Apr 24 - Product Power Hour: Logs Leveled Up!
Product Power Hour: Logs Leveled Up Date: Thursday, April 24 at 10 AM CT Join us for this month’s Product Power Hour, a monthly series brought to you by the LM Community, Product team, and Training & Enablement! This session dives into the latest innovations in LogicMonitor Logs, with a spotlight on AI-powered capabilities that enhance log analysis and accelerate root cause detection. Featuring Guest Speakers: Patrick Sites, Product Management Richard Brooke, Product Trainer Suzanne Shaw, Sr. Manager, Community & Advocacy Sky Donnell, Community Product Specialist What You’ll Learn: AI-Powered Log Intelligence: Discover how our new AI-driven features surface insights faster, reduce noise, and help your team make smarter decisions in real time. Improved Capabilities: Get a tour of the latest updates in LogicMonitor Logs, from intuitive log correlation to enhanced search and filtering. Integration Tips: Learn how logs fit seamlessly into the LM platform and how to set up your environment for success. Best Practices: We’ll debunk common myths and showcase some of the most underutilized (but powerful) features in action. Live Q&A: Bring your questions—our product experts are here to answer them live and help you unlock the full value of Logs. 🔗 Register Here - Recap and recording will be shared to all who register Note: Times may rotate monthly for global accessibility. All sessions are recorded and shared with registered participants.
Logs Leveled Up: April Product Power Hour Recap
Overview This month’s Product Power Hour was all about unlocking deeper visibility into your pipelines with enhanced log observability. We walked through the new structured logging UI, answered live questions, and gathered real-time feedback from our amazing community of practitioners. Whether you're debugging policy failures or preparing for audits, these enhancements are designed to save time and reduce friction—without sacrificing context. Key Highlights ⭐Structured Logs in the UI: Filter, search, and drill into logs directly from the interface to pinpoint policy outcomes and troubleshoot faster. ⭐Root Cause Clarity: See exactly why a policy passed or failed—including rule-level reasoning—without diving into raw code or configs. ⭐Audit-Friendly Workflows: Export logs to support compliance efforts with traceable and structured outputs. ⭐API Support: All log data is available via API, so you can integrate it with your SIEM or other observability tools. ⭐Live Feedback: Attendees shared feature ideas and logging improvements that are now being routed to our product team. Q&A Q: Can I access logs outside of the UI? A: Yes—logs are accessible via API for full integration into your observability stack. Q: What is best practice to onboard a device for logs—LogSources? Or do we have to enable LM Logs on each individual device? A: The best practice depends on the type of logs and source. If logs are exposed to services like the Windows Event Log, they can be ingested without per-device configuration. Otherwise, you’ll need an agent-based solution (e.g., FluentD, Fluent Bit, or LM’s upcoming OTEL collector). Device-by-device setup is not always necessary—LogSources can help standardize collection where supported. Q: Can we use WMI/WinRM for agentless log ingestion on Windows Servers—not for OS logs, but for app/service logs? A: Only if the application logs are exposed through the Windows Event Log service. If the logs live in a file on disk or aren’t exposed through standard logging services, an agent will be required to ingest them. Customer Call-outs ⭐“One thing that would help our uptake of logs is a more ‘end-to-end’ setup guide.” ⭐“The magic word: Correlation!” What’s Next 🪵Logs for Lunch May 14 –A Window into your Windows Logs ⚡Product Power Hour May 22 - Exploring Resource Explorer June 17 - Cost Optimization Want to check out previous Product Power Hours? Explore the Product Power Hour Hub in LM Community! 🍽️User Group Dinners Connect in person with other LM users in your city over dinner and real talk. Share wins, swap stories, and grow your network - RSVP here: Chicago – May 6 Nashville – May 13 Seattle - June 17 Portland - June 18 London @ Elevate - June 24 💻 Virtual User Groups Visit our LM Community User Group Hub for more details on upcoming virtual sessions. AMER East – June 3 AMER West – June 5 EMEA – June 10 APAC – June 12 🌍 Elevate Community Conferences Our flagship in-person event series is back! Connect with peers, attend expert-led sessions, and get hands-on product experience. Elevate 2025 will showcase the latest innovations in AI-powered observability, empowering enterprises to optimize their modern data centers. Sydney – May 29 London – June 25 Pre-Elevate LM Training | LIVE Already attending Elevate? Join us in Dallas and London a day early to earn your first Logs Badge through immersive, instructor-led training and hands-on labs. Perfect for new users or anyone looking to sharpen their logging skills. Register today! London – June 24 Additional Resources If you missed any part of the session or want to revisit the content, we’ve got you covered: Review the slide deck here Want to see the full session? Watch the recording below ⬇️January 2025 Logs for Lunch Recap: Transforming Log Intelligence
We launched our 2025 Logs for Lunch series with a bang, diving deep into how LM Logs is transforming how teams tackle troubleshooting. If you missed it, don't worry - here's a quick recap. Making Log Troubleshooting Less Painful Most of us don't exactly jump for joy when we have to dig through logs. But LogicMonitor is changing that game. The standout feature? An AI-powered system that spots unusual patterns automatically - no complex queries needed. This innovative approach has helped organizations reduce their troubleshooting time by up to 80%, significantly improving operational efficiency. The Demo The technical demonstration showcased real-world applications, featuring: Streamlined alert-to-resolution workflow "Show Patterns" feature for identifying recurring issues Automated alert creation based on log patterns Seamless integration between metrics and logs The demo walked through diagnosing a web server issue, illustrating how complex problems can be resolved with minimal clicks and without extensive logging expertise. Q&A People had questions, and we got answers! Here are the ones that got everyone's attention: Q: I'm new to this - where should I start? A: Start with what you know - if you're already monitoring network devices or Windows servers in LogicMonitor, that's your sweet spot. These are usually the easiest to set up and start getting value from right away. Q: How does pricing work? A: LM Logs is an add-on to LM Envision, and it's pretty straightforward: you pay based on how much data you're logging and how long you want to keep it. Whether you need 7 days or a full year of retention, they've got you covered. Q: How do I keep track of usage? A: There's a neat dashboard that shows your monthly usage, trends, and even which systems are your "top talkers" - super helpful for keeping things under control. What's Next? Mark your calendar for the next Logs for Lunch session on February 12th, 2025, at 12 pm CT, where we're tackling troubleshooting wireless networks. Save your spot by registering today. Keep an eye out in the Community for upcoming exciting product launches! Check out our official LM Logs page here for a deeper dive into logs.
Getting started with Log analysis - useful queries
We at LogicMonitor want to make taking control of your log data easy for analysis, troubleshooting, and identifying trends. In this post, we will share a few helpful queries to get started with LM Logs - what devices are generating log data and easy ways to track overall usage. In future posts, we’ll share queries to dive deeper into specific log data types. What type of queries do you want to see? Reply to this post with areas of log analysis or best practices you want. Not up to date with LM Logs? Check out this blog post highlighting recent improvements and customer stories: A lookback at LM Logs NOTE: Some assumptions for these queries: Each queries results are bound to the time picker value, adjust according to your needs * is a wildcard value meaning ALL which can be replaced by a Resource, Resource Group, Sub-Group, Device by Type or Meta Data value You may need to modify specific queries to match your LM portal Devices Sending Logs - use this query to easily see which LM monitored devices are currently ingesting log data into your portal * | count by _resource.name | sort by _count desc Total Number of Devices Sending Logs - the previous query showed which devices are generated logs, while this query identifies the overall number of devices * | count by _resource.name | count Total Volume by Resource Name - this query shows the total volume of log ingestion (as GB) by resource name, with the average, min, max size per message. The results are sorted by GB descending but you can modify the operators to identify your own trends. * | count(_size), sum(_size), max(_size), min(_size) by _resource.name | num(_sum/1000000000) as GB | num(_sum/_count) as avg_size | sort by GB desc Total Log Usage - This is a helpful query to run to see your overall log usage for the entire portal * | sum(_size) | num(_sum/1000000000) as GB | sort by GB desc And finally, Daily Usage in Buckets - run this query to see an aggregated view of your daily log usage * | beta:bucket(span=24h) | sum (_size) as size_in_bytes by_bucket | num(size_in_bytes/1000000000) as GB | sort by _bucket asc We hope these help you get started!February 2025 Logs for Lunch Recap: Network Observability & Wireless Connectivity
Overview This month’s Logs for Lunch session brought together IT professionals to explore Network Observability & Wireless Connectivity, highlighting how LM Logs can streamline troubleshooting and proactive monitoring. Our experts explored real-world use cases, demonstrating how logs provide deeper visibility into network performance, security events, and infrastructure health. Whether managing a growing wireless network or optimizing log intelligence, this session was packed with actionable insights to elevate your monitoring strategy. The Demo Making Wireless Networks More Predictable: We explored how log intelligence can help identify and resolve connectivity issues before they impact users. Proactive Troubleshooting with LM Logs: Discover how to correlate logs with performance metrics for faster incident resolution and enhanced root cause analysis. Security & Compliance Insights: Learn how to leverage log data for better security monitoring, detecting anomalies in network behavior. Enhancing Network Observability: Unveiling best practices for visualizing wireless connectivity issues with logs and metrics in a single pane of glass. Customer Success Stories: Real-world applications showcasing how teams are using LM Logs to optimize network health and troubleshoot at scale. Q&A Q: How can LM Logs help with wireless troubleshooting? A: LM Logs provide real-time insights into network performance, helping to correlate log data with connectivity metrics, device health, and historical trends. Q: Can LM Logs be used for security monitoring? A: Absolutely! Logs can highlight unexpected login attempts, firewall policy violations, and network anomalies, making them a key tool for security and compliance teams. Q: How do I integrate LM Logs with my current monitoring setup? A: LM Logs work seamlessly with existing dashboards and alerting workflows, allowing you to combine performance metrics, topology maps, and log data in one place. Q: What’s the best way to filter and analyze large volumes of logs? A: Utilize log search, filters, and anomaly detection features to pinpoint the most relevant data, reducing noise and making troubleshooting more efficient. Customer Call-outs “The ability to see connectivity issues correlated with logs in real-time is a game-changer.” “Security monitoring with logs is something we’ve needed, and this session really showed us how to implement it.” “We’ve been struggling with intermittent wireless issues, and now we have a solid strategy to tackle them.” What’s Next? Virtual User Groups: Join us for our first LM Community Virtual User Group series, where you'll hear from fellow LogicMonitor customers about their hybrid observability journey. Register for your preferred region below! LM User Group | AMER East - Mar 20 LM User Group | AMER West - Mar 20 LM User Group | APAC - Mar 27 LM User Group | EMEA - Mar 27 Elevate Community Conference: Join us in Dallas, TX, Sydney, AUS, and London, UK, to gain strategic insights, hands-on product experience, and exclusive networking opportunities. Elevate 2025 will showcase the latest innovations in AI-powered observability, empowering enterprises to optimize their modern data centers. Find more details and registration links here! Stay tuned for more insights and opportunities to enhance your monitoring capabilities with LM Logs. Missed this session? Watch the full recording below ⤵️Event Source for log file monitoring
We're looking to have log file monitoring for file extension *.rpt and SQL log files. LM does not appear to support anything (out of the box) other than .log and .txt. Has anyone done this via script with other file types in Windows? If so, can you share your solution?
☁️ Monitor Azure Resource Events with LogicMonitor Logs
I have a strong preference for Microsoft Azure due to its exceptional capabilities! I recently wrote a blog post showcasing how to bring your resource events to the LogicMonitor platform. This way, you can set up alerts for critical business operations, such as when a new user is added to your Active Directory (Entra), or when a file is deleted from your blob storage. I hope you find it as helpful as I did! Monitor Azure Resource Events with LogicMonitor Logs Do you use LogicMonitor or any other monitoring platform to address unique use cases? Share your stories with us!
Webhook Event Collection & Cisco Meraki
As a Cisco Meraki Strategic Technology Partner, we are always looking for ways to make our integration the best that it can be, so you can get the most out of your investments with Cisco and LogicMonitor. So, today we kicked off R&D planning for [safe harbor statement] the ability to collect webhook events from Cisco Meraki with the following objectives. Mitigate Cisco Meraki Dashboard API rate limiting. Enable [near] real-time alerts for things like camera motion, IoT sensor measurement threshold breach (or automation button press), power supply failure... Facilite sending webhook events from Cisco Meraki to LogicMonitor I have the following assumptions. Customers want to be alerted on most, but not all webhook events. Customers want to have multiple inbound webhook configurations, i.e. for different tenants/customers or different Cisco Meraki organizations. Cisco Meraki is the first but not the only platform that customers will want to use to send webhook events to LogicMonitor. If you had a magic wand and could make such an integration do exactly what you wanted, what would be your number one ask? Thank you!
