ContributionsMost RecentMost LikesSolutionsRe: KB5004442: Manage changes for Windows DCOM Server Security Feature Bypass (CVE-2021-26414) @Manog1978 Have you triedhttps://www.logicmonitor.com/support/monitoring/os-virtualization/troubleshooting-wmi#error10036-wmi-vulnerabilities? Re: TiWorker and LM - CPU 100% Hi Barb, have you created a support ticket for this? Re: Migrate your Linux collectors to non-root by Sept 30! If you think other users could benefit from this, please consider making yourdatasource available on LM Exchange. https://www.logicmonitor.com/support/logicmodules/about-logicmodules/lm-exchange Re: Migrate your Linux collectors to non-root by Sept 30! this is the ultimate goal for Logicmonitor Hi Axshey, what is the ultimate goal? Why are you trying to move away from root? This makes running collectors in containers harder since they typically don’t have any user besides root. Is there a propertysource you’ve written that will tell me which collectors are running as root vs. non-root? When we do the install, we run it with sudo and it creates the logicmonitor user. Neither of which are using the root account (depending on your philosophy on sudo). Come to think of it, I need a propertysource that shows the user for each of my collectors (windows too), so i may just write it. Might make it a configsource so i can keep the history. If you go to your collectors page →Click on on “Manage” for the collector in question →Go to Collector status, you can find the root/non-root status of the collector If you are installing the Linux collector using the logicmonitor user created, you dont have to take any action. It is running as a non-root user then. We are pursuing non-root privileges for the collector because: 1) It will limit damages in case a vulnerability is exploited by an attacker. 2) It helps you pass security audits if asecurity conscious customerdemands it. 3)The collector does not need to run at max privilege in order to monitor most devices and running software applications in the least privilege mode is security best practice Re: Migrate your Linux collectors to non-root by Sept 30! Hi Stewart, this is the ultimate goal for Logicmonitor, but we are still some ways from it. This notice mainly refers to moving linux collectors from root to non-root users. If you have further questions, please send me a private message over here or you can also contact your customer success manager for help. Upgrade your Collectors to MGD 33.006 before October 03, 2023! Each year LogicMonitor rolls out the minimum required version (the MGD) for all collectors. It is the most mature version containing the gist of all the enhancements and fixes we’ve added throughout the year. To achieve uniformity, the MGD becomes the base version for all future releases. As we approach the time for the MGD automatic upgrade, we would like to inform you that the GD Collector 33.006 will be designated as the MGD Collector 33.006. This means that all collectors must be upgraded to GD Collector 33.006 or higher. Note: If it is absolutely necessary, we may release security patches. In such scenarios, the MGD version 33.006 will be incremented, and we will keep you informed. Schedule for MGD 33.006: MGD 33.006 Rollout: August 29, 2023 Voluntary upgrade time period: Anytime before October 3, 2023 Automatic upgrade Scheduled: October 3, 2023 at 5:30 am PST Please note that it is critical to upgrade to the new MGD version! On October 03, 2023, any collectors still using a version below MGD will not be able to communicate with the LogicMonitor platform. This is due to the improvements made to the authentication mechanism of the LogicMonitor platform. Actions Required: Look for the MGD rollout notification email from LogicMonitor on August 29, 2023 Upgrade your collectors to GD 33.006 to avoid loss of communication Thank you for your prompt attention to this matter. If you have any questions, please contact LogicMonitor Support or contact your Customer Success Manager (CSM). Migrate your Linux collectors to non-root by Sept 30! Hello All, Thank you for supporting LogicMonitor's efforts to ensure Collector Security. With your help, we have been able to transition ~7,000 collectors to non-privileged users out of the 10,000 linux collectors currently live in customer environments. Per our last email on this topic, we had shared a deadline of June 30, 2023 for customers to migrate their collectors from root to non-root users. Due to customer requests needing more time, we have now extended the deadline to September 30, 2023, allowing for more time to test the non-root migration scripts and migrate linux collectors. We appreciate your support in helping us achieve our goal of running all collectors using non-privileged credentials. ACTION REQUIRED: Migrate any collectors which are running under root users to non-privileged users For more details, please refer to: https://www.logicmonitor.com/support/migrating-collector-from-root-to-non-root-user If your current collector installation process uses the root user to install linux collectors, please start using non-privileged user For more details, please refer to: https://www.logicmonitor.com/support/collectors/collector-installation/installing-collectors#Linux-collector. TIMELINE: Migrate your current linux collector install base to non-privileged users as soon as possible, however no later than September 30, 2023. Your current collectors will not be affected by this change, only new installs will not be installed as root. Thank you for your prompt attention to this matter. If you have any questions, please contact Logicmonitor Support or contact your Customer Success Manager (CSM) Is there a reasonwhy this will not work in your environment? Would you still like to run a linux collector as root? Let us know in the comments Thank you! WinRM Collector and Non-admin scripts beta Hello, and welcome to LogicMonitor’s Beta for WinRM non-admin automation! At Logicmonitor we are constantly pushing the envelope on security. In our endeavor to further reduce the attack surface of our customers we are proud to bring to you the beta program for monitoring windows devices using least privilege. This beta would also allow you to try out our WinRM based collector. Goal for the beta Validate and test windows monitoring with WinRM based collectors running with least privilege in your environment. We suggest the following operations to test out the non-admin automation 1. Set up a normal WMI based windows collector to monitor your windows devices. 2. Set up at least 10 the WinRM based beta collector by following the instructions in the support page. Ensure that the collectors are not running under admin privilege after completing the setup. 3. Move your devices from the WMI based collector to the beta collector to confirm that the WinRM beta collector fulfills your windows monitoring needs. 4. Test out WMI, Powershell and perfmon datasources Timeline The beta has started and will run Through Sept 30, 2023. Documentation Since the process to install a WinRM collector is slightly more tedious than a normal LM collector, we advise you to go through the documentation before setting it up. Documentation for the beta is available at https://www.logicmonitor.com/support/configuring-winrm-for-windows-collector and updated as questions come in, or as things are added/fixed. Note: The beta is available in EA collector 34.100 and later. All you have to do is follow the steps in the support documentation above to install the WinRM collector. Feedback You can submit your feedback via this linkor post a comment here to chat directly with the product manager. You can also contact Logicmonitor support or you Customer Success Manager for further assistance. Enjoy a higher level of security and peace of mind with LM Linux collector. With the release ofGD 34.000, theLM Linuxcollectoris finally capable of being run in a containerized environment using non-privileged credentials. LM collector K8s Argus non-privileged transition:https://www.logicmonitor.com/support/run-docker-containers-as-a-non-root-user New install parameter for direct docker non-privileged installation:https://www.logicmonitor.com/support/collectors/collector-installation/installing-collector-in-container Normal Linux collector non-privileged transition:https://www.logicmonitor.com/support/migrating-collector-from-root-to-non-root-user
Top ContributionsMigrate your Linux collectors to non-root by Sept 30!Enjoy a higher level of security and peace of mind with LM Linux collector.Upgrade your Collectors to MGD 33.006 before October 03, 2023!WinRM Collector and Non-admin scripts betaRe: Migrate your Linux collectors to non-root by Sept 30!Re: KB5004442: Manage changes for Windows DCOM Server Security Feature Bypass (CVE-2021-26414)Re: TiWorker and LM - CPU 100%Re: Migrate your Linux collectors to non-root by Sept 30!Re: Migrate your Linux collectors to non-root by Sept 30!