Mosh

Members
  • Content Count

    555
  • Joined

  • Last visited

  • Days Won

    83

Everything posted by Mosh

  1. Hi @Sarah Terry Is there any way to set the location property using a PropertySource script? My use case is that we want to assign the value to the location property based on parsing of the names of our devices.
  2. Hi @Antony Hawkins I don't see the trace route ConfigSource in my LM Config sources, nor in the 108 repo?
  3. Please, please add a search feature to the Recipient Groups view. It's so infuriating that this one view doesn't have a search option.
  4. A workaround using the !groovy command: def sout = new StringBuilder(); def serr = new StringBuilder(); // Shell command for your OS def proc = 'cmd.exe /c tracert www.google.com'.execute(); proc.consumeProcessOutput(sout, serr); // Adjust timeout as needed proc.waitForOrKill(20 * 1000); println "out> $sout err> $serr"
  5. Please add the name of the collector to the debug console screen. The ID in the URL is not very user friendly.
  6. The events will still be collected as an SDT does not stop alerting, but the SDT should cancel your escalations.
  7. A simple module that uses Expect to connect to a device and check if the device is in active or standby state based on the command prompt string. I implemented this because some of our devices were failing over to standby, which is fine, but we need to know when it happens as in some cases we have different bandwidth capacity. The module simply returns a 0 or a 1, depending on active or standby state. J9RFA2
  8. What I would love to be able to do is run a Groovy script on alerts between the Alert Rules and Escalation stages of alert processing so that the alert message can be enriched or additional custom logic can be used to determine if the alert should proceed to Escalation stage (the script could return a true or false to control whether the alert processing continues normally or is aborted). Example use case, alert is triggered > alert rule is matched > script checks CMDB and change management calendar, returns false if CI is in change or true to continue to Escalation.
  9. Do you mean the hyperlink in the mail that takes the user to the alert acknowledge page?
  10. @Chris Seiber Hi, sure will do. Do you guys track downgrades by customer? I'm going to downgrade all of mine to 27.000 as another one had a sudden CPU spike last night and crashed.
  11. I believe the two parameters "start" and "end" are the epochs to use for the "time" parameter. Could be that omitting these means current time is automatically used. If you wanted to narrow the time period to check for data, you should be able to play with these two params.
  12. Has anyone else experienced any issues with Collector 27.002? I updated our SNMP collector (8G RAM, about 600 devices) a few days ago and twice it has gone down with memory maxing out. Have downgraded back to 27.000. I did a Send Logs to LogicMonitor, if it helps.
  13. Just a suggestion, Jenkins has a really good REST API which can be used to trigger task automations. Could use the LogicMonitor generic HTTP integration to trigger a Jenkins task.
  14. With v108 we have the timezone per user functionality. To make it easier to administer users, please add a timezone column to the listview of users in Users & Roles.
  15. This has occurred several times for us, though it's hard to reproduce on demand. If the user is in the process of resizing a column in the alert widget and the widget updates, then all column settings are lost. We have to go into the widget configuration, then column settings to re-check the columns to display. Please prevent the alert widget (or any widget with columns that can be resized) from updating if the widget is in column resize mode.
  16. Hi @LanceiT1, Have you configured your SonicWall to export flows to one of your LogicMonitor collectors? By default LogicMonitor collectors listen for flows on port 2055, so be sure to configure 2055 as the destination port in your SonicWall. (And, of course, make sure any firewall rules are in place if there are any firewalls in the path of the flows.)
  17. Please make the number items on the Big Number widget hyperlinks to the instances from which the datapoints are configured in the widget. This would save having to go into the widget config to check where the value is coming from. Our operators instinctively expect to be able to click the item and be navigated to the source of the datapoint.
  18. (BTW, re SNMP, I ended up implementing a uptime via SNMP poll just to alert if there is no SNMP response.)
  19. There's no documentation, however, I can see these REST endpoints are invoked by the Traffic view: Top Talkers /santaba/rest/device/devices/{deviceID}/topTalkersGraph?netflowFilter={}&end=1532968403&start=1532961173&time=2hour&_=1532968368909 Endpoints /santaba/rest/device/devices/{deviceID}/endpoints?filter=type%3A"destination"&sort=-usage&time=2hour&start=1532961173&end=1532968403&netflowFilter={}&size=10&offset=0&_=1532968368905 Ports /santaba/rest/device/devices/3942/ports?sort=-usage&time=2hour&start=1532961306&end=1532968536&netflowFilter={}&size=10&offset=0&_=1532968503441 Flows /santaba/rest/device/devices/{deviceID}/flows?sort=-usage&time=2hour&start=1532957720&end=1532964950&netflowFilter={}&size=10&offset=0&_=1532964896784
  20. @mnagel Do you mean the flow data as it appears in the Traffic view?
  21. Thanks @Kerry Here's a tip on how I simplified our use of the REST API. I setup some "API" dashboards that would act to serve data to our REST calls. I use the Get Widget Data REST method (/dashboard/widgets/{widgetID}/data) from our custom application to fetch data from the widgets on the API dashboards (mainly alert widgets). The reason for doing this is that we can easily control the data the REST method returns by configuring the filters in the widgets. This is much easier than having to update our application code if we want to make a quick change. My Google Apps Script library started from this post I made last year. I have an equivalent library for ServiceNow. These are all server side, and the HTML page in our app makes asynchronous calls to the Google Apps Script server side functions which return the JSON back to the client side JavaScript. It's short and just implements the REST call for Get Widget Data: var MonitoringDataProvider = { Widget : { Events : { /* Widget IDs */ APAC : 721, ASIA : 736, EMEA : 680, AMERICAS : 735, GLOBAL : 737 } } }; var MonitoringDataService = { API : { ROOT_CONTEXT : "https://<yourdomain>.logicmonitor.com/santaba/rest" }, getResource : function(params) { var LM_API_CONTEXT = this.API.ROOT_CONTEXT; var LM_ACCESS_ID = "<your access ID>"; var LM_ACCESS_KEY = "<your access key>"; var httpVerb = "GET"; var epoch = new Date().getTime(); var signatureMessage = httpVerb + epoch + params.resource; var signatureBytes = Utilities.computeHmacSha256Signature(signatureMessage, LM_ACCESS_KEY, Utilities.Charset.UTF_8); var signatureHex = HexUtils.convertByteArrayToHex(signatureBytes); signature = Utilities.base64Encode(signatureHex, Utilities.Charset.UTF_8); var authorization = "LMv1 " + LM_ACCESS_ID + ":" + signature + ":" + epoch; var headers = { "method" : "GET", "contentType" : "application/json;charset=utf-8", "headers" : { "Authorization" : authorization } }; switch (params.type) { case "alerts": var url = LM_API_CONTEXT + params.resource + "?size=1000&fields=" + params.fields + "&filter=" + params.filter; break; case "metric": var url = LM_API_CONTEXT + params.resource; break; } var response = UrlFetchApp.fetch(url, headers); json = response.getContentText(); return json; }, getEventsWidgetData : function(widgetId) { var params = { resource : "/dashboard/widgets/##WIDGET_ID##/data", fields : "internalId,startEpoch,ackedEpoch,severity,acked,ackComment,monitorObjectId,monitorObjectName,monitorObjectGroups,dataPointName,alertValue", filter : "", type : "alerts" }; params.resource = params.resource.replace("##WIDGET_ID##", widgetId); var json = MonitoringDataService.getResource(params); return json; } }; function getMonitoringEventData(widgetGeography) { return MonitoringDataService.getEventsWidgetData(MonitoringDataProvider.Widget.Events[widgetGeography]); }
  22. Mine are very tailored for our global operations center. We have business/infrastructure service specific ones as well as a general IT Opeations view. We have an alert management view for our legacy on-premises IT Operations team which organises alerts into three buckets, that the first image below. The second is a custom app I built with Google Apps Script which uses the REST API to bring in events from LogicMonitor and ServiceNow. This view is usually on the big screens and the app allows us to add custom logic, for example, correlating change requests with alerts, and de-duplicate alerts, and also present our own severity colors.
  23. Please move the Manage gear icon to the left of the Users list view to be consistent with rest of UI. It also irritates and confuses our users when the icon is hidden when the list view overflows (due to items where the Roles column has mutiple items), because it's on the right hand side.
  24. We want to do a similar thing for Windows Updates, i.e. check when a Windows machine last did an update. This only needs to happen once a day.