Michael Horwath

Members
  • Content count

    15
  • Joined

  • Last visited

Community Reputation

2 Neutral

About Michael Horwath

  • Rank
    Community Whiz Kid
  1. Fortigate missing interfaces

    Think this is doing better now based on the alias added to the interface.
  2. Container

    Put the datasource up on GitHub - it's an XML file - and we can all win!
  3. Utilize all data found in AWS Cost and Usage reports

    This would be fantastic! I will +1 this!
  4. Dependencies or Parent/Child Relationships

    As I used to tease before: Nagios can do this..
  5. Number of alerts on dashboard

    You're very welcome! Bummer the XML didn't load
  6. Collector "data collecting task" equivalent for netflow

    This sounds awesome
  7. SNMP tuning with Juniper Networks devices

    BTW: thanks for linking that PDF - never seen that one before and it has some good info in it.
  8. SNMP tuning with Juniper Networks devices

    I don't think that SNMPv3 is really worth it in the private enterprise where everything is already hidden behind firewalls and RFC1918 networks. The data being gathered really isn't all that sensitive. DMZ? Yeah, that's a place for it just in case but in the private network area I think SNMPv3 is overkill. Just my opinion. Last gig I was at I worked hard removing SNMPv3 from all of the private stuff with 98% of the issue being with getting the other engineers to understand the lack of privacy issues involved with private networking. I have a juniper stack in my lab (3xEX4200) that I am hitting regularly with SNMPv2 without hiccup or problem. Perhaps move away from SNMPv3 where you do not need it?
  9. Allow grouping by datasource

    This is a pretty cool idea. Maybe LM could make a function like DatasourceIncluded("Apache-") or something similar.
  10. Juniper Netflow configuration examples

    We don't disagree on anything - just our configurations are very different in implementation but working on both sides.
  11. Enhanced Reports with Graphs and Alert Trending

    Oh my - didn't see this earlier but I think I have your answer via If you have questions then please ask.
  12. Juniper Netflow configuration examples

    Hmm... The below worked just fine - EX4200 stack running 12.3R6.6 Unfortunately this is quite busy with NFS and iSCSI traffic so you mostly see that. I should adjust things for different flow samples and perhaps remove the interfaces handling storage for a better view of things. I also have this working from Fortigate firewalls which works great as it is all about the Internet and cross-zone traffic and the storage network doesn't flow through. protocols { ... sflow { agent-id xxx.xxx.xxx.249; polling-interval 20; sample-rate { ingress 20; egress 20; } source-ip xxx.xxx.xxx.249; collector xxx.xxx.xxx.218; interfaces ge-0/0/0.0; interfaces ge-0/0/1.0; ... interfaces ge-2/0/22.0; interfaces ge-2/0/23.0; } }
  13. Need a forum where we can share custom data sources.

    This will be awesome! I have a few I'd like to contribute.
  14. Number of alerts on dashboard

    I might have an easier way.. Call this script directly then parse the output. I included my datasource I created as well as XML for input into a datasource in your portal. To have this for multiple 'groupIds' you may need to change things up (a little perl changes) by perhaps using a groovy script to pass in a variable (groupId?) for the different customers you wish to build this for. Shouldn't be hard. #!/usr/bin/env perl ### this is the perl script you should call to output the count ### as needed # replace username with an administrative username # replace the password with .. the password of the user # example below works # don't forget to update the groupId as needed! Perhaps make it # a passed parameter via groovy script directly $userName="mike"; $password="pass.w0rd"; $sitename="sitename"; $siteurl="site.logicmonitor.com" $groupId="1"; $curlopt="'https://$siteurl/santaba/rpc/getAlerts?c=$sitename&u=$userName&p=$password&hostGroupId=$groupId'"; $curlrun="env curl -s $curlopt"; # Now we have the command to run $alertwarn=; $alerterr=; $alertcrit=; open(FILE, "-|", $curlrun) or die $!; while (<FILE>) { $alertwarn++ if /warn/; $alerterr++ if /error/; $alertcrit++ if /critical/; } close $handle; $alerttotal=$alertwarn+$alerterr+$alertcrit; print "warning:" . $alertwarn . "\n"; print "error:" . $alerterr . "\n"; print "critical:" . $alertcrit . "\n"; print "total:" . $alerttotal . "\n"; <?xml version="1.0" encoding="UTF-8" ?> <feed version="1.0" hasPendingRequests="false" > <company></company> <status>200</status> <errmsg>OK</errmsg> <interval></interval> <entry type="predatasource"> <version>1391573679</version> <name>Count Alerts</name> <displayedas>_Count Alerts</displayedas> <description>Count number of alerts from LogicMonitor. Gathers warnings, errors, criticals, and a total number.</description> <collector>script</collector> <hasMultiInstances>false</hasMultiInstances> <schedule>600</schedule> <appliesTo>system.hostname == &#34;insert-IP-here&#34; or system.hostname == &#34;insert-FQDN-here&#34;</appliesTo> <wildcardauto>false</wildcardauto> <wildcardpersist>false</wildcardpersist> <wildcardlinuxscript></wildcardlinuxscript> <wildcardlinuxcmdline></wildcardlinuxcmdline> <wildcardwinscript></wildcardwinscript> <wildcardwincmdline></wildcardwincmdline> <wildcardgroovyscript></wildcardgroovyscript> <wildcardschedule>1440</wildcardschedule> <wildcarddisable>false</wildcarddisable> <agdmethod>none</agdmethod> <agdparams></agdparams> <group></group> <tags></tags> <technology></technology> <adlist><![CDATA[{"id":0,"agdmethod":"none","params":{},"agdparams":"","filters":[]}]]></adlist> <attributes> <attribute> <name>scripttype</name> <value>file</value> <comment></comment> </attribute> <attribute> <name>scriptgroovy</name> <value>import com.santaba.agent.groovyapi.expect.Expect; import com.santaba.agent.groovyapi.snmp.Snmp; import com.santaba.agent.groovyapi.http.*; import com.santaba.agent.groovyapi.jmx.*; import org.xbill.DNS.*;</value> <comment></comment> </attribute> <attribute> <name>windowsscript</name> <value></value> <comment></comment> </attribute> <attribute> <name>linuxscript</name> <value>/usr/local/logicmonitor/agent/lib/count-alerts.pl</value> <comment></comment> </attribute> <attribute> <name>windowscmdline</name> <value></value> <comment></comment> </attribute> <attribute> <name>linuxcmdline</name> <value></value> <comment></comment> </attribute> </attributes> <datapoints> <datapoint> <name>alertwarn</name> <dataType>7</dataType> <type>2</type> <postprocessormethod>namevalue</postprocessormethod> <postprocessorparam>warning</postprocessorparam> <usevalue>output</usevalue> <alertexpr>&#62; 100</alertexpr> <alertmissing>1</alertmissing> <alertsubject></alertsubject> <alertbody></alertbody> <description></description> <maxvalue></maxvalue> <minvalue></minvalue> <userparam1></userparam1> <userparam2></userparam2> <userparam3></userparam3> <iscomposite>false</iscomposite> <rpn></rpn> <alertTransitionIval>2</alertTransitionIval> <alertClearTransitionIval></alertClearTransitionIval> </datapoint> <datapoint> <name>alerterror</name> <dataType>7</dataType> <type>2</type> <postprocessormethod>namevalue</postprocessormethod> <postprocessorparam>error</postprocessorparam> <usevalue>output</usevalue> <alertexpr>&#62; 35 50</alertexpr> <alertmissing>1</alertmissing> <alertsubject></alertsubject> <alertbody></alertbody> <description></description> <maxvalue></maxvalue> <minvalue></minvalue> <userparam1></userparam1> <userparam2></userparam2> <userparam3></userparam3> <iscomposite>false</iscomposite> <rpn></rpn> <alertTransitionIval>2</alertTransitionIval> <alertClearTransitionIval></alertClearTransitionIval> </datapoint> <datapoint> <name>alertcritical</name> <dataType>7</dataType> <type>2</type> <postprocessormethod>namevalue</postprocessormethod> <postprocessorparam>critical</postprocessorparam> <usevalue>output</usevalue> <alertexpr>&#62; 4 4 5</alertexpr> <alertmissing>1</alertmissing> <alertsubject></alertsubject> <alertbody></alertbody> <description></description> <maxvalue></maxvalue> <minvalue></minvalue> <userparam1></userparam1> <userparam2></userparam2> <userparam3></userparam3> <iscomposite>false</iscomposite> <rpn></rpn> <alertTransitionIval>2</alertTransitionIval> <alertClearTransitionIval></alertClearTransitionIval> </datapoint> <datapoint> <name>alerttotal</name> <dataType>7</dataType> <type>2</type> <postprocessormethod>namevalue</postprocessormethod> <postprocessorparam>total</postprocessorparam> <usevalue>output</usevalue> <alertexpr></alertexpr> <alertmissing>1</alertmissing> <alertsubject></alertsubject> <alertbody></alertbody> <description></description> <maxvalue></maxvalue> <minvalue></minvalue> <userparam1></userparam1> <userparam2></userparam2> <userparam3></userparam3> <iscomposite>false</iscomposite> <rpn></rpn> <alertTransitionIval>5</alertTransitionIval> <alertClearTransitionIval></alertClearTransitionIval> </datapoint> </datapoints> <graphs> <graph> <name>Alert Trending</name> <title>Alert Trending</title> <verticallabel>number</verticallabel> <rigid>true</rigid> <maxvalue>NaN</maxvalue> <minvalue>0.0</minvalue> <displayprio>1</displayprio> <timescale>1day</timescale> <base1024>false</base1024> <graphdatapoints> <graphdatapoint> <name>alertcritical</name> <datapointname>alertcritical</datapointname> <cf>2</cf> </graphdatapoint> <graphdatapoint> <name>alerterror</name> <datapointname>alerterror</datapointname> <cf>2</cf> </graphdatapoint> <graphdatapoint> <name>alerttotal</name> <datapointname>alerttotal</datapointname> <cf>2</cf> </graphdatapoint> <graphdatapoint> <name>alertwarn</name> <datapointname>alertwarn</datapointname> <cf>2</cf> </graphdatapoint> </graphdatapoints> <graphvirtualdatapoints> </graphvirtualdatapoints> <graphdatas> <graphdata> <type>2</type> <legend>Total</legend> <color>black</color> <datapointname>alerttotal</datapointname> <isvirtualdatapoint>false</isvirtualdatapoint> </graphdata> <graphdata> <type>1</type> <legend>Warnings</legend> <color>yellow</color> <datapointname>alertwarn</datapointname> <isvirtualdatapoint>false</isvirtualdatapoint> </graphdata> <graphdata> <type>1</type> <legend>Errors</legend> <color>orange</color> <datapointname>alerterror</datapointname> <isvirtualdatapoint>false</isvirtualdatapoint> </graphdata> <graphdata> <type>1</type> <legend>Criticals</legend> <color>red</color> <datapointname>alertcritical</datapointname> <isvirtualdatapoint>false</isvirtualdatapoint> </graphdata> </graphdatas> </graph> </graphs> <overviewgraphs> </overviewgraphs> </entry> </feed>
  15. Clone Devices

    Why not set the properties in the group for all devices added to same group?