Joe Tran

Members
  • Content Count

    112
  • Joined

  • Last visited

  • Days Won

    12

Community Reputation

19 Good

About Joe Tran

  • Rank
    Community All Star

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. It looks like without instances, the Alert Threshold report does not list the datasource at all.
  2. So it looks like while the UI hides datasources without instances and the API will not list the datasource when querying for /device/groups/{groupId}/datasources, the API will still accept PUT/PATCH operations for that datasource id /device/groups/{groupId}/datasources/{datasourceId}/alertsettings Hopefully that persists when the datasource finds a blocking session!
  3. I have a version of the "Oracle_DB_BlockedSessions" datasource template deployed and set an alert threshold on a complex datapoint that accounts for WAIT_TIME and SECONDS_IN_WAIT. Here is the complex datapoint expression for those curious--- if( eq(if(un(WAIT_TIME),0,WAIT_TIME), 0), if(un(SECONDS_IN_WAIT_RAW),0,SECONDS_IN_WAIT_RAW), 0) If the complex datapoint has a value over 300 seconds, an alert triggers with all the enriched instance-level autoProps from the Active Discovery script. All other aspects of this template mirror the gold-standard version--including enabling the "Automatically Delete Instance" option. Enter Client X, and they are comfortable with a threshold of 900 seconds. How can I set this custom threshold at a resource group for Client X when they don't currently have any blocking sessions? If I do manage to catch and set this Alert Tuning customization when Client X has a blocking session, will this alert tuning get wiped out when the DSIs are removed automatically? I suppose the Active Discovery script could be modified to always output a dummy instance... but that leaves an unpleasant taste in my mouth. Aside from cloning the datasource just for Client X, are there any other alternatives? And no, I do not want to alert off of the "Oracle_DB_BlockedSessionOverview" template because a it doesn't do a good job of discerning between one really long blocking session versus sequential and short-lived sessions that happen to exist at the time of the poll.
  4. Joe Tran

    Swagger Doc help adding a customProperty to a device

    I don't typically use the /device/devices/{id}/properties/{name} endpoint but i would give the following a try: # Construct URL $resourcePath = "/device/devices/2332/properties/Failover.Cluster.ParentGUID" $url = $URLRoot + $resourcePath $data = ` @" { `"type`" : `"custom`" , `"name`" : `"Failover.Cluster.ParentGUID`" , `"value`" : `"$ClusterID`" } "@ $response = Send-Request ` -accesskey $accessKey ` -accessid $accessId ` -URL $url ` -data $data ` -httpVerb "PUT" The type key might not be needed. The SwaggerDoc on this endpoint is weird. It literally says that the POST method is supported but all the keys in the model are readOnly?
  5. For /device/devices the inheritedProperties objects should include a key-value pair that identifies the hostGroupId that object is inherited from Example { "status": 200, "errmsg": "OK", "data": { "total": 1, "items": [ { "name": "hostname", "inheritedProperties": [ { "name": "keyname1", "value": "value1", "inheritedFromHostGroupId": 2 } ] } ] } } I'm not super tied to the name of the proposed key 😉 Thanks!
  6. Joe Tran

    Rest Filter Device Group not set property

    Yup, customProperties object only has directly assigned props. What you do what are the inheritedProperties for the /device/devices API endpoint-- $queryParams = '?fields=inheritedProperties,name,id&size=1000&filter=inheritedProperties.name:servicenow.companyid,inheritedProperties.value:DefaultCODE'; P.S. Thanks for bringing this up. I've been trying to find where the "aws.accountid" is grouped under and lo' and behold it's an inheritedProperty!
  7. Resurrecting this feature request to make any such helper class available to PropertySources and any other LogicModule that supports embedded Groovy scripts. I was just asked by a fellow engineer if we could track when specific proprietary software is updated and correlate that with system metrics. A PropertySource would be ideal for this type of version tracking--we would just need to be able to create OpsNotes from within the embedded Groovy.
  8. Joe Tran

    Mobile App

    I don't. I just use the site in a mobile browser set to request the desktop site. A better mobile experience would be great though.
  9. Joe Tran

    Dashboard Linked Clones

    As I sit here, hitting Clone on a dash for 80+ client-centric dashes, half-way realizing a more efficient way of setting up the filter on a singular widget--I need this.
  10. Joe Tran

    Location setup

    What type of report are you running? If this is a custom report using data from the REST API, the location property wouldn't be a customProperties property in this particular scenario, but an inheritedProperties property. IIRC, the Device Inventory report type in the Reports UI, should be able to give you inherited properties without issue.
  11. P.S. If I have not gone crazy in my line of thinking, please update the REST API Documentation to include descriptions/methods/models etc for /setting/alert/internalalerts resources. 😀👋
  12. I will admit that I had completely forgotten that External Alerting was a thing. When we first started with LogicMonitor (like 3+ years ago), someone at LogicMonitor had mentioned External Alerting as a potential solution for a random use-case and I had immediately disregarded out of hand--favoring a Custom HTTP Delivery integration instead. Fast forward to now and this post, and all this recent talk about self-heal and actions and an idea was sparked. Some internal partners are building automation tools to resolve issues and are pretty comfortable with some DIY. Originally, I had figured I would have to get them setup with an AWS Gateway+Lambda function that can receive alerts triggered which would then start a cascade of custom code, in the correct AWS VPC, to self-heal--but why bother when we have external alerting right? The client environments that I monitor and that these internal partners manage have dedicated collectors in each client environment. Just assign that client's collector to that client's resource groups, throw in a broker-like script that takes in necessary resource metadata, datasource, and execute the necessary remediation scripts. Disregard any alerts for datasources not supported by our self-healing project. This assumes that I'm interpreting External Alerting correctly. The key thing for this to work for my use case would be the ability to have External Alerting AND our normal Alert Rules apply to the same resources/alerts. The Alert Rules would still be responsible for delivering the alert to our ticketing system. Timing of when Alert Rules would trigger and when External Alerting would trigger would be nice. The support center page for this makes it seem the collector polls the resource group at regular, but unknown, intervals. The Alert Rules would populate alert with the ##externalticketid## and it would be neat to have the External Alerting also take that in as a parameter to update said ticket. I would also need to know if the script executed from this is subject to timeouts, concurrency limits, etc or if there is a limit to the number of External Alerting configs. Am I way off base?
  13. Joe Tran

    Radical Suggestion for Web Sites

    So they already renamed Devices to Resources. I can only hope this feature request is on the horizon 😉. Totally not wishful thinking, right? 😅
  14. I need to spend more time in a non-admin role 😑. It looks like all users, despite what is defined in "User Access" for their roles, are able to list other users via Dash Sharing and Reports Schedule. We feel that should not be the case. I would only want my coworkers to be able to do this, NOT my clients who should not be aware of each other (at least not through our monitoring application).
  15. I've opened a case with support and in the meantime, I've gone through all our client user accounts and disabled their access to Reports until we get this sorted out.