January 2025 Logs for Lunch Recap: Transforming Log Intelligence
We launched our 2025 Logs for Lunch series with a bang, diving deep into how LM Logs is transforming how teams tackle troubleshooting. If you missed it, don't worry - here's a quick recap. Making Log Troubleshooting Less Painful Most of us don't exactly jump for joy when we have to dig through logs. But LogicMonitor is changing that game. The standout feature? An AI-powered system that spots unusual patterns automatically - no complex queries needed. This innovative approach has helped organizations reduce their troubleshooting time by up to 80%, significantly improving operational efficiency. The Demo The technical demonstration showcased real-world applications, featuring: Streamlined alert-to-resolution workflow "Show Patterns" feature for identifying recurring issues Automated alert creation based on log patterns Seamless integration between metrics and logs The demo walked through diagnosing a web server issue, illustrating how complex problems can be resolved with minimal clicks and without extensive logging expertise. Q&A People had questions, and we got answers! Here are the ones that got everyone's attention: Q: I'm new to this - where should I start? A: Start with what you know - if you're already monitoring network devices or Windows servers in LogicMonitor, that's your sweet spot. These are usually the easiest to set up and start getting value from right away. Q: How does pricing work? A: LM Logs is an add-on to LM Envision, and it's pretty straightforward: you pay based on how much data you're logging and how long you want to keep it. Whether you need 7 days or a full year of retention, they've got you covered. Q: How do I keep track of usage? A: There's a neat dashboard that shows your monthly usage, trends, and even which systems are your "top talkers" - super helpful for keeping things under control. What's Next? Mark your calendar for the next Logs for Lunch session on February 12th, 2025, at 12 pm CT, where we're tackling troubleshooting wireless networks. Save your spot by registering today. Keep an eye out in the Community for upcoming exciting product launches! Check out our official LM Logs page here for a deeper dive into logs.
Getting started with Log analysis - useful queries
We at LogicMonitor want to make taking control of your log data easy for analysis, troubleshooting, and identifying trends. In this post, we will share a few helpful queries to get started with LM Logs - what devices are generating log data and easy ways to track overall usage. In future posts, we’ll share queries to dive deeper into specific log data types. What type of queries do you want to see? Reply to this post with areas of log analysis or best practices you want. Not up to date with LM Logs? Check out this blog post highlighting recent improvements and customer stories: A lookback at LM Logs NOTE: Some assumptions for these queries: Each queries results are bound to the time picker value, adjust according to your needs * is a wildcard value meaning ALL which can be replaced by a Resource, Resource Group, Sub-Group, Device by Type or Meta Data value You may need to modify specific queries to match your LM portal Devices Sending Logs - use this query to easily see which LM monitored devices are currently ingesting log data into your portal * | count by _resource.name | sort by _count desc Total Number of Devices Sending Logs - the previous query showed which devices are generated logs, while this query identifies the overall number of devices * | count by _resource.name | count Total Volume by Resource Name - this query shows the total volume of log ingestion (as GB) by resource name, with the average, min, max size per message. The results are sorted by GB descending but you can modify the operators to identify your own trends. * | count(_size), sum(_size), max(_size), min(_size) by _resource.name | num(_sum/1000000000) as GB | num(_sum/_count) as avg_size | sort by GB desc Total Log Usage - This is a helpful query to run to see your overall log usage for the entire portal * | sum(_size) | num(_sum/1000000000) as GB | sort by GB desc And finally, Daily Usage in Buckets - run this query to see an aggregated view of your daily log usage * | beta:bucket(span=24h) | sum (_size) as size_in_bytes by_bucket | num(size_in_bytes/1000000000) as GB | sort by _bucket asc We hope these help you get started!Event Source for log file monitoring
We're looking to have log file monitoring for file extension *.rpt and SQL log files. LM does not appear to support anything (out of the box) other than .log and .txt. Has anyone done this via script with other file types in Windows? If so, can you share your solution?February 2025 Logs for Lunch Recap: Network Observability & Wireless Connectivity
Overview This month’s Logs for Lunch session brought together IT professionals to explore Network Observability & Wireless Connectivity, highlighting how LM Logs can streamline troubleshooting and proactive monitoring. Our experts explored real-world use cases, demonstrating how logs provide deeper visibility into network performance, security events, and infrastructure health. Whether managing a growing wireless network or optimizing log intelligence, this session was packed with actionable insights to elevate your monitoring strategy. The Demo Making Wireless Networks More Predictable: We explored how log intelligence can help identify and resolve connectivity issues before they impact users. Proactive Troubleshooting with LM Logs: Discover how to correlate logs with performance metrics for faster incident resolution and enhanced root cause analysis. Security & Compliance Insights: Learn how to leverage log data for better security monitoring, detecting anomalies in network behavior. Enhancing Network Observability: Unveiling best practices for visualizing wireless connectivity issues with logs and metrics in a single pane of glass. Customer Success Stories: Real-world applications showcasing how teams are using LM Logs to optimize network health and troubleshoot at scale. Q&A Q: How can LM Logs help with wireless troubleshooting? A: LM Logs provide real-time insights into network performance, helping to correlate log data with connectivity metrics, device health, and historical trends. Q: Can LM Logs be used for security monitoring? A: Absolutely! Logs can highlight unexpected login attempts, firewall policy violations, and network anomalies, making them a key tool for security and compliance teams. Q: How do I integrate LM Logs with my current monitoring setup? A: LM Logs work seamlessly with existing dashboards and alerting workflows, allowing you to combine performance metrics, topology maps, and log data in one place. Q: What’s the best way to filter and analyze large volumes of logs? A: Utilize log search, filters, and anomaly detection features to pinpoint the most relevant data, reducing noise and making troubleshooting more efficient. Customer Call-outs “The ability to see connectivity issues correlated with logs in real-time is a game-changer.” “Security monitoring with logs is something we’ve needed, and this session really showed us how to implement it.” “We’ve been struggling with intermittent wireless issues, and now we have a solid strategy to tackle them.” What’s Next? Virtual User Groups: Join us for our first LM Community Virtual User Group series, where you'll hear from fellow LogicMonitor customers about their hybrid observability journey. Register for your preferred region below! LM User Group | AMER East - Mar 20 LM User Group | AMER West - Mar 20 LM User Group | APAC - Mar 27 LM User Group | EMEA - Mar 27 Elevate Community Conference: Join us in Dallas, TX, Sydney, AUS, and London, UK, to gain strategic insights, hands-on product experience, and exclusive networking opportunities. Elevate 2025 will showcase the latest innovations in AI-powered observability, empowering enterprises to optimize their modern data centers. Find more details and registration links here! Stay tuned for more insights and opportunities to enhance your monitoring capabilities with LM Logs. Missed this session? Watch the full recording below ⤵️
☁️ Monitor Azure Resource Events with LogicMonitor Logs
I have a strong preference for Microsoft Azure due to its exceptional capabilities! I recently wrote a blog post showcasing how to bring your resource events to the LogicMonitor platform. This way, you can set up alerts for critical business operations, such as when a new user is added to your Active Directory (Entra), or when a file is deleted from your blob storage. I hope you find it as helpful as I did! Monitor Azure Resource Events with LogicMonitor Logs Do you use LogicMonitor or any other monitoring platform to address unique use cases? Share your stories with us!
Webhook Event Collection & Cisco Meraki
As a Cisco Meraki Strategic Technology Partner, we are always looking for ways to make our integration the best that it can be, so you can get the most out of your investments with Cisco and LogicMonitor. So, today we kicked off R&D planning for [safe harbor statement] the ability to collect webhook events from Cisco Meraki with the following objectives. Mitigate Cisco Meraki Dashboard API rate limiting. Enable [near] real-time alerts for things like camera motion, IoT sensor measurement threshold breach (or automation button press), power supply failure... Facilite sending webhook events from Cisco Meraki to LogicMonitor I have the following assumptions. Customers want to be alerted on most, but not all webhook events. Customers want to have multiple inbound webhook configurations, i.e. for different tenants/customers or different Cisco Meraki organizations. Cisco Meraki is the first but not the only platform that customers will want to use to send webhook events to LogicMonitor. If you had a magic wand and could make such an integration do exactly what you wanted, what would be your number one ask? Thank you!
Any way to display LM Logs query results in Dashboard?
Not sure if I am overlooking something…. is it possible to put LM Logs query table showing the results of said query into a Dashboard? The purpose of that would be to have the query updated with the latest results every x minutes. I've tried Text widget and HTTP widget and embedded the URL for log query but that's not working.How to redirect the output of the groovy script to the collector log file using groovy script?
In my groovy script, I want to redirect the output from the groovy script into the collectors log file? What should be the groovy code, to redirect the output to the collectors log file? Can anyone help me here?
