Eric Singer

Members
  • Content Count

    42
  • Joined

  • Last visited

  • Days Won

    5

Community Reputation

10 Good

About Eric Singer

  • Rank
    Community Whiz Kid

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. I think it would be really helpful if we could utilize active discovery scripts and what not for cases where there is no instances per se. The "applies to" is simply too inflexible to be used as the sole discovery method. For example, simply checking for the existence of a WMI class would be a great way to ensure we're only applying a data source to devices where that datasource apply.
  2. Eric Singer

    Dashboard Linked Clones

    I feel your pain, which is why i simply dug into Powershell + the API's to deal with creating and updating dashboards.
  3. Eric Singer

    PSA: Collect from windows systems without admin rights

    Hi, Wanted to provide an update. Unfortunately, I've been finding a number of missing data sources. They're not always easy to spot, but one perfect example is anything that's monitoring a windows service. I have a fix for that, but it's still not a complete fix. There are many services (such as the cluster service) that are limited to only to local admins / system. So even if you follow the fix I'll share, you still aren't going to get all the services. At this point, it doesn't even seem if you had a local LM account without admin rights that you would get everything without more work. As for monitoring services, you need to run this command once on each host you want to monitor. Start-Process -FilePath "sc.exe" -ArgumentList "sdset SCMANAGER D:(A;;CCLCRPRC;;;AU)(A;;CCLCRPWPRC;;;SY)(A;;KA;;;BA)S:(AU;FA;KA;;;WD)(AU;OIIOFA;GA;;;WD)" -Wait -NoNewWindow
  4. Eric Singer

    PSA: Collect from windows systems without admin rights

    What I ended up doing was taking all the individual actions MS recommended in their task and add them into a single powershell script that i called without any parameters. I called their script inside that script. For example, i created a folder using GPP on the local system called "remote wmi access" I then copied MS script "set-wmi....." I then copied custom script with the below commands in it to the same folder Finally, I had my schedule task call the custom script locally, so "powershell.exe -file "customscript.ps1" . "c:\scripts\Remote WMI Access\Set-WMINameSpaceSecurity.ps1" -namespace root/cimv2 -account “domain\Group or user” -operation Add -permissions Enable . "c:\scripts\Remote WMI Access\Set-WMINameSpaceSecurity.ps1" -namespace root/cimv2 -account “domain\Group or user”” -operation Add -permissions RemoteAccess Restart-Service winmgmt -force
  5. Eric Singer

    PSA: Collect from windows systems without admin rights

    Sorry for any confusion. The LogicMonitor collector service must still run as a local admin account, at least as far as i'm aware. The solution is to allow that collector to remotely pole Windows devices with a service account that isn't a local admin. Meaning: Collector Server Name = WinCollector Collector Account = UserCollector Remote Server to Poll = "RemoteServerIWantToPoll" The account "UserCollector" must be a local admin on the server "WinCollector" BUT the service account "UserCollector" doesn't need to be a local admin on server "RemoteServerIWantToPoll".
  6. Eric Singer

    Read only agent / collector

    Hi @Tanvir have you seen my more recent thread I've been running this for a few weeks and so far it's working well.
  7. Eric Singer

    PSA: Collect from windows systems without admin rights

    I wanted to add one more step, you also need to add that same account you're delegating access to in the MS article to the "performance monitor users" local group as well. Then restart the collector.
  8. Don't know if anyone else noticed, but MS released a pretty slick script that enables WMI access remotely without admin rights. I have done a brief test with LM and it seems to be working well. https://blogs.technet.microsoft.com/askpfeplat/2018/04/30/delegate-wmi-access-to-domain-controllers/ That's the article. I created an AD group instead of a user to delegate, and I put the LM collector service in that group. Everything else I've followed as documented. I haven't tested anything else, but this alone is a huge step in the right direction.
  9. Eric Singer

    FYI: LM can trigger ESXi 6.5 hostd to crash

    No KB that i'm aware of. Their RCA was... Good Morning! Here is the root cause our Engineering has identified, Looking at the threads in hostd, we see that there are lots of threads blocked on the lock of the host managed object. 11 threads (threads 12, 14, 15, 16, 17, 18, 19, 20, 21, 26, 27) were blocked trying to read-lock the host. The thread that holds the read lock is thread 2. It is blocked in some vsan. A code in the GetRuntime() property decided to perform some RPC operations and blocked waiting on a condition variable. This caused a deadlock. This depends on whether the event that the vsan stub was waiting for would be generated from an I/O thread (in which case the thread would eventually be unblocked), or the event needed a worker thread to be generated (in which case it would be a deadlock by thread starvation). As the root cause for the bug is that a piece of VSAN code which is causing a deadlock, our Engineering is working with vSAN team to get the insight of the respective property.
  10. Eric Singer

    FYI: LM can trigger ESXi 6.5 hostd to crash

    Only for hosts directly added
  11. Hi, I just got done working with VMware support on an issue where our ESXi 6.5 hostd process would crash during a booting phase. We eventually traced it back to a bug in some vSAN code that LM monitoring is polling.. It doesn't matter if you're running vSAN in your environment or not. Our work around has been to disable host level monitoring in LM for our ESXi hosts for now and it's been stable ever since. The expected fix is scheduled for release in Q3 2018 from VMware.
  12. Eric Singer

    Instance Groups - Use for Filtering

    Not sure if I'm looking for exactly what you are,but I think it's similar. Figured I'd put it here as a starting point. I'd like the ability to easily filter instances in dashboards based on instance properties. For example, if I have a VM performance datasource. Show me all VM's with the property "auto.vmhost" = Host1
  13. Eric Singer

    API call, get ALL devices

    Hi Sarah, I don't think LM is inherently alone in your thought process. LDAP for example only returns the first 1k results in a search, and both exchange and active directory powershell cmdlets also limit the default results returned. However, their parameters support a specific number of devices defined by the user or they support an "unlimited" parameter to return all results. That is what I'd like to see. Have a default of 300, but make a parameter where I can enter an integer of my choosing or "unlimited" to retrieve all devices. I as a user would know if I'm saying return all devices that it might take a while. The use case is simply for auditing and comparisons. For example, I want to make sure all servers in my vmware system are monitored, or I want to make sure all systems in my active directory are monitored. The only other way to do that is loop through an array of devices and make individual queries, as opposed to comparing to arrays. We have found a way to work around, seems you guys support a device count and you support an index location. So we've kind of kludged together a work around, but its not ideal.
  14. Eric Singer

    API call, get ALL devices

    Hi, I have a teammate working on some API calls to help us manage our environment a bit better. One thing he noted is that LM doesn't allow us to make a single API call which returns all devices? Wanted to see if there was a way to accomplish this, or if this is a limitation that's going to be lifted? Thanks, Eric
  15. Eric Singer

    Read only agent / collector

    I would also like to add that if we're going to need a full blown collector, that I think even a "nano" sized collector is overly large for single device monitoring. I'd ideally like to see something in the 512MB or less memory wise and 1 vCPU. if all its doing is monitoring locally, I would like to assume it doesn't need a ton of resources. Of course that a big assumption. Admittedly, 512MB is an arbitrary number I made up, but something less than 2GB for sure.