Popular Content

Showing content with the highest reputation since 01/16/2019 in all areas

  1. 3 points
    Rather than have Websites as separate section in the product with a separate hierarchy to manage; how about making all of the Websites stuff part of the Device Tree and rename the Devices section to something that covers both. Then if I want to add a website or service check I simply do it against the "group". This way I wouldn't have to maintain two hierarchies of business services. What do other folks think of this?
  2. 2 points
  3. 2 points
    I tried to get this handled as a bug a while back, but I was told no in very clear terms by support and our CSM at the time. Here is the situation and what is needed: If you have a storm of alarms begin at a location (e.g., due to maintenance), the quickest fix for this is to set downtime for the location. Unfortunately, even though a bunch of alerts have been sent, recoveries for those do not get sent during downtime. We need to either have a rule that recoveries are ALWAYS sent for corresponding sent alerts, or we need to be able to enable that via an alert rule flag. This is important when you integrate alerting into ticketing -- as a result of this behavior, we end up with stranded tickets that cannot autoclose due to the recovery having been sent.
  4. 1 point
    I am looking for a way to include a device's properties in an alert message, generated by an EventSource. According to your documentation, ##device property## is available in DataSources but not EventSources. I suggest changing that.
  5. 1 point
    I would like to request an option when saving a datapoint of not having rate/sec math on counters / derive type datapoints. I have multiple custom datasources where I am trying to store the difference between two polls but the rate/sec math messes with this.
  6. 1 point
    I need to spend more time in a non-admin role 😑. It looks like all users, despite what is defined in "User Access" for their roles, are able to list other users via Dash Sharing and Reports Schedule. We feel that should not be the case. I would only want my coworkers to be able to do this, NOT my clients who should not be aware of each other (at least not through our monitoring application).
  7. 1 point
    We have a use case to show "Response Times" from a subset of configured Websites. Ideally I'd like this to be in the Big Number widget. We also want to able to chart a subset of my Websites' response times over time in the Chart widget. Anyone found a useful workaround to achieve this? Would LM consider "upgrading" widgets to allow the presentation of Website data? Currently only the SLA widget seems capable of handling Website data.
  8. 1 point
    We use dashboards religiously in Logicmonitor - I'd argue they're one of LM's greatest features. When tracking issues or trying to ascertain trends among aggregate charts, drilling down to a single object is non-intuitive. For example, I have a line chart of CPU% for a collection of web servers. All follow a general path/trend, except for an outlier. I'd like to be able to jump straight from the chart demonstrating the outlier and drill down through whatever resources tree i might have. Today, I spend valuable time sifting through many objects to get to that data. My ideal scenario would take me straight to the single-instance version of that line chart for the requested host, making it a single click for me to navigate to other elements that I might suspect are the source of or related to the issue at hand. I hope that makes sense!
  9. 1 point
    Greetings All, I came up with a few additional Synology datasources and a property source since I realized I was without this information. Let me know if you find them useful. I'm still exploring other SNMP data available via the Synology platform. Please note you must add the system.categories "synology" in addition to whatever else may be present (snmp,TCPUDP,etc.) as I haven't yet successfully configured the SNMP SysOID Maps for Synology devices; any assistance here would be greatly appreciated. F4T3CX = Synology Disk Status (Individual disk failures and temperatures) R977RE = Synology DiskStation Manager software upgrade availability PR4DGP = PropertySource for gathering and displaying Model, Serial, and DSM Version in the info tab. Respectfully, Alejandro Esmael
  10. 1 point
    I love the Reports UI but my users who have only View access to Reports or any given Report Group SHOULD NOT be able to see the reports generated by other users. The previously generated reports are great, but they are hosted in S3 and don't check against the user roles we have assigned to our users. We have a common set of reports that all of our clients use and when they run them on-demand in the old UI, that's all they get--that particular run. Client ABC can now see a version of a report that was run by Client XYZ by clicking on a link. Not good. Making all runs of a report available for all users with access to those reports creates a management headache.
  11. 1 point
    GX2WXT A single Lambda function might have several versions. The default Lambda datasource monitors and alerts on the aggregate performance of each Lambda function. Using the Alias functionality in AWS, this datasource returns CloudWatch metrics specifically for the versions to which you have assigned aliases, allowing you to customize alert thresholds or compare performance across different versions of the same function. This datasource does not automatically discover aliases and begin monitoring them (as this could very quickly translate into several Aliases being monitored and drive up your CloudWatch API bill). Instead, add only the Aliases you want monitored by adding the device property "lambda.aliases" either to individual Lambda functions or at the group level if you're using the same Alias across several lambda functions. To add more than one, simply list them separated with a single space - e.g: "Prod QA01 QA02". If an alias does not exist, no data will be returned. This datasource is otherwise a clone of the existing AWS_Lambda datasource with the default alert thresholds.
  12. 1 point
    It is currently impossible to detect certain conditions without having to be bombarded by noise alerts, which I am told is against the philosophy of Logic Monitor. Consider a few cases: * interface flaps a few times versus more frequently -- how do you tell the difference? right now, you have no choice other than perhaps to construct an API script (not tested). A better solution in this example would be to count the number of flaps over a period of time, and use that as your alert trigger. As it stands right now, there is not even a method to select the top 10 most unstable interfaces since it is literally a yes or no value and top 10 makes no sense. * resource utilization (bandwidth, CPU etc.) is sometimes much better checked over a period of time than just a single interval. the answer I have received on that is "require N checks to fail", and this works if the resource is pegged, but not if it is spiky. As it stands now, the longer of a period you want to simulate via "N checks", the higher the chance one check will reset the alert but the overall result is clearly bad on inspection. Please note this problem has been solved long ago by other tools, like Zabbix (https://www.zabbix.com/documentation/3.4/manual/config/triggers/expression), so hopefully this can be added to LM in the near future as well.
  13. 1 point
    We run a horizontally distributed architecture. As such, we really don't care (too much) if we lose one of N hosts, provided that a minimum number of hosts/processes/etc. are up and healthy. LogicMonitor makes it easy to make a graph of computed datapoints that span hosts, but doesn't let us configure alerts on the same computed data. Tangible example: One application, when running, publishes capacity data to LM. This capacity data is aggregated and graphed, giving us great insight for planning purposes. However, the only alert configuration that LM supports requires us to alert on every single host, sometimes causing unnecessary wake ups in the middle of the night. Operationally, we'd be fine having one host be down, as long as we maintain adequate reserve capacity. System-wide reserve capacity can only be determined by aggregating data across the set of hosts (just like the graphs do). We've been told to write custom scripts to do the collection and aggregation, and perhaps some rainy day we will. However, it seems like 1) LM does so much of the necessary bits already and 2) this would be a really useful capability for anyone that runs a horizontally distributed architecture. This isn't a "holy cow, gotta have this now!" type of feature request, but certainly would be a great value-add.
  14. 1 point
    @Sarah TerryOK, thanks. I am a bit concerned about the SolarWinds-ification going on here where every useful feature is turned into an add-on, but this one seems to warrant it. I've suggested to our CSM previously that all such features be tagged as 'Premium' or whatever word you prefer clearly in the documentation. As it stands now, this and others (e.g., LMConfig) have documentation with no way to know they need licensing to activate.
  15. 1 point
    Are there any plans to have linked clones for dashboards? At the moment we create a template dashboard using tokens and then clone them and then update the token to match what we need to. The problem is if we make a change to the format of a dashboard, we either have to do it on all of them, or delete all the cloned ones and then clone them out again. It would make things a lot easier if all the clones were linked back to the master, and an update to layout or widgets on the master was automatically replicated to the cloned templates.
  16. 1 point
    Hi everybody! I've been using Mike Sudings monitoring solution for a while and i've expanded it a bit to monitor more solutions in Office365. The Monitors included Custom Domains (quantity) WHEKJJ Deleted Users (quantity) ZHADY9 Global Admins (quantity) 7GGZWZ Licenses Assignable ((quantity) based on type) R46EGX Licenses Assigned (quantity) based on type GHRNLL Licensed / Unlicesned Users (quantity) 4PJZJ4 MFA Users (quantity of enabled/disabled users) WZFAWK Users and devices in Office365 Tenant (quantity) Devices if clients are joined to Azure AD PLMP22 Hope they are helping the community out
  17. 1 point
    Hi, with Meraki enabling Webhooks, can LogicMonitor receive Alerts for any of the events you enable on the dashboard? https://meraki.cisco.com/blog/2018/10/real-time-alerting-with-webhooks/ Additionally, is it any different to poll devices Meraki devices directly versus receiving information from the dashboard?
  18. 1 point
    Following up with this becuase we keep seeing this "feature" cause issues for us. We are seeing now that this issue breaks some of the functionality of the ServiceNow integration. We have tickets in ServiceNow set to close once the alert clears in LogicMonitor. But in siutations like below where that alert is acknowldged at one severity then changes to another only to change back to the original severity no notifications are sent. See below: Here we have a drive begin to fill up. The initial alert creates a ticket and is updated twice as it jumps to error than critical severity. No updates were sent to the ticket after critical alert. The ticket still shows as an open critical because the notifications were suppressed due to previous acknowledgemnets. I don't like that we have to choose between ack'ing alerts and having tickets be updated correctly. Again I would like to see an option to enable notifications whenever a threhsold is crossed even if the alert has been ack'd at that severity with out the alert clearing entirely.
  19. 1 point
    I have brought this up before and was shot down with the "works as designed". We 100% agree with this statement "Second, when a alert crosses a threshold the second time a week after the original acknowledgement (as we saw in my first post) I think it is safe to assume that should be considered a new "alert session." We have cases with the following conditions: 1. alert triggers on warning threshold 2. NOC acks with "monitoring" 3. alert crosses error threshold 4. NOC escalates to SME 5. NOC acks with "escalating to SME" 5. alert crosses critical threshold 6. NOC acks with "incident created. Management informed" 7. SME remediates just enough to move the alert down to warning 8. SME informs NOC issue fixed 9. NOC closed incident and resumes watching the alert page 10. alert crosses error threshold 11. No notification 12. alert crosses critical threshold 13. No notification 14. server crashes 15. People ask why no alert.... As a monitoring service, over communication is 100x more acceptable than a server crashing.
  20. 1 point
    I would like to propose an idea that Logicmonitor needs a better way for external systems to input data into the Logicmonitor system. Similar to Zabbix Sender https://www.zabbix.com/documentation/2.2/manpages/zabbix_sender Use case is: suppose alongside LM, a company runs an APM like New Relic, a log monitoring tool like Elasticsearch/Splunk, a custom Data warehouse for analytics. As the NPM, LM should be the one source of alarming and trending. I believe the best way to integrate is to allow a direct api to send data or allow ability to interface with the collector to send data. This way any application, no matter custom or common public applications can input data into Logicmonitor. For examples - if elasticsearch/splunk found a critical error in its munching of logs, it will open connection to logicmonitor and send data that this error log occurs 5 times in the last 2 mins. Logicmonitor is configured to alert if > 1 so there is an alert to our NOC - if the APM finds that a website has an immense increase in traffic from one location causing performance issues, it will open connection to logicmonitor and send data that this is occured. - if the mining of our data warehouse finds that customers interest/purchase of one of our products has dipped 20% in the last month, it will open connection to logicmonitor and send this data.