Forum Discussion

Anonymous's avatar
Anonymous
5 years ago

2020-10-21 - LogicMonitor Basics Office Hours

Have questions about how to best use LogicMonitor? LogicMonitor experts are live to explain best practices and answer your questions. There are no planned topics as this webinar is a true office hours. Bring your coffee and questions!

Register here.

  • Q and A Transcript

    Q: Can you please describe how a sub-account works?  Our use case is entirely in AWS, and we have our customers set up with their own VPC. If I need to segregate their performance monitoring data is there an option to do so with a sub account? We will also have a collector in each customer VPC to monitor app servers as well as AWS resources like ELB/ALB/NLB and RDS.

    A: Will be answered in followup reply to this post
                
    Q: I am working on figuring out how to move us from the older 'snmp64-If_' datasource to the new, preferred 'SNMP_Netowork_Interfaces'.   Does the interface.description.alert_enable property still operate the same?

    A: Will be answered in followup reply to this post

    Q: Can you give us a walkthrough of LM Logs key features?

    A: LM Logs was the main focus of our virtual LevelUp keynote. Recording and info available here: a href="https://communities.logicmonitor.com/topic/6254-2020-oct-13-virtual-level-up-product-keynote/" rel="">https://communities.logicmonitor.com/topic/6254-2020-oct-13-virtual-level-up-product-keynote/
    We’ll be doing more training on the technical details of it once the general release happens.

    Q: How do you disable alerts while retaining the collection of data at the various levels,  device, technology, company for example?  I can do it at the device level by toggling the alerting to "off" and enabled to "on", but if I want to do it at the higher levels (technology or company) as there could be 100s of devices.                

    A: Answered at 09:32
                
    Q: Question re: Application performance monitoring…using a Collector to monitor Tomcat webapps, we are seeing great info and data, but wondering if you have some suggested baseline threshold levels we should consider for our alerting? For example - JVM memory pools. Can you suggest thresholds to raise awareness to potential problems?

    A: Answered at 17:36

    Q: Dynamic Thresholds require enterprise plan? We are only on Pro level.

    A: Correct, dynamic thresholds are only available with an Enterprise package. 

    Q: For root cause analysis to work, topology should be fully mapped, correct? In case LM isn't able to map everything on its own, would it be possible in future to manually create uplink/downlinks for topology mapping?

    A: Answered at 27:04

    Q: We have a rich set of Properties across most Resources, and we'd like to be able to filter Reports based on those Properties. Is there any way other than creating lots and lots of Dynamic Groups to do such a thing? (We are reaching a point of Dynamic Group overload because of so many that operate on very specific AppliesTo functions.) It's many of the different types, but primarily Inventory Reports. Exactly - the only other work-around we have is dumping tons of data into CSV and filtering in Google Sheets. We have some folks who can use the API for those things, but that's a minority. Lots of folks really are only comfortable using Reports. All sorts of Properties - OS, memory, disk, apps, etc. - you name it. Also related to that... other than using the API, is there any way to do a Report on what Resources and/or Websites are on a given Collector?

    A: Answered at 39:37

    Q: In a few different previous Office Hours sessions there's been mentions of unsupported API calls that can be exposed by using browser developer tools / site inspection. How often do currently-unsupported API calls get reviewed to be added to the supported list? Also what's the lifecycle of the SDKs? They seem to have not been updated in a while.

    A: Answered at 45:38

    Q: There's a big push towards Observability that was mentioned at the LevelUp and most recently at Splunk .conf20. Can you describe Observability and why LM is a great choice?                

    A: https://www.logicmonitor.com/resource/the-more-you-monitor-what-is-observability

    Q: Have you heard of any issues with the new Slack integration that rolled in v141 or v142? (I forget which)  We have 40+ Slack channel Integrations so we want to make sure any kinks are worked out before we migrate so many.

    A: We are not currently aware of any issues with the new Slack integration. If you run into any issues, please contact technical support for assistance.

    Q: When is integration for MS Teams coming? :)/emoticons/smile@2x.png 2x" title=":)" width="20" />

    A: All we can share at the moment is that this on our Product team's radar, but we cannot provide an ETA.

  • Question: Can you please describe how a sub-account works?  Our use case is entirely in AWS, and we have our customers set up with their own VPC. If I need to segregate their performance monitoring data is there an option to do so with a sub account? We will also have a collector in each customer VPC to monitor app servers as well as AWS resources like ELB/ALB/NLB and RDS.

    Following up with a bit more detail on this one. First, have you already added your AWS account into LogicMonitor?

    If you have already added your AWS account into monitoring, all of the resources are automatically discovered and already tagged in LogicMonitor based on the information discovered about each one from AWS. To see what's available, just click on any of the monitored resources in the resource tree and look at the “info” tab for the resource. You’ll see a bunch of properties that begin with “system.aws” (as shown below) and any of those can be used as the criteria for a dynamic group:

     

    vqmi9bkIKU4oDSVPIJbfU8nBNvDO18BAvTAa6-mDuqHNTyWj0ghrXJ11k3ivBkg2hkd7W9XP0BJiVB5XBBEZ83XvyZit3ayygbncrhUv-SDujy3csNxP-EG90GfIuX0-XVOwIHI

     

    Since you mentioned each client has their own VPC, you could use the system.aws.vpcid property to automatically pull the resources for each VPC. Resources in LogicMonitor can be part of multiple groups, so in addition to the auto-created groups (which contain ALL resources and are based on the different AWS resource types), you can create separate dynamic groups to include specific subsets of the discovered resources. This can be based on any of the info stored in any of the properties. (Since you'll have a Collector in each VPC, you could even do it by Collector ID.)

    Not sure how familiar you are with LM in general, so to make a dynamic group, go to “new group” on the Resources page and select the check box to auto-assign devices. You’ll want to do the custom query option, and you can do something like:

    system.aws.vpcId =~ “1234567”

    Then repeat that process for each client’s VPC. If you want to break it down further, you can have a static parent folder for each client, and then dynamic groups within that. In that case, the dynamic groups just to have more specific criteria. So if you wanted to dynamically group by AWS resource type for each client, you can build out the applies to query using && to string multiple criteria together. 

    System.cloud.category =~ “AWS/EC2” && system.aws.vpcId =~ “1234567”

    System.cloud.category =~ “AWS/RDS” && system.aws.vpcID =~ “1234567”

    And so on for each client. (There are ways you can build out the groups programmatically using the API, if you have a huge number to account for.)

    From there, you’d just need to create roles (on the settings page) that provide access to the groups and assign those roles to clients accordingly. Please let me know if you need any more info!

  • Q: I am working on figuring out how to move us from the older 'snmp64-If_' datasource to the new, preferred 'SNMP_Netowork_Interfaces'.   Does the interface.description.alert_enable property still operate the same?

    Answer: Here's the answer I got from our monitoring engineering group:

    "The newer one (SNMP_Network_Interfaces) doesn’t have alerts built in yet; those are to be introduced later. The idea is to have them run in parallel and then when we’re comfortable we’ve worked out all of the kinks, move over the alerting and begin deprecation of the old one."

    Sounds like you might have gone ahead and set some thresholds in the newer version. But based on what I found out, the alert_enable property is not yet accounted for in the new version. You might want to hold off on switching over for the time being, but let me put in a follow up with the monitoring engineers to see if they have plans to address that any time in the near future!