Popular Content

Showing content with the highest reputation since 08/09/2019 in all areas

  1. 4 points
    When you use alert tunning a the host/group level for a particular data source, I would like the ability to select to alert on No-Data when creating custom alert thresholds.
  2. 4 points
    Can you please add an Inventory\List tab on the RHS (right hand side) when we have a group selected. Its very annoying that I cannot just get a full list of all the objects in a group/folder quickly and easily thru the main GUI and have to do this thru a "Report" When I click on a group I just want to see all the devices\items in that group on the RHS and have all the properties I choose to select to view for example: name,ip,OS,mac,class type(computer/router/switch), etc.. Why is there no List/Inventory view OOTB in the GUI? I also need to be able to export the list quickly to any format, HTML, CSV, PDF so I can send a quick list report to whoever is requesting this. I don't want to have to go into Reports and then have to choose the group to run the report on. This is basic what's in this folder/group behavior.
  3. 4 points
    Hello, As an MSP we've the need to monitor a lot of directories/shares for the same client. Some of those shares are accessible with the collector user, however, we've some clients that restrict their share to specific users (not the ones running the collector service). I've tried to create a datasource that's a simple runas where we can pass the user/passwd as a parameter, however, that isn't possible to run from the collector level (confirmed by LM staff in a case that I've raised). Can this be implemented? This feature would be very important (since we monitor +100 clients).
  4. 4 points
    Hello, As an MSP we've the need to group multiple interface instances (from different devices & different clients as well) in order to set common thresholds, reports, etc... From my research that isn't possible within LM. Anyone able to do that? This would be very useful from the monitoring/management perspective. Regards,
  5. 4 points
    Can you please add the AUDIT tab on the RHS (right hand side) for any device you have selected from under Resources/Websites. I want to quickly check who/what updates were made to the device I selected and why do I have to go into an entirely different section (Settings > Audit) to then check and search for the audit history on the device I selected. Please add this to the GUI so I can just quickly check the history on the device selected.
  6. 3 points
    We would like to request that there be a means to un-acknowledge alerts without having to disable alerting on the device in order for the alert to retain the original time stamps. Thank you.
  7. 3 points
    From my understanding, the native WMI-based checks will make a new WMI call for each instance, so 1 WMI call for each windows service and process, hence why you see 12k of them. There are a lot of types of checks that work that way, but there is one option that will let you make one WMI call per device (if you can get all the data in one call) and extract in bulk for all instances at once: BATCHSCRIPT. I'm not sure if it would completely help in your situation, but if you switch from native WMI to using something like a PowerShell or Groovy BatchScript, you can send one WMI query to the server and get data for all services/processes at once. Scripts do cause more load on the collector than most native checks, but 150 script instances (75*2) are likely less load then 12k WMI instances.. Actually I think the collector does WMI queries via powershell anyway, not 100% sure about that, so even less of a concern. You can still keep the old WMI AD method and just move Collector Attributes to use batchscript.
  8. 3 points
    Hello, We would like to have the possibility of group interface instance(s) [from different devices/clients]. As an MSP we have the need of creating common thresholds for certain types of interfaces we want to group, reports, dashboards, etc... Within LM we aren't able to group instances from multiple devices/clients. Can this be implemented? Regards,
  9. 3 points
    Please add a GUI settings based on user profile that would allow me to disable the auto-expanding of and object in the Resources tree when I click on it Currently any item in the navigation tree when you click on it auto opens and expands to show all its sub items. Why? The tree should just expand if I click on the > next to the items name. Why do you automatically show everything under the resource. If there's 20+ items I have to then scroll down past this to get to the next item. Why are you using different behavior in your GUI? Asking for a setting that controls this so I can disable this behavior.
  10. 2 points
    The strings are host properties, so set them on the collector you want to run this from. Those would have to be bound to a collector host. As written, that supports only a single remote SFTP test. If you wanted to do more, you would need to rewrite that to handle instances either manual or active discovery. I do the latter often even with a manual property list as it is the only way to define automatic instance properties. It may be possible to do this via an internal "website" check, but I have not tried going full groovy on those yet :). Even then, each would be a separate copy of code, so better to use this and perhaps extend to support multiple checks.
  11. 2 points
    Hello, We've noticed the Cisco EIGRP PeerDown alarm(s) aren't being suppressed if the actual device goes down on LM. When lost SNMP connectivity to one of our routers, it started returning PeerDown alarms (since SNMP wasn't responding, causing the 'NoData' condition at the 'upTime' datapoint). This becomes an issue because the actual datapoint that checks the Peer status, bases itself on the data retrieved by the 'upTime' datapoint (which at this point, is as 'NoData). Basically, if the 'upTime' doesn't return data (which happens if the actual device goes down) it'll trigger an alarm for the PeerDown instances (since it'll always return False). LogicMonitor only sees the actual device as 'down' after 5 minutes (when not retrieving data). This DS will alarm first (since the PeerDown will return an alarm on 2 consecutive tools - which means 3 minutes). As per the documentation, all the alarm(s) emanating from the host will be suppressed. My question here (just to make sure) is, this will only be the case for alarms that hit 'AFTER' the host down condition correct? If that's true, how can we surpass this without having to increase the time that 'PeerDown' alarms took to appear in the console? Is there any type of expression that we can use in that ComplexDatapoint (instead of the current one). Because, currently the fact of this device being down, caused 100 alarm(s) on the console (since it's a central point for our EIGRP routing). Thank you! Regards,
  12. 2 points
    Oh yes, we have a process to check/remove them every week. It's caused by LogicMonitor add device wizard when you enter in properties there. We pretty much avoid the wizard now. LM tries to be "helpful" by adding those properties to root. This is something we have brought up to LM over the years (tickets 76322, 88632, 108961, FEED-2277) but LM never changed it. As an MSP it becomes a problem since we have lots of customers in one portal, so never want anything on root and sometimes it get inheritied. LM suggested we just add fake values. LM seems to be putting more focus on MSPs these days, but either way I suggest reaching out to your rep about this issue.
  13. 2 points
    I submitted an enhancement for the CiscoQoS datasource, but until LM processes it you can import this. The existing version creates an instance for (QoS object + QoS Class +Qos Policy) * interfaces, so a single switch can easily have 5000+ instances. I added some properties during Active Discovery that you can use to filter based on policy direction, interface type, interface name/desc, or class name/desc. By default it only adds policies applied in the outbound direction (shaping traffic). auto.qos.interface.name auto.qos.interface.desc auto.qos.interface.type auto.qos.class.name auto.qos.class.desc auto.qos.policy_direction <?xml version="1.0" encoding="UTF-8" ?> <feed version="1.0" hasPendingRequests="false" > <company></company> <status>200</status> <errmsg>OK</errmsg> <interval>0</interval> <entry type="predatasource"> <version>1590592615</version> <name>Cisco_QoS_Improved</name> <displayedas>Cisco_QoS_Improved</displayedas> <description>Monitors Cisco class-based Quality-of-Service (QoS) interface packet metrics.</description> <collector>snmp</collector> <hasMultiInstances>true</hasMultiInstances> <schedule>180</schedule> <appliesTo>false()</appliesTo> <wildcardauto>true</wildcardauto> <wildcardpersist>false</wildcardpersist> <wildcardlinuxscript>ad_script</wildcardlinuxscript> <wildcardlinuxcmdline>type=&#34;embeded&#34; </wildcardlinuxcmdline> <wildcardwinscript>ad_script</wildcardwinscript> <wildcardwincmdline>type=&#34;embeded&#34; </wildcardwincmdline> <wildcardgroovyscript>/******************************************************************************* * © 2007-2019 - LogicMonitor, Inc. All rights reserved. ******************************************************************************/ import com.santaba.agent.groovyapi.snmp.Snmp // variable to hold system hostname def host = hostProps.get(&#39;system.hostname&#39;); def props = hostProps.toProperties(); def timeout = 30000; // 30 seconds timeout /* The following SNMP walkAsMap will handle v1 , v2 and v3. Props contains a map of ALL host properties and the SNMP walk method will automatically handle the proper connection based on which SNMP version is configured. */ Map policy_dir_map = [ &#39;1&#39;:&#39;input&#39;, &#39;2&#39;:&#39;output&#39; ]; Map cbQosIfType_map = [ &#39;1&#39;:&#39;mainInterface&#39;, &#39;2&#39;:&#39;subInterface&#39;, &#39;3&#39;:&#39;frDLCI&#39;, &#39;4&#39;:&#39;atmPVC&#39;, &#39;5&#39;:&#39;controlPlane&#39;, &#39;6&#39;:&#39;vlanPort&#39;, &#39;7&#39;:&#39;evc&#39; ]; // define maps we will walk. def cbQosIfTypeOID = &#39;.;; def cbQosPolicyDirOID = &#39;.;; def cbQosIfIndexOID = &#39;.;; def ifDescrOID = &#39;.;; def ifAliasOID = &#39;.;; def cbQosConfigIndexOID = &#39;.;; def cbQosConfigType = &#39;.;; def cbQosCMNameOID = &#39;.;; def cbQosCMDescOID = &#39;.;; def cbQosIfTypeMap = Snmp.walkAsMap(host, cbQosIfTypeOID, props, timeout); def cbQosIfIndexMap = Snmp.walkAsMap(host, cbQosIfIndexOID, props, timeout); def cbQosPolicyDirMap = Snmp.walkAsMap(host, cbQosPolicyDirOID, props, timeout); def ifDescrMap = Snmp.walkAsMap(host, ifDescrOID, props, timeout); def ifAliasMap = Snmp.walkAsMap(host, ifAliasOID, props, timeout); //def cbQosConfigIndexMap = Snmp.walkAsMap(host, cbQosConfigIndexOID, props, timeout); def cbQosCMNameMap = Snmp.walkAsMap(host, cbQosCMNameOID, props, timeout); def cbQosCMDescMap = Snmp.walkAsMap(host, cbQosCMDescOID, props, timeout); // Walk through each entry of the cbQosIfIndexMap cbQosIfIndexMap.each { cbQosPolicyIndex, ifIndex -&#62; // cbQosPolicyIndex is key for the policy used to retrieve the config elements for name and desc // ifIndex is value for logical interface (if it exists; control plane will be null // Set ifDescr and ifAlias to empty strings if there is no logical interface (like control plane) if (ifIndex != null) { ifDescr = ifDescrMap[ifIndex]; ifAlias = ifAliasMap[ifIndex]; } else { ifDescr = &#34;&#34;; ifAlias = &#34;&#34;; } // Input=1 or output=2 direction on the interface cbQosPolicyDirection = policy_dir_map[cbQosPolicyDirMap[cbQosPolicyIndex]]; // Type of interface policy is applied to cbQosIfType = cbQosIfType_map[cbQosIfTypeMap[cbQosPolicyIndex]]; //cbQosConfigIndexMap = Snmp.walkAsMap(host, &#39;.;, props, timeout); cbQosConfigIndexMap = Snmp.walkAsMap(host, cbQosConfigIndexOID + &#39;.&#39; + cbQosPolicyIndex, props, timeout); // Walk through cbQosConfigIndexMap cbQosConfigIndexMap.each { cbQosConfigIndex,cbQosCMConfigIndex -&#62; // cbQosConfigIndex is the key here, will be the wildvalue with cbQosPolicyIndex // cbQosCMConfigIndex is the value here (will be the key in cbQosCMNameMap and cbQosCMDescMap). // cbQosConfigIndexMap has an entry for every config element in the policy (class, match, etc) // but class entries have cbQosCMNameMap and cbQosCMDescMap entries cbQosCMName = cbQosCMNameMap[cbQosCMConfigIndex]; cbQosCMDesc = cbQosCMDescMap[cbQosCMConfigIndex]; if (cbQosCMName != null) { println &#34;$cbQosPolicyIndex##$ifDescr ($cbQosCMName)####$cbQosConfigIndex##auto.qos.interface.name=$ifDescr&#38;auto.qos.class.name=$cbQosCMName&#38;auto.qos.interface.desc=$ifAlias&#38;auto.qos.class.desc=$cbQosCMDesc&#38;auto.qos.policy_direction=$cbQosPolicyDirection&#38;&#38;auto.qos.interface.type=$cbQosIfType&#34;; } } } return 0</wildcardgroovyscript> <wildcardschedule>1440</wildcardschedule> <wildcarddisable>false</wildcarddisable> <wildcarddeleteinactive>false</wildcarddeleteinactive> <agdmethod>ilp</agdmethod> <agdparams>auto.qos.interface.name</agdparams> <group>Cisco_QoS_Improved</group> <tags>qos,quality of service,cisco,network</tags> <technology>- AD updated from previous versions to use WalkAsMap for massive efficiency gains.</technology> <adlist><![CDATA[{"agdmethod":"ilp","method":"ad_script","agdparams":"auto.qos.interface.name","id":0,"filters":[{"attribute":"auto.qos.policy_direction","operation":"Equal","value":"output"}],"params":{"type":"embeded","groovyscript":"/*******************************************************************************\r\n * © 2007-2019 - LogicMonitor, Inc. All rights reserved.\r\n ******************************************************************************/\r\n\r\nimport com.santaba.agent.groovyapi.snmp.Snmp\r\n\r\n// variable to hold system hostname\r\ndef host = hostProps.get('system.hostname');\r\ndef props = hostProps.toProperties();\r\ndef timeout = 30000; // 30 seconds timeout\r\n\r\n/*\r\nThe following SNMP walkAsMap will handle v1 , v2 and v3.\r\nProps contains a map of ALL host properties and the SNMP walk method will automatically\r\nhandle the proper connection based on which SNMP version is configured.\r\n*/\r\n\r\n Map policy_dir_map =\r\n [\r\n '1':'input',\r\n '2':'output'\r\n ];\r\n \r\n Map cbQosIfType_map =\r\n [\r\n '1':'mainInterface',\r\n '2':'subInterface',\r\n '3':'frDLCI',\r\n '4':'atmPVC',\r\n '5':'controlPlane',\r\n '6':'vlanPort',\r\n '7':'evc'\r\n ];\r\n\r\n// define maps we will walk.\r\ndef cbQosIfTypeOID \t\t= '.';\r\ndef cbQosPolicyDirOID \t= '.';\r\ndef cbQosIfIndexOID \t\t= '.';\r\ndef ifDescrOID \t\t\t= '.';\r\ndef ifAliasOID \t\t\t= '.';\r\ndef cbQosConfigIndexOID \t= '.';\r\ndef cbQosConfigType \t\t= '.';\r\ndef cbQosCMNameOID \t\t= '.';\r\ndef cbQosCMDescOID \t\t= '.';\r\n\r\ndef cbQosIfTypeMap \t\t= Snmp.walkAsMap(host, cbQosIfTypeOID, \tprops, timeout);\r\ndef cbQosIfIndexMap \t\t= Snmp.walkAsMap(host, cbQosIfIndexOID, \tprops, timeout);\r\ndef cbQosPolicyDirMap \t= Snmp.walkAsMap(host, cbQosPolicyDirOID, \tprops, timeout);\r\ndef ifDescrMap \t\t\t= Snmp.walkAsMap(host, ifDescrOID, \t\tprops, timeout);\r\ndef ifAliasMap \t\t\t= Snmp.walkAsMap(host, ifAliasOID, \t\tprops, timeout);\r\n//def cbQosConfigIndexMap = Snmp.walkAsMap(host, cbQosConfigIndexOID, props, timeout);\r\ndef cbQosCMNameMap \t\t= Snmp.walkAsMap(host, cbQosCMNameOID,\tprops, timeout);\r\ndef cbQosCMDescMap \t\t= Snmp.walkAsMap(host, cbQosCMDescOID,\tprops, timeout);\r\n\r\n// Walk through each entry of the cbQosIfIndexMap\r\ncbQosIfIndexMap.each\r\n { cbQosPolicyIndex, ifIndex ->\r\n\r\n // cbQosPolicyIndex is key for the policy used to retrieve the config elements for name and desc\r\n // ifIndex is value for logical interface (if it exists; control plane will be null\r\n\r\n\t\t // Set ifDescr and ifAlias to empty strings if there is no logical interface (like control plane)\r\n\r\n if (ifIndex != null) {\r\n ifDescr = ifDescrMap[ifIndex];\r\n ifAlias = ifAliasMap[ifIndex];\r\n } else {\r\n\t ifDescr = \"\";\r\n\t\t ifAlias = \"\";\r\n\t\t }\r\n\r\n\r\n\t\t // Input=1 or output=2 direction on the interface\r\n\t\t cbQosPolicyDirection = policy_dir_map[cbQosPolicyDirMap[cbQosPolicyIndex]];\r\n\r\n\t\t // Type of interface policy is applied to\r\n\t\t cbQosIfType = cbQosIfType_map[cbQosIfTypeMap[cbQosPolicyIndex]];\r\n\r\n\t\t //cbQosConfigIndexMap = Snmp.walkAsMap(host, '.', props, timeout);\r\n\t\t cbQosConfigIndexMap = Snmp.walkAsMap(host, cbQosConfigIndexOID + '.' + cbQosPolicyIndex, props, timeout);\r\n\r\n // Walk through cbQosConfigIndexMap\r\n cbQosConfigIndexMap.each\r\n { cbQosConfigIndex,cbQosCMConfigIndex ->\r\n\r\n // cbQosConfigIndex is the key here, will be the wildvalue with cbQosPolicyIndex\r\n // cbQosCMConfigIndex is the value here (will be the key in cbQosCMNameMap and cbQosCMDescMap).\r\n\r\n\t\t\t\t\t// cbQosConfigIndexMap has an entry for every config element in the policy (class, match, etc)\r\n\t\t\t\t\t// but class entries have cbQosCMNameMap and cbQosCMDescMap entries\r\n\t\t\t\t\tcbQosCMName = cbQosCMNameMap[cbQosCMConfigIndex];\r\n\t\t\t\t\tcbQosCMDesc = cbQosCMDescMap[cbQosCMConfigIndex];\r\n\r\n\t\t\t\t\tif (cbQosCMName != null) {\r\n\t println \"$cbQosPolicyIndex##$ifDescr ($cbQosCMName)####$cbQosConfigIndex##auto.qos.interface.name=$ifDescr&auto.qos.class.name=$cbQosCMName&auto.qos.interface.desc=$ifAlias&auto.qos.class.desc=$cbQosCMDesc&auto.qos.policy_direction=$cbQosPolicyDirection&&auto.qos.interface.type=$cbQosIfType\";\r\n \t\t\t\t\t}\r\n }\r\n }\r\n\r\nreturn 0"}}]]></adlist> <schemaVersion>2</schemaVersion> <dataSourceType>1</dataSourceType> <attributes> <attribute> <name>ip</name> <value>dns</value> <comment></comment> </attribute> <attribute> <name>__filter_0</name> <value>auto.qos.policy_direction Equal output</value> <comment></comment> </attribute> </attributes> <datapoints> <datapoint> <name>DropByte</name> <dataType>7</dataType> <type>3</type> <postprocessormethod>none</postprocessormethod> <postprocessorparam></postprocessorparam> <usevalue></usevalue> <alertexpr></alertexpr> <alertmissing>1</alertmissing> <alertsubject></alertsubject> <alertbody></alertbody> <enableanomalyalertsuppression></enableanomalyalertsuppression> <description>Number of dropped bytes per second as the result of all features that can produce drops (e.g., police, random detect, etc.)</description> <maxvalue></maxvalue> <minvalue>0</minvalue> <userparam1>.</userparam1> <userparam2></userparam2> <userparam3></userparam3> <iscomposite>false</iscomposite> <rpn></rpn> <alertTransitionIval>5</alertTransitionIval> <alertClearTransitionIval>0</alertClearTransitionIval> </datapoint> <datapoint> <name>DropPkt</name> <dataType>7</dataType> <type>3</type> <postprocessormethod>none</postprocessormethod> <postprocessorparam></postprocessorparam> <usevalue></usevalue> <alertexpr>&#62; 0</alertexpr> <alertmissing>1</alertmissing> <alertsubject></alertsubject> <alertbody>Cisco QoS Interface ##INSTANCE## on ##HOST## has reported ##VALUE## packet drops per second, placing the interface into ##LEVEL## state. This started at ##START##, -- or ##DURATION## ago.</alertbody> <enableanomalyalertsuppression></enableanomalyalertsuppression> <description>Number of dropped packets, per second, per class as the result of all features that can produce drops (e.g., police, random detect, etc.).</description> <maxvalue></maxvalue> <minvalue>0</minvalue> <userparam1>.</userparam1> <userparam2></userparam2> <userparam3></userparam3> <iscomposite>false</iscomposite> <rpn></rpn> <alertTransitionIval>2</alertTransitionIval> <alertClearTransitionIval>0</alertClearTransitionIval> </datapoint> <datapoint> <name>NoBuffDropPkt</name> <dataType>7</dataType> <type>3</type> <postprocessormethod>none</postprocessormethod> <postprocessorparam></postprocessorparam> <usevalue></usevalue> <alertexpr>&#62; 0</alertexpr> <alertmissing>1</alertmissing> <alertsubject></alertsubject> <alertbody>Cisco QoS Interface-Class ##INSTANCE## on ##HOST## has reported ##VALUE## packet drops per second due to a lack of SRAM buffers during output processing on an interface, placing the interface into ##LEVEL## state. This started at ##START##, -- or ##DURATION## ago.</alertbody> <enableanomalyalertsuppression></enableanomalyalertsuppression> <description>Number of dropped packets per second which occurred due to a lack of SRAM buffers during output processing on an interface.</description> <maxvalue></maxvalue> <minvalue>0</minvalue> <userparam1>.</userparam1> <userparam2></userparam2> <userparam3></userparam3> <iscomposite>false</iscomposite> <rpn></rpn> <alertTransitionIval>2</alertTransitionIval> <alertClearTransitionIval>0</alertClearTransitionIval> </datapoint> <datapoint> <name>PostPolicyByte</name> <dataType>7</dataType> <type>3</type> <postprocessormethod>none</postprocessormethod> <postprocessorparam></postprocessorparam> <usevalue></usevalue> <alertexpr></alertexpr> <alertmissing>1</alertmissing> <alertsubject></alertsubject> <alertbody></alertbody> <enableanomalyalertsuppression></enableanomalyalertsuppression> <description>Number of outbound octets, per second, after executing QoS policies.</description> <maxvalue></maxvalue> <minvalue>0</minvalue> <userparam1>.</userparam1> <userparam2></userparam2> <userparam3></userparam3> <iscomposite>false</iscomposite> <rpn></rpn> <alertTransitionIval>5</alertTransitionIval> <alertClearTransitionIval>0</alertClearTransitionIval> </datapoint> <datapoint> <name>PrePolicyByte</name> <dataType>7</dataType> <type>3</type> <postprocessormethod>none</postprocessormethod> <postprocessorparam></postprocessorparam> <usevalue></usevalue> <alertexpr></alertexpr> <alertmissing>1</alertmissing> <alertsubject></alertsubject> <alertbody></alertbody> <enableanomalyalertsuppression></enableanomalyalertsuppression> <description>Number of inbound octets, per second, prior to executing any QoS policies.</description> <maxvalue></maxvalue> <minvalue>0</minvalue> <userparam1>.</userparam1> <userparam2></userparam2> <userparam3></userparam3> <iscomposite>false</iscomposite> <rpn></rpn> <alertTransitionIval>5</alertTransitionIval> <alertClearTransitionIval>0</alertClearTransitionIval> </datapoint> <datapoint> <name>PrePolicyPkt</name> <dataType>7</dataType> <type>3</type> <postprocessormethod>none</postprocessormethod> <postprocessorparam></postprocessorparam> <usevalue></usevalue> <alertexpr></alertexpr> <alertmissing>1</alertmissing> <alertsubject></alertsubject> <alertbody></alertbody> <enableanomalyalertsuppression></enableanomalyalertsuppression> <description>Number of inbound packets, per second, prior to executing any QoS policies.</description> <maxvalue></maxvalue> <minvalue>0</minvalue> <userparam1>.</userparam1> <userparam2></userparam2> <userparam3></userparam3> <iscomposite>false</iscomposite> <rpn></rpn> <alertTransitionIval>5</alertTransitionIval> <alertClearTransitionIval>0</alertClearTransitionIval> </datapoint> <datapoint> <name>DroppedBits</name> <dataType>7</dataType> <type>2</type> <postprocessormethod>expression</postprocessormethod> <postprocessorparam>DropByte * 8</postprocessorparam> <usevalue></usevalue> <alertexpr></alertexpr> <alertmissing>1</alertmissing> <alertsubject></alertsubject> <alertbody></alertbody> <enableanomalyalertsuppression></enableanomalyalertsuppression> <description>Number of dropped bits per second as the result of all features that can produce drops (e.g., police, random detect, etc.)</description> <maxvalue></maxvalue> <minvalue></minvalue> <userparam1></userparam1> <userparam2></userparam2> <userparam3></userparam3> <iscomposite>false</iscomposite> <rpn></rpn> <alertTransitionIval>0</alertTransitionIval> <alertClearTransitionIval>0</alertClearTransitionIval> </datapoint> <datapoint> <name>PostPolicyBits</name> <dataType>7</dataType> <type>2</type> <postprocessormethod>expression</postprocessormethod> <postprocessorparam>PostPolicyByte * 8</postprocessorparam> <usevalue></usevalue> <alertexpr></alertexpr> <alertmissing>1</alertmissing> <alertsubject></alertsubject> <alertbody></alertbody> <enableanomalyalertsuppression></enableanomalyalertsuppression> <description>Number of outbound bits, per second, after executing QoS policies.</description> <maxvalue></maxvalue> <minvalue></minvalue> <userparam1></userparam1> <userparam2></userparam2> <userparam3></userparam3> <iscomposite>false</iscomposite> <rpn></rpn> <alertTransitionIval>0</alertTransitionIval> <alertClearTransitionIval>0</alertClearTransitionIval> </datapoint> <datapoint> <name>PrePolicyBits</name> <dataType>7</dataType> <type>2</type> <postprocessormethod>expression</postprocessormethod> <postprocessorparam>PrePolicyByte * 8</postprocessorparam> <usevalue></usevalue> <alertexpr></alertexpr> <alertmissing>1</alertmissing> <alertsubject></alertsubject> <alertbody></alertbody> <enableanomalyalertsuppression></enableanomalyalertsuppression> <description>Number of inbound bits, per second, prior to executing any QoS policies.</description> <maxvalue></maxvalue> <minvalue></minvalue> <userparam1></userparam1> <userparam2></userparam2> <userparam3></userparam3> <iscomposite>false</iscomposite> <rpn></rpn> <alertTransitionIval>0</alertTransitionIval> <alertClearTransitionIval>0</alertClearTransitionIval> </datapoint> </datapoints> <graphs> <graph> <name>QoS Packets</name> <title>QoS Packets</title> <verticallabel>packets/sec</verticallabel> <rigid>true</rigid> <maxvalue>NaN</maxvalue> <minvalue>0.0</minvalue> <displayprio>2</displayprio> <timescale>1day</timescale> <base1024>false</base1024> <graphdatapoints> <graphdatapoint> <name>DropPkt</name> <datapointname>DropPkt</datapointname> <cf>1</cf> </graphdatapoint> <graphdatapoint> <name>NoBufDropPkt</name> <datapointname>NoBuffDropPkt</datapointname> <cf>1</cf> </graphdatapoint> <graphdatapoint> <name>PrePolicyPkt</name> <datapointname>PrePolicyPkt</datapointname> <cf>1</cf> </graphdatapoint> </graphdatapoints> <graphvirtualdatapoints> </graphvirtualdatapoints> <graphdatas> <graphdata> <type>2</type> <legend>Drops</legend> <color>red</color> <datapointname>DropPkt</datapointname> <isvirtualdatapoint>false</isvirtualdatapoint> </graphdata> <graphdata> <type>2</type> <legend>Buffer Drop</legend> <color>orange</color> <datapointname>NoBufDropPkt</datapointname> <isvirtualdatapoint>false</isvirtualdatapoint> </graphdata> <graphdata> <type>1</type> <legend>Pre-Policy</legend> <color>blue</color> <datapointname>PrePolicyPkt</datapointname> <isvirtualdatapoint>false</isvirtualdatapoint> </graphdata> </graphdatas> </graph> <graph> <name>QoS Throughput</name> <title>QoS Throughput</title> <verticallabel>bps</verticallabel> <rigid>true</rigid> <maxvalue>NaN</maxvalue> <minvalue>0.0</minvalue> <displayprio>1</displayprio> <timescale>1day</timescale> <base1024>false</base1024> <graphdatapoints> <graphdatapoint> <name>DroppedBits</name> <datapointname>DroppedBits</datapointname> <cf>1</cf> </graphdatapoint> <graphdatapoint> <name>PostPolicyBits</name> <datapointname>PostPolicyBits</datapointname> <cf>1</cf> </graphdatapoint> <graphdatapoint> <name>PrePolicyBits</name> <datapointname>PrePolicyBits</datapointname> <cf>1</cf> </graphdatapoint> </graphdatapoints> <graphvirtualdatapoints> </graphvirtualdatapoints> <graphdatas> <graphdata> <type>1</type> <legend>Dropped</legend> <color>red</color> <datapointname>DroppedBits</datapointname> <isvirtualdatapoint>false</isvirtualdatapoint> </graphdata> <graphdata> <type>1</type> <legend>Post-Policy</legend> <color>blue</color> <datapointname>PostPolicyBits</datapointname> <isvirtualdatapoint>false</isvirtualdatapoint> </graphdata> <graphdata> <type>1</type> <legend>Pre-Policy</legend> <color>green</color> <datapointname>PrePolicyBits</datapointname> <isvirtualdatapoint>false</isvirtualdatapoint> </graphdata> </graphdatas> </graph> </graphs> <overviewgraphs> <overviewgraph> <name>Top 10 Interfaces by Packet Drops</name> <title>Top 10 Interfaces by Packet Drops</title> <verticallabel>packet/sec</verticallabel> <rigid>true</rigid> <maxvalue>NaN</maxvalue> <minvalue>0.0</minvalue> <displayprio>3</displayprio> <timescale>1day</timescale> <base1024>false</base1024> <aggregated>false</aggregated> <datapoints> <overviewgraphdatapoint> <name>DropPkt</name> <datapointname>DropPkt</datapointname> <cf>1</cf> <aggregateMethod>sum</aggregateMethod> </overviewgraphdatapoint> <overviewgraphdatapoint> <name>NoBuffDropPkt</name> <datapointname>NoBuffDropPkt</datapointname> <cf>1</cf> <aggregateMethod>sum</aggregateMethod> </overviewgraphdatapoint> </datapoints> <virtualdatapoints> </virtualdatapoints> <lines> <overviewgraphline> <type>1</type> <legend>##INSTANCE##</legend> <datapointname>DropPkt</datapointname> <isvirtualdatapoint>false</isvirtualdatapoint> <color>blue</color> </overviewgraphline> <overviewgraphline> <type>1</type> <legend>Buffer Drop ##INSTANCE##</legend> <datapointname>NoBuffDropPkt</datapointname> <isvirtualdatapoint>false</isvirtualdatapoint> <color>blue</color> </overviewgraphline> </lines> </overviewgraph> <overviewgraph> <name>Top 10 Interfaces by Post-Policy Throughput</name> <title>Top 10 Interfaces by Post-Policy Throughput</title> <verticallabel>bps</verticallabel> <rigid>true</rigid> <maxvalue>NaN</maxvalue> <minvalue>0.0</minvalue> <displayprio>2</displayprio> <timescale>1day</timescale> <base1024>false</base1024> <aggregated>false</aggregated> <datapoints> <overviewgraphdatapoint> <name>PostPolicyBits</name> <datapointname>PostPolicyBits</datapointname> <cf>1</cf> <aggregateMethod>sum</aggregateMethod> </overviewgraphdatapoint> </datapoints> <virtualdatapoints> </virtualdatapoints> <lines> <overviewgraphline> <type>1</type> <legend>##INSTANCE##</legend> <datapointname>PostPolicyBits</datapointname> <isvirtualdatapoint>false</isvirtualdatapoint> <color>AUTO</color> </overviewgraphline> </lines> </overviewgraph> <overviewgraph> <name>Top 10 Interfaces by Pre-Policy Throughput</name> <title>Top 10 Interfaces by Pre-Policy Throughput</title> <verticallabel>bps</verticallabel> <rigid>true</rigid> <maxvalue>NaN</maxvalue> <minvalue>0.0</minvalue> <displayprio>1</displayprio> <timescale>1day</timescale> <base1024>false</base1024> <aggregated>false</aggregated> <datapoints> <overviewgraphdatapoint> <name>PrePolicyBits</name> <datapointname>PrePolicyBits</datapointname> <cf>1</cf> <aggregateMethod>sum</aggregateMethod> </overviewgraphdatapoint> </datapoints> <virtualdatapoints> </virtualdatapoints> <lines> <overviewgraphline> <type>1</type> <legend>##INSTANCE##</legend> <datapointname>PrePolicyBits</datapointname> <isvirtualdatapoint>false</isvirtualdatapoint> <color>AUTO</color> </overviewgraphline> </lines> </overviewgraph> </overviewgraphs> <scripts> </scripts> </entry> </feed>
  14. 2 points
    It would be nice to have a easier way to disable/manage Property Sources (just like we have for DataSources - at a group level, device level, etc...). I know we can disable those in the 'AppliesTo' field (at the PropertySource level) and/or we can create a custom property (& then having devices automatically assigned to a dynamic group by using that property, etc...). However, we shouldn't require to create extra properties and/or modify the 'AppliesTo' with extra stuff. It would be way easier having the possibility to do this like we do for the DataSources (even in terms of management, understanding what's applied vs. what isn't). Not sure if this was suggested in the past but, it would be a great improvement in my opinion. Regards,
  15. 2 points
    Late to the party (sorry, new to LM itself) but just wondering if any further consideration/progress was made on this feature request? I recently added a Cisco FMC trap in LM. And what would have been a single alarm in our old NMS has generated over 1100 alerts (so far).
  16. 2 points
    BUMPing.. We are learning of this now as we are starting to implement LM and this is horrible. There has to be a solution for this? Why does LM not correlate the same event and just increase the count of that same alert/trap on the Alert Console? We don't need 1000 different alerts that all pertain to the same event/trap.
  17. 2 points
    Hello, why is there no way to filter out the Datasource Repository items so i can find what i'm looking for easier? I have to scroll thru 100's of DS's and hopefully find what I need. Each column should have a filter at the top so we can shorten this list. Can you add this please...
  18. 2 points
    It would be nice to be able to import MIBs to start creating DataSources. We have come across a few instances where this would've been much easier then having to manually create a bunch of things.
  19. 2 points
    Please add HtmlUnit (http://htmlunit.sourceforge.net/) to allow for more sophisticated web page interaction, including JavaScript evaluation. Right now any pages with JavaScript are impenetrable. I know it is in theory possible to add this ourselves, but it is a painful process that must be done on each collector. Much easier if included to begin with. Or please add a facility to allow deployment of new libraries within Settings. Perhaps not fully dynamic like Grapes, but something along those lines would be very helpful.
  20. 2 points
    Hello, We recently cloned 2 Logic Monitor out of the box datasources (name -> WinService- & WinProcessStats-) in order to enable the 'Active Discovery' feature on those. We did this because we've the need to discover services/processes automatically, since we don't have an 'exact list' of which services/processes we should monitor (due to the amount of clients [+100] & the different services/solutions across them) After enabling this it works fine & does what we expect (discovers all the services/processes running in each box), we further added some filters in the active discovery for the services in order to exclude common 'noisy' services & grab only the ones set to automatically start with the system. Our problem arrives when these 2 specific datasource start to impact the collector performance (due to the huge amount of wmi.queries), it starts to reflect on a huge consumption of CPU (putting that on almost 100% usage all the time) & that further leads to the decrease of the collector performance & data collection (resulting in request timeouts & full WMI queues). We also thought on creating 2 datasources (services/processes) for each client (with filters to grab critical/wanted processes/services for the client in question) but that's a nightmare (specially when you've clients installing applications without any notice & expecting us to automatically grab & monitor those). Example of 1 of our scenarios (1 of our clients): - Collector is a Windows VM (VMWare) & has 8GB of RAM with 4 allocated virtual processors (host processor is a Intel Xeon E5-2698 v3 @ 2.30Ghz) - Currently, it monitors 78 Windows servers (not including the collector) & those 2 datasource are creating 12 700 instances (4513 - services | 8187 - processes) - examples below This results in approx. 15 requests per second This results in approx. 45 requests per second According to the collector capacity document (ref. Medium Collector) we are below the limits (for WMI), however, those 2 datasource are contributing A LOT to make the queues full. We're finding errors in a regular basis - example below To sum this up, we were seeking for another 'way' of doing the same thing without consuming so much resources on the collector end (due to the amount of simultaneous WMI queries). Not sure if that's possible though. Did anyone had this need in the past & was able to come up with a different solution (not so resource exhaustive)? We're struggling here mainly because we come from a non-agent less solution (which didn't faced this problem due to the individual agent distributed load - per device). Appreciate the help in advance! Thanks,
  21. 2 points
    As an FYI - I have added the following OID to the datasource I have downloaded so that we can see the Maximum Session count (Raw Data) - this may be of use to others as well. alSslStatsMaxSessions - Description - "The maximum number current of active sessions at any one time."
  22. 2 points
    Thanks for getting this pushed through, with all that's going on at the moment it saved a little time in putting something like this together. & Thanks to @Sawer.lef for publishing in the first place
  23. 2 points
    Guessing it hasn't been approved yet. Below is the PowerShell script and the AppliesTo is 'auto.activedatasources =~ "HTTPS"' $URL = "https://" $URL = $URL + "##hostname##" try { [Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} $webRequest = [System.Net.HttpWebRequest]::Create($URL) $webRequest.KeepAlive = $false $webRequest.Timeout = 5000 $webRequest.ServicePoint.ConnectionLeaseTimeout = 5000 $webRequest.ServicePoint.MaxIdleTime = 5000 #$null = $webRequest.GetResponse() $null = $webRequest.GetResponse().Dispose() } catch [System.Net.WebException] { if ($_.Exception.Status -eq [System.Net.WebExceptionStatus]::TrustFailure) { # We ignore trust failures, since we only want the certificate, and the service point is still populated at this point } else { # Write-Warning $_.Exception.Message } } catch { # Write-Warning $_.Exception.Message } if (($webRequest.ServicePoint.Certificate) -and ($webRequest.ServicePoint.Certificate.Handle -ne 0)) { if ($ReturnCertificate) { # Write-Output $webRequest.ServicePoint.Certificate } else { $IssuerCN = $webRequest.ServicePoint.Certificate.Issuer.Split(', ',[System.StringSplitOptions]::RemoveEmptyEntries)[0].Split('=')[1] $SubjectCN = $webRequest.ServicePoint.Certificate.Subject.Split(', ',[System.StringSplitOptions]::RemoveEmptyEntries)[0].Split('=')[1] $ValidFrom = $webRequest.ServicePoint.Certificate.GetEffectiveDateString() $ValidTo = $webRequest.ServicePoint.Certificate.GetExpirationDateString() Write-Host "certificate.IssuerCN=$IssuerCN" Write-Host "certificate.SubjectCN=$SubjectCN" Write-Host "certificate.ValidFrom=$ValidFrom" Write-Host "certificate.ValidTo=$ValidTo" } $webRequest.ServicePoint.Certificate.Dispose() } [Net.ServicePointManager]::ServerCertificateValidationCallback = $null
  24. 2 points
    We need a way to be able to specify the Title of any graph when we are creating reports. The OOTB method uses a very un-discernable title for something simple as CPU USAGE. It displays: "WinCPU with instance * on datapoint CPUBusyPercent". Any client looking at this report is going to ask WTH does this mean? We need a way to be able to specify the %TITLE% on each Datasource we specify when building a report. IF you can add a column to the DataPoints section called Title: Example in the above report each category is titled with: CPU Usage % title is: WinCPU with instance * on datapoint CPUBusyPercent Memory Usage % title is: WinOS with instance * on datapoint MemoryUtilizationPercent Disk Usage % title is: WinVolumeUsage- with instance * on datapoint PercentUsed Bandwidth In: WinIf- with instance * on datapoint BytesReceivedPerSec Bandwidth Out: WinVolumeUsage- with instance * on datapoint PercentUsed None of these titles make any sense to anyone who's trying to read the graphs. Can we please just have a way to specify the title.
  25. 2 points
    Any thought to adding the ability to have overlays on the MAP widget? Maybe show major weather alert boxes or national radar overlays.
  26. 2 points
    Thinking about this, I would find useful if an acknowledgeded alert that is place into SDT could also become automatically unacked at the end of the SDT. (I'd also like the ability to limit SDTs to no later than n days from timenow.)
  27. 2 points
    Right now, ACK and SDT work, but miss important functionality. Please consider addressing all of these: * ACK should be able to expire (critical issues that should not be lost forever, or to set a maximum expected recovery time period -- not possible with SDT). * ACK should be able to clear if a worse condition occurs (in Nagios, this is a non-sticky ACK) * ACK and SDT notices should be shipped to custom email integrations (this one is a bug as far as I am concerned)
  28. 2 points
    ACK should be removable if determined it was checked incorrectly by a user.
  29. 2 points
    The use of screen real estate is horrible too. On my 15" Macbook Pro I can only see a handful of alarms at one time and clicking into the alarms is very tough to use since it uses that same small area for the alarm details. Need to find a way to hide the filter and move more of that stuff up on the screen.
  30. 2 points
    In my opinion the alerts New UI colours are terrible, please allow us to adjust them or create few other themes (dark theme or old grey theme worked great) to choose from.
  31. 2 points
    While not in a table but if it helps you can use the Gauge widget to show the current value and also show a Peak value for a particular period, including 24 hours. https://www.logicmonitor.com/support/dashboards-and-widgets/widgets/which-widget-should-i-use/gauge-widget/#id:peak-time-range-selection
  32. 1 point
    Looks like they have been approved, although no idea how to create a package with them all in so can supply the individual locators for each one addCategory_MacOS_SSH - FCHCFT / MacOS_SSH_CPUMemory - L2XZTW / MacOS_SSH_Info - 7DYF4E / MacOS_SSH_Filesystems - TKNF3L / MacOS_SSH_Uptime - 3K3NN6 / MacOS_SSH_mysql - PWDC6L / MacOS_SSH_Tomcat - M7NXF9 Hopefully these will be helpful for a few people!
  33. 1 point
    Yes, for Windows events you can do this -- we do as well. You lose the event detail, but it can alert only if N events in a window are seen (something customers ask for often). Even then, since the "collect every" value is not visible to the script, you have to take special care to ensure your event scan window and the collect every value are in sync. And this does nothing for any other type of event -- we have to use Sumo Logic (or other similar tools, like Graylog, etc.) to solve this problem in general.
  34. 1 point
    Oh, I'm bookmarking that link! It looks like there is an option for open(Host,user,pass), although I wouldn't suggest doing that though since that breaks convention. https://www.logicmonitor.com/support-files/javadocs/28606/com/santaba/agent/groovyapi/win32/WMI.html#open(java.lang.String,java.lang.String,java.lang.String)
  35. 1 point
    Creating the dynamic group was the key. Dashboard is now populating as expected. Thanks!
  36. 1 point
    Thank you for the feedback Stuart. Just dropped a message to him. Regards,
  37. 1 point
    I believe I found the solution. I'm pretty sure something changed at the API level b/c the stated query was working before. However, instead of using the 'dataSourceId' property I tried with the 'id' instead [seems a local ID at the device instead of the 'General' one]. It worked properly! Thanks anyway! Regards,
  38. 1 point
  39. 1 point
    I think LMService Insights (add-on) might cover your needs. It lets you group various parts of resources, checks and instances together.
  40. 1 point
    NOC widget is likely your best bet but for situations where I don't want to rely on an alert, I've used the (dynamic) table widget with State column but also use Color bars to simulate a NOC-like widget. For example you can have a State column where 0=OK and 1=BAD, have the color bars set like this: Min: 0, Max:1, Red >= 1. So when the state goes to 1 it will turn the cell red. There are some limits to this though. Like that you can only have 2 color bar columns and tables always sort by 1st column only.
  41. 1 point
    I'm going to check out the version we are on. In our sandbox we have 1 FPPR, but in our prod system we have 15-20.....I'm assuming that the versions are spread out but going to do some investigating. Thanks again Matt and Stuart!
  42. 1 point
    Do you have SPSE enabled? If that is enabled the collector will stream powershell scripts directly to 3 or so always running powershell instances, alteast in my testing. That would cause it to not show creds in commandline. It does cause it to write the script as-is to a ps1 file in the agent tmp folder (always does). It also might cause a problem with these long running powershell instances using up ram though. Something we have run into. P.S. I personally don't like how the collector writes scripts to files/logs already (with creds/properties baked in). I think it's much easier to get creds from files directly without much effort, less than digging into ram (which already requires process and/or admin-level permissions in windows). Then again I'm more sensitive about this since as an MSP, I don't have full control over the collector systems themselves. I try to use groovy because of this :)
  43. 1 point
    I would be great to have some sort of control over a given 'DataSource' running cycle. We can define the running interval however, we aren't able to define when it'll actually run. For the majority of the DataSources that isn't required, however, for specific DataSources it would be very useful to have that possibility. Regards,
  44. 1 point
    We want to be able to show our clients their device groups in LM, but that currently requires making a new role for every client user due to group visibility only being able to be modified on the role rather than on the user directly. If we could assign visibility directly to users, that would allow us to control all non-group viewing permissions for clients from a single unified role due to them having otherwise identical perms. There may be other ways to implement a solution to address this such as group inheritance, but the only option that currently exists is to manage hundreds of nearly identical roles, each one attached to a single client user. Any general updates to customer permissions (stuff that isn't related to device viewing permissions) right now requires changing permissions in those hundreds of roles to match each other rather than adjusting a single permission on a single role.
  45. 1 point
  46. 1 point
    Hey Cole, I work with David, We have been working on tackling the per-customer alert rules as well. If you're interested, we should talk via DM and exchange some ideas.
  47. 1 point
    @Sarah Terry - Resolved for us around 1530h (UK), but I did have to chase support a few times before it was escalated. Can I suggest LM should monitor this endpoint?
  48. 1 point
    I'd like a line graph to show alerts over time. In order of priority I would want to easily see specified groups of devices, then by device, and then by instance. This would greatly assist in identifying trends. This post hints at a cumbersome workaround, but the ability to see number of alerts over time is a basic necessity and should be easy to accomplish. https://communities.logicmonitor.com/topic/732-number-of-alerts-on-dashboard/ Ideally this would just be an eventsource or a datasource which could be easily applied to any group whether it be website, resource or device.
  49. 1 point
    The current method to disable monitoring for a device is to do it through the datasources applied to it. In a scenario where I need to disable monitoring for about 50 devices, it is a lot of manual work to do it this way. A button similar to the "Enable Alerting" button for every device would make this a lot easier. Clicking that button should not remove the device from the system, but should turn off all monitoring for that device and should be capable of being turned on again.
  50. 1 point
    We've come across an issue where it would be really helpful to disable active discovery at the device level and/or the parent folder level. The issue popped up when we added lots of APC UPS devices to LogicMonitor. For some odd reason, the UPS's trigger "Unauthorized Access" alerts when snmp gets/walks are run against them for OID's that don't exist or are not applicable to them. So now, they are spamming the network team everytime an snmp datasource triggers active discovery even when that datasource will never apply to the device. In the case of these UPS's, a one time or ad hoc discovery is totally sufficient.