Recent Discussions
Can anyone help modify this Datasource to be able to use any port?
Hi, We have F5 devices and LM can monitor some of the stuff inside them. However, we found a problem because the Module that monitors the SSL certs only monitors them if the site using it is on port 443. If it is using any other port, LM ignores it and doesn't monitor it. We have a lot of internal sites that us ports other than 443 and had a cert expire last week. It broke some stuff because we never got notified that an expiration was coming up. The module in question is called: F5_BigIP_SSL_VIP_Cert. (not sure how to post a link to it. The Discovery script has a line that says: if(port == "443"). This causes it to not see any of our sites that use ports other than 443. If I change it to say:port != "999" it will find all our sites that use something other than 443 which is great. However, the Collection script is also hard-coded to 443 as: This 'port' variable is used in a bunch of places in the rest of the script so it's not as easy to modify. I'd have to get a list of every site and which ports they use and code something up which would be impossible to maintain as things change. I'm wondering if there'd be a way for the Discovery script to grab the name AND port from the things it finds and then pass that info to the Collection script so each cert would include the port it's on and everything would just work. Unfortunately, that's over my head, and I don't know if that'd be really easy, or really hard to do, so I figured I'd ask here. If any of that doesn't make sense, let me know and I'll try to clarify it. Thanks!!Kelemvor16 hours agoExpert
Feature Request: Don't show Green on NOC Widget
I would like tooptionally not see green on the NOC widget. The reason is that the widget is extremely slow to render on an Android device. This is probably because we have (say 10 Crits, 20 Errors, 30 Warnings and then 1000 Normals / Greens. The simple UI implmentation would be to have another toggle on the settings screen between "Warning" and "Acknowledge".David_Bond6 days agoProfessor
Feature Request: Maximized Dashboard Deep Link
I now have an android tablet on my desk that shows a LogicMonitor Dashboard 24x7 containing a single NOC widget. However, every time I launch the browser, I have to click on about 5 buttons to get it to display what I want. I would instead like to go to:https://ACCOUNT.logicmonitor.com/santaba/uiv4/dashboards/dashboards-123/widgets/widget-456?showMaximized=true This would display the single NOC widget maximized full screen with no external clutter. I'm working on a bit of open source to do the same thing (and will share it when it's working!) but it would be great if this were just available in product?David_Bond6 days ago
Automate the Infra Alerts
I need to perform the poc on the self-healing part to ensure that any infrastructure alerts that are triggered automatically will result in the job being triggered and resolved depending on the circumstances. So that, customers can reduce the resources and time needed to fix common infrastructure issues.ranjande8 days agoNeophyte
LM datasources backing up
I attempted to post this with Chrome and it did not render at all :/ hence the undefined but here's a tip (No idea how long it will work for LM DataSources -> Github. (We use GitHub actions on a cron schedule with the below) Create a local readonly user with a password You need to know the current portal version here on it replace $PORTAL with your portal name DBV=$(curl -s https://$PORTAL.logicmonitor.com/santaba/|grep -oP '(?<=sbui)\d+'|head -n 1) Now with the user you created before fetch the whole lot! curl -o lm-backups.xml "https://$PORTAL.logicmonitor.com/santaba/api/downloadConfig?version=$DBV&username=$USERNAME&password=$PASSWORD=$PORTAL"Michael_Baker15 days ago
LM Logs Alert Tokens
We are looking at expanding into LM Logs and I am wondering are there any other hidden alert tokens? We are looking at what structure of the message we can send, and there feels to be a lack of items for LM Logs. Is there a way to pull out some of the log fields as part of the message? The closest we found so far is ##logMetaData## which gives us a json string of our custom fields. For future parties here is a little more detail. ##alerttype## logAlert ##datapoint## Log Pipeline Alert Condition Name ##datasource## LM Logs ##dsdescription## Raw Log Value ##dsidescription## Raw Log Value ##instance## Log Pipeline Name ##threshold## Log Pipeline Alerting Condition ##logMetaData## Log metadata fields included in alert from Pipeline Alert ConditionsJoe_Williams16 days agoWindows Least Privilege and polling (WinServer)
Regarding the Dec 31 Windows Least Privilege nightmare fuel (I know the page claims it wont be strictly enforced) I started testing the script. I've just run it on one collector right now, and it seemed to work for me. I had to wait overnight instead of just 10 minutes, but it did switch accounts, and that account does seem to be able to allow the collector service to do what it needs to do. HOWEVER. We also use that same account for the wmi user. So for the subset of windows VMs that run LM Collector software, the collector runs as DOM\user1 (redacted example). We ALSO use DOM\user1 as the wmi polling account for ALL VMs including the collector ones. We make out collectors all monitor themselves, and so its monitoring itself using that same account. I've discovered that MOST LogicModules continued polling normally after I ran the script, but ONE of them does not: File Server (WinServer). Whatever permissions the LM script (Windows_NonAdmin_Config.ps1) gives to that user, it looks like they overlooked something. Most LogicModules such as CPU, Cores, File Systems, Memory, everything ... the user can poll it. But File Server (WinServer) fails (error message: No data collected from sbproxy). So my final TL;DR question is: has anyone else discovered any limitations in this scenario? Not all Windows LogicModules get applied to every server, so I'm wondering if others have had this experience, and if there might be other LogicModules that suddenly cant be collected when polling with the same user that the collector runs as (after running their script). Thanks!Lewis_Beard23 days ago
OCI APplication log Monitoring
Hi All, We are trying to Monitor OCI Application log Monitoring in LM,we have setup the fluentd config and Updated the COnfig file as well,but still we dont see the logs captured in LM.The Log file has all the reqired permissions. Here is the output of Fluentd.log file 2024-10-28 03:08:01 -0500 [info]: #0 flushing all buffer forcedly 2024-10-28 11:40:21 -0500 [info]: Received graceful stop 2024-10-28 11:40:21 -0500 [info]: Received graceful stop 2024-10-28 11:40:21 -0500 [info]: #0 fluentd worker is now stopping worker=0 2024-10-28 11:40:21 -0500 [info]: #0 shutting down fluentd worker worker=0 2024-10-28 11:40:21 -0500 [info]: #0 shutting down input plugin type=:tail plugin_id="object:8c0" 2024-10-28 11:40:21 -0500 [info]: #0 shutting down output plugin type=:lm plugin_id="object:898" 2024-10-28 11:40:21 -0500 [info]: #0 shutting down filter plugin type=:record_transformer plugin_id="object:870" 2024-10-28 11:40:21 -0500 [info]: Worker 0 finished with status 0 2024-10-28 11:40:22 -0500 [info]: init supervisor logger path="/var/log/fluent/fluentd.log" rotate_age=nil rotate_size=nil 2024-10-28 11:40:22 -0500 [info]: parsing config file is succeeded path="/etc/fluent/fluentd.conf" 2024-10-28 11:40:22 -0500 [info]: gem 'fluentd' version '1.16.5' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-calyptia-monitoring' version '0.1.3' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-elasticsearch' version '5.4.0' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-flowcounter-simple' version '0.1.0' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-kafka' version '0.19.2' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-lm-logs' version '1.2.2' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-metrics-cmetrics' version '0.1.2' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-opensearch' version '1.1.4' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-prometheus' version '2.1.0' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-prometheus_pushgateway' version '0.1.1' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-record-modifier' version '2.1.1' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-rewrite-tag-filter' version '2.4.0' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-s3' version '1.7.2' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-sd-dns' version '0.1.0' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-systemd' version '1.0.5' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-td' version '1.2.0' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-utmpx' version '0.5.0' 2024-10-28 11:40:22 -0500 [info]: gem 'fluent-plugin-webhdfs' version '1.5.0' 2024-10-28 11:40:22 -0500 [info]: using configuration file: <ROOT> <source> @type tail path "/xxxx/xxxxx/xxx/xx/xxx/xxx/xxx/xxxx/xxx/xxx/xxxxx/xxxx/server1.out" pos_file "/tmp/server1.pos" tag "xxxxx_log" <parse> @type "multiline" format_firstline "/^(?<time>\\w{3} \\d{2}, \\d{4} \\d{2}:\\d{2}:\\d{2} [APM]{2})$/" format1 /^(?<message>.*java.lang.OutOfMemoryError*)$/ unmatched_lines </parse> </source> <filter OCI.**> @type record_transformer <record> hostname xxxxxx tag ${tag} </record> </filter> <match OCI.**> @type lm resource_mapping {"hostname":"system.displayName"} company_name "xxx" access_id "xxxxxxxxxxxx" access_key xxxxxx debug true compression "gzip" include_metadata true <buffer> @type "memory" flush_interval 1s chunk_limit_size 5m </buffer> </match> </ROOT> 2024-10-28 11:40:22 -0500 [info]: starting fluentd-1.16.5 pid=3684 ruby="3.2.3" 2024-10-28 11:40:22 -0500 [info]: spawn command to main: cmdline=["/opt/fluent/bin/ruby", "-Eascii-8bit:ascii-8bit", "/opt/fluent/bin/fluentd", "--log", "/var/log/fluent/fluentd.log", "--daemon", "/var/run/fluent/fluentd.pid", "--under-supervisor"] 2024-10-28 11:40:23 -0500 [info]: #0 init worker0 logger path="/var/log/fluent/fluentd.log" rotate_age=nil rotate_size=nil 2024-10-28 11:40:23 -0500 [info]: adding filter pattern="OCI.**" type="record_transformer" 2024-10-28 11:40:23 -0500 [info]: adding match pattern="OCI.**" type="lm" 2024-10-28 11:40:23 -0500 [info]: adding source type="tail" 2024-10-28 11:40:23 -0500 [info]: #0 starting fluentd worker pid=3761 ppid=3756 worker=0 2024-10-28 11:40:23 -0500 [info]: #0 fluentd worker is now running worker=0venkat24 days ago
