David Lee

LogicMonitor Staff
  • Content count

    20
  • Joined

  • Last visited

Community Reputation

0 Neutral

About David Lee

  • Rank
    Community Whiz Kid
  1. Adtran Netvanta Switch Configsource

    Hi, There are no stock configsources but if you hop onto support chat and ask for me, (UK hours) I would be glad to assist you in writing one for you. David
  2. Cisc SG500X ConfigSource Script now working

    Dan, You will probably get a faster response by contacting support, feel free to ask for me if you would like, I have worked with configsources a lot and have a few tricks to try, I took a look at your devices but wasnt sure which ones were these switches. David
  3. Google Analytics Datasource?

    Hi, You may be interested to know we have 2 Beta datasources Google_Analytics_RealTime_Stats Google_Analytics_PageStats Which if you contact support can be imported into your account. The need a bit of set up setup for Google Analytics Datasources: Step-by-step guide (a)The following items must be included in the Device Properties analytics.client.id analytics.clientsecret.pass analytics.refreshtoken.pass system.categories -> GoogleAnalytics (1) Follow these steps in order to get an Access Token and the Refresh Token. On your browser, log-in at Google with the account you want to use to access Analytics info. (2) Visit https://code.google.com/apis/console . Click on create a "project". Search for "Analytics API" and click 'Enable'. Afterwards, navigate to Credentials -> OAuth Consent Screen. Choose the 'email address' and 'Product name shown to users' and save. (3) Create Credentials -> OAuth Client ID. Application Type: Other Input any name (i.e. : LM Client ID) (4)You should now be presented with a Client ID & Client Secret. (5) Navigate to the following URL and insert the correct Client ID. https://accounts.google.com/o/oauth2/auth?scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fanalytics&redirect_uri=urn:ietf:wg:oauth:2.0:oob&response_type=code&client_id=INSERT_CLIENT_ID_HERE You will be presented with a screen to allow access and code string you will need to copy and save. (6) Go into a terminal and paste the following cURL command. curl -H "Content-Type: application/x-www-form-urlencoded" -d 'code=INSERT_CODE_STRING_HERE&client_id=INSERT_CLIENT_ID_HERE&client_secret=INSERT_CLIENT_SECRET_HERE&redirect_uri=urn:ietf:wg:oauth:2.0:oob&grant_type=authorization_code' https://accounts.google.com/o/oauth2/token (7)The output of the previous cURL command should be a JSON response similar to the following: {code:json} { "access_token" : "ya29.AH3afsdfasdfjhahskjhskkskjh", "token_type" : "Bearer", "expires_in" : 3600, "refresh_token" : "1/HH9E7dfdf4saf3wah7899a8sd989" } {code} (8)You should now have the ClientID, Client Secret & Refresh Token. Insert these into the device properties to get the datasource properly working.
  4. 497 days and counting........

    You might have received an alert saying your linux based device has just rebooted, but you know that it has been up a long time. A switch might have just sent an alert for every interface flapping when they have all been up solidly. The important question to ask here is how long has the device been up? If its been up for 497 days,994 days,1491 days or any multiple of 497 then you are seeing the 497 day bug, that hits almost every linux based device that is up for a good length of time. Anything using a kernel less than 2.6 computes the system uptime based on the internal jiffies counter, which counts the time since boot in units of 10 milliseconds, or jiffies. This counter is a 32-bit counter, which has a maximum value of 2^32, or 4,294,967,296. When the counter reaches this value (after 497 days, 2 hours, 27 minutes, and 53 seconds, or approximately 16 months), it wraps back around to zero and continues to increment. This can result in alerts about reboots that didn’t happen and cause switches to report a flap on all interfaces. Systems that use 2.6 Kernel and properly supply a 64 bit counter will still alert incorrectly when the 64 bit counter wraps. A 32 bit counter can hold 4,294,967,295( /4,294,967,295864000/8640000 = 497.1 days) A 64 bit counter can hold 18,446,744,073,709,551,615 . (18,446,744,073,709,551,615/8640000 = 2135039823346 days or 5849424173 years) Though I expect in 6,000 million years we will all have other things to worry over.
  5. SDT for minor alerts

    Hi, Should also add the Kris wants to maintain alerts on critical items so putting devices into SDT or even certain datasources wont assist him. He only wants to disable warning/errors
  6. Windows Drive Space Alerts

    Windows Drive Space Alerts By default, LogicMonitor alerts on the percentage used on any drive. This in general is fine, but sometimes not. Let’s imagine you have a 2.2 terabytes drive. You might have your critical threshold set at 90%, which sounds fine, until you realise that you are going to get a critical alert when you still have 220 GB free. In my case that would be a cause for some celebration, not really an urgent need to get up at 3 A.M. and delete files so the world doesn’t end. Now Imagine your 2.2TB drive is divided up as: C: 10 GB (OS) D: 500 GB (Mission critical applications) E: 1 TB (Backups) F: 510 GB (Other Applications) A 90% alert will give you a critical at 1GB,50GB,100GB and 51GB respectively. Now the C: drive may be a cause for concern, but the others not so much. The two application drives you might only be concerned if they have less than 4GB free and the backup less than 10GB. So, we decide to alert on the following C: freespace is <1 GB D: freespace is <4 GB E: freespace is <10 GB F: freespace is <4 GB You could clone the datasource so you have four copies one for each drive but this is harder to maintain in the future and does not scale well. It would be better if you could somehow get the drive letter and assign a threshold based on that. Logicmonitor’s scripted complex datapoint using groovy to the rescue. The disks datasource queries the class Win32_Volume. We need to use the raw drive letter output from the WMI class so would write a groovy script like: Drive=output["DRIVELETTER"]; return(Drive); This returns C:,D:,E: and F: Not much use as Logicmonitor doesn’t deal with text, only metrics. Let’s beef up the script. drive = output['DRIVELETTER']; freeSpaceLowerLimitGigabyte = '0'; if (drive == 'C:') {freeSpaceLowerLimitGigabyte = '1';} if (drive == 'D:' || drive == 'F:') {freeSpaceLowerLimitGigabyte = '4';} if (drive == 'E:') {freeSpaceLowerLimitGigabyte = '10';} return freeSpaceLowerLimitGigabyte; This returns 1,4,10 and 4 for each drive, now we have a complex datapoint that returns the lowerlimit in GB for each drive dependant on the drive letter. Again, we can’t alert on this so we need another datapoint So we can use this to check if freespace is less than the freeSpaceLowerLimitGigabyte. To do that create a CapacityAlert datapoint using this expression if ( lt (FreeSpace, FreeSpaceLowerLimitGigabyte * 1024000000) , 1, 0) Which breaks down as if freespace is less than the assigned limit for that drive letter then return 1 (which you alert on.) Otherwise return 0. Alert threshold set at = 1 1 1, and we get critical alerts if: C: freespace is <1 GB D: freespace is <4 GB E: freespace is <10 GB F: freespace is <4 GB
  7. SQL query

    Hi Idan, "1. Add value to the server properties so I can see it under the info." You can use a property source here, leveraging groovy to connect to your SQL and make a query which will then be dispalyed under info. https://www.logicmonitor.com/support/other-logicmodules/propertysources/creating-propertysources/
  8. AT&T Uverse Internet Router Support

    Hi Christopher, any device that has a webpage interfce with metrics on it can usually be quiered with our http datasources which can use regex datapoints to pull out metrics. https://www.logicmonitor.com/support/datasources/data-collection-methods/webpage-httphttps-data-collection/ If you have a device in your portal that serves a webpage, support can take a look and determine if this type if datasource would be what you need, and create a datasource request for you, or assist you in creating a datasource yourself. David
  9. IBM db2 Moniotring using Logic Montior

    Hi, There is a sample jdbc datasource for DB2 avilable, if you would like to contact support, they can have it installed into your account. Once you do so you just have to add the queries you want and and valid datapoints.
  10. Mosh, configsources use a script to connect to the devices and as such the script task queue already reflects this information for you. Looking at this in more detail can show scripts being queued and times taken by the configsources. Although this might not differentiate between some normal scripts and configsources it would allow you to see if the queue was too much for the collector FYI, the above graph doesnt show scripts as it is a top ten and scripts are lower than that on that particular collector.
  11. High WMI Task Queue

    Hi Ben, https://www.logicmonitor.com/support/settings/collectors/using-the-collector-debug-facility/ Uing the collectors debug facility detailled in this help page can show you which devices are failing to respond to wmi. The command to use would be !tlist c=wmi This will show a long list of all wmi tasks on all 56 devices, search through for any that do not say OK, (a good tip here is to use control-F and search for "WMI query task failed")and the relevant device name will be shown along with an error message, If you need further help just hop onto chat where I or a colleague would be glad to help you, I had a look at your collector and can see several hosts failing wmi but I obviously wont paste them in here as this is a public forum. David
  12. Disk Datasource "no data" on one server

    Hi Mac, LMsupport would love to assist you with this issue, but we are not certian which portal is yours. FYI, you should really raise a chat request these forums are not monitored routinely by support engineers. David
  13. SNMP Serial Number to Info Tab

    Hi Josh, It's been a while since your request, sorry I didnt spot this a couple of months ago. We have propertysources now, a simple groovy script will do this for you. def hostname = hostProps.get("system.hostname") def OID_contact = "1.3.6.1.2.1.1.4.0" // the OID we want def contact = Snmp.get(hostname, OID_contact); println "contact=" + contact def OID_system_name = "1.3.6.1.2.1.1.5.0" // the OID we want def system_name = Snmp.get(hostname, OID_system_name); split_name=system_name.tokenize( '.' ) println "system_name=" + split_name[0] def OID_location = "1.3.6.1.2.1.1.6.0" // the OID we want def location = Snmp.get(hostname, OID_location); println "location=" + location return 0 If you need any further pointers hop onto chat, David
  14. New Ticket 101

    Helping us to help you Our job here at Logicmonitor technical support is to help you in your day-to-day work. Whether your report isn’t emailing out, a device is not responding to WMI or you don’t understand why a particular alert is occurring – we’re here to help. But when you submit a ticket it is usually in a queue, being British I love queues! But the support team hate making people wait so anything we can do to make the queue smaller means you must wait less for a response. So here are some tips to help us help you faster. Write a Descriptive Summary Use wording in the subject of your email or the summary of the web form that states what the specific problem is and what you are seeing. Try using something like this: Alert LMD12345 on device myhost for SQL does not appear to be correct Instead of this: False Alert??? When our team sees the first ticket we can immediately route it to one of our team members who has more experience with SQL. The second line requires us to open the ticket and read the details. Details, Details, Details! In the body of the email (or the details section of the web form) put all the relevant details to the problem that you can think of. Anything you may know that is relevant will help our team get to this faster. Try to include · The device name or service name · The alert ID of relevant alerts · The datasource name · The full URL of the page where an issue can be seen such as the device URL, or a datasource URL. · Any debug commands you have tried, if any · If the issue happens on a regular time basis when is that? · If it’s a UI issue what browser have you tried? · When did you first notice this? · What datasources do you believe should be on a particular host? Include everything you can and help us resolve your issue in a timely manner. Follow Up “My ticket has been open for three days and no solution provided as yet.” We do our best to answer tickets as they come in. Sometimes we are faster than others. Often we need to co-ordinate with our development team to fix an issue. A good way to update your ticket is to reply to the ticket email. Creating a new ticket asking about an old ticket means we have to find the older ticket, find out who that was assigned to, merge the tickets and notify whoever was dealing with your ticket. Replying straight to the original ticket goes straight to the person who was dealing with your request and can be a lot faster.
  15. We sometimes see datasource scripts with passwords in the body of their script. For testing this is fine, but in production datasource scripts, passwords in plain view isn’t just bad, it should be a cardinal sin. You can use Powershell to secure a password by creating a PSCredential object that uses the cmdlet Get-Credential and stores the output into a file. Note that it saves as a System.Security.SecureString. Now you can use the file in your script: $hostname= "##HOSTNAME##" $pass= Get-Content "\\Encryptedfile.txt" $user= "##PS.USER##" $password1= ConvertTo-SecureString -String $pass When your script is finished just run it in powershell GUI to check it works fine. Make sure you alter our tokens to the correct values. We had a recent case that when the collector tries to run the datasource script it failed. The below error was in the logs. New-PSSession : [PROD-TP-DB01] Connecting to remote server HOST failed with the following error message : WinRM cannot process the request. The following error with errorcode 0x8009030e occurred while using Negotiate authentication: A specified logon session does not exist. It may already have been terminated. Possible causes are: -The user name or password specified are invalid. -Kerberos is used when no authentication method and no user name are specified. -Kerberos accepts domain user names, but not local user names. -The Service Principal Name (SPN) for the remote computer name and port does not exist. -The client and remote computers are in different domains and there is no trust between the two domains. The script is failing with an authentication error. Even though it works fine in the Powershell GUI. The reason for this was the account the collector ran under. PowerShell uses the Windows Data Protection API (DPAPI) to encrypt/decrypt your strings. That means if you created the file using one user account only the same user account on the same computer will be able to use this encrypted string. So the collector account cannot read the file Encryptedfile.txt. We proved this by running the Powershell GUI under the same account your collector uses. So make sure that you create the file using the same account. Keep in mind that if you change the collector account, the script will fail. It is possible that you can encrypt the file using a machine key, which means any user on the collector can use the file and decrypt it, but that’s for another post!