AD Server Monitoring Best Practices
Is there a baseline or best practices whitepaper on what SHOULD be monitored when setting up LM to monitor Domain Controllers available? Services, thresholds etc.
I don’t believe there’s a white paper, but there is a page in the help documents dedicated to making sure you have full coverage of your AD servers:
There’s also this which explains some of your choices about authentication:
https://www.logicmonitor.com/support/monitoring/os-virtualization/monitoring-a-domain-controller-dc
They are Windows servers, so the normal windows monitoring practices apply as well:
https://www.logicmonitor.com/support/getting-started/advanced-logicmonitor-setup/windows-server-monitoring-and-principle-of-least-privilege
https://www.logicmonitor.com/support/collectors/collector-configurations/group-policy-rights-necessary-for-the-windows-collector-service-accountThe services that need to be monitored will be monitored if you follow those instructions, and all the LogicModules have their own thresholds and settings that have best practices built into them. In general, most of the service monitoring done by our default suite of LogicModules is done by monitoring the function of the services themselves, not the reported state of windows services themselves. If further tuning is necessary, this article describes the mechanics and this describes some best practices.
This should be a good start; maybe some other users can chime in if they have seen anything missing or have additional tips or information.