptHelper as GSH import com.logicmonitor.mod.Snippets modLoader = GSH.getInstance(GroovySystem.version).getScript("Snippets", Snippets.getLoader()).withBinding(getBinding()) lmtopo = modLoader.load("lm.topo", "0") lmtopoSnmp = modLoader.load("lm.topo.snmp", "0") lmtopoData = modLoader.load("lm.data.topo", "1").create() //Normal working host props: def host = hostProps.get("system.hostname") //Secondary host??? -- made up method def referenceHost = getHost.byName("ServerName")Download of CSV tables is broken in the new UI.
I use the download into CSV function for many studies. With the new UI, that is now broken. I opened a case about it- and they say they are working on a solution they hope to have in the 223 release. We are on the 220 release and I fear the ability to see these tables in the old UI will be gone by then as the speed of rolling out the new UI only sections appears to be speeding up. The CSV table used to download the raw values, but now it is converted from values like 123456 to 123K which is not a value you can edit or pull out the max value over a time range. How many other users also use the Download into CSV option? I love the option and the ability to be able to drill into the actual numbers.IPMI service on host _hostname is reporting an error exit code of 139.0
Hi LM users! We have an alert for IPMI service status monitoring saying: IPMI service on host _myhostname is reporting an exit code of 139.0, which puts it in a state of warn. See section 7 of http://ipmiutil.sourceforge.net/docs/UserGuide for error code details. - However, there is no such exit code in the given documentation. When trying Pool Now option for our Dell server (iDRAC 6 - latest firmware and BIOS version) it says following error - *attempting ipmi driver auto-negotiation * auto-negotiation failed (139): * attempting ipmi with lan2 driver forced * lan2 driver failed (139): ipmi_status: 139 However, when running impitool from LogicMonitor collector the ipmitool commands work fine. Have you ever experienced similar issue?LM SaaS M365 monitoring
Anyone using LM SaaS-based Office365 monitoring and can check something for me? With the legacy/deprecated Office365 checks, LM would collect many of the stats by using the GraphAPI. This works by downloading a CSV file from M365 which provides 7 days of data. The problem is that this CSV file, at best, is atleast one day behind but frequently even more behind than that. I covered that issue in an old post about it here. Can someone confirm if the newer SaaS method has the same problem? I don't currently have it but looking at the DataSources it says it uses a method of "SAAS OFFICE365 CSV REPORT" and there is still a "Data Offset" datapoint, so I assume it will have the same problem. As far as I know, that is the only way to get this information from M365 so it's kinda understandable. But I guess it's possible LM can do some special backend thing to backdate the data, since they control the whole process, but seems unlikely. You can likely tell by looking at the "Office365 Email Activity" graph with a 30-day change, and check if weekday spikes are offset into the weekend. Assuming most email activity will be M-F for your environment(s). Thanks!
WMI Least Privileges
Our support team is trying to move away from traditionally adding admin group privileges' to least privileage of WMI.But they have issues in giving the permissions to Enable Account–Controls the ability to enable and disable the WMI provider ensuring that only the authorised entities can control its state. Remote Enable–Governs whether remote systems can access and query the WMI provider on the local computer, thus preventing unauthorised remote access.Just for WMI querying why do we need enable account and remote enable Why it Controls the ability to enable and disable the WMI provider ensuring that only the authorised entities can control its state. Why it needs to Governs whether remote systems can access and query the WMI provider on the local computer, thus preventing unauthorised remote access
Cisco SDWAN Netscan and Netflow
Hey all, I was poking around the forums and documentation and couldn't find a concrete answer on this so I'm turning to the masses.Essentially, we are in the middle of converting hundreds of sites to Cisco SDWAN. We also add new facilities quite regularly. We are leveraging the prewritten Netscan to ingest data from vManage's API (https://www.logicmonitor.com/support/cisco-catalyst-sd-wan-monitoring) What I've only just noticed is that every time this runs, it's essentially wiping all inherited properties (which just get reapplied by the groups), as well as disabling netflow (so seems to basically be defaulting the device). I was periodically running a python script to enable this via the API, but due to the constant changes in our environment I have the netscan running every night. I needed to check Netflow for a device, and realized it was disabled. Turned it back on, next day disabled again. So I came to realize the netscan was clearing settings off the devices. I saw this lovely feature request, but it seems like it was never implemented. You can view Netflow at a group level, but not bulk enable. Enable/disable Netflow at group level | LogicMonitor - 2778 I've also tried modifying the netscan to export the appropriate settings, but it doesn't seem to modify the system ones other than categories. I've seen some posts about modifying the agent.conf file and being able to use a datasource to then set these properties, but the comments made it seem like a dangerous workaround that could break at anytime. With this being over a thousand and growing routers, I risk eventually being hit by the API Rate Limit fixing them all every night via API. I'm currently in the process of testing a short term workaround of skipping a device with the existing findDuplicate logic, but it'd be nice for it to just work. Anyway, tl;dr; does anyone have a reasonable way to automatically enable Netflow, or prevent a netscan from turning it off?
