Kerry DeVilbiss

LogicMonitor Staff
  • Content Count

  • Joined

  • Last visited

Everything posted by Kerry DeVilbiss

  1. In December of 2019, Microsoft published a release announcing upcoming changes to LDAP channel binding and LDAP signing requirements for domain controllers. This is a good thing (!) , as one Microsoft blogger puts it: However ... security requires preparation, and this particular change means Windows administrators will want to configure servers before the patch is applied. If you're managing dozens or hundreds of servers, identifying which resources need attention could be a time consuming proposition. Luckily (per the post above) we have a couple methods to look for vulnerable domain controllers. So, with that in mind, the LogicMonitor DataSource Win_LDAP_Binding_Security uses PowerShell (specifically, Get-WinEvent) to comb through the (first 10,000 events of) Directory Services log for the presence of events with Event IDs 2886 and 2887 (and generates an alert if it finds anything.) Which again, means: Hopefully this saves somebody some time - and helps bring visibility to a potentially important security vulnerability in the network! Win_LDAP_Binding_Security should be available shortly via locator code FJDAJZ
  2. Hey @adilorenzoPrivia, Looks like we are about to release version 2.0 of the SonicWall ConfigSource - when your account gets updated to v.129 (updates are happening over the next week), you can import it from the ConfigSource repository. Hope that helps ... should be just around the corner! Cheers, Kerry
  3. Hey @PeterMattsson, I think we've had folks run into this before, it sounds familiar. Tokens can be used pretty extensively in a Custom HTTP Integration, so in theory, you could do something like: Write a scripted DataSource (applied to a Collector or other 'dummy' resource) that goes through the OAuth2 token refresh flow with the external API (we can help find an example of an OAuth flow if needed) Have this same scripted DataSource reach out to the LogicMonitor API and set the token as a property at the root of the account / wherever (auto.integration.api.key) Use the custom property value as a token in the API authentication of your Custom HTTP Integration (##auto.integration.api.key##) Takes a little bit of work - but should get the job done. Hope that helps. Cheers, Kerry
  4. I was recently attempting to use a Raspberry Pi 4 as a streaming/ display mechanism for 1080p security camera footage - when I noticed a little temperature gauge flashing at the top of the display. Gee, I thought, it would sure be swell if: a) I knew what that meant, and 2.) I had some visibility into the temperature of this Pi, so I don't burn yet another hole in my workbench. Thus was born RaspberryPi_CoreTemperature, an SSH-based datasource that uses the VideoCore General Command (vcgencmd) to monitor the core temperature of a Raspberry Pi. This module was developed on Buster, the command is also present in previous builds of Raspbian. Locator Code: Y6EY62
  5. Hey @Phillip, As @Cole McDonald noted, you can use a virtual datapoint with the Ping datasource in something like the custom graph widget - here's the expression you would want to use: if(lt(average,100),unkn,average) Which says "If the average ping round trip time is less than 100ms, return an unknown value (so it doesn't get graphed,) otherwise return the actual value of the datapoint." Hope that helps! Cheers, Kerry
  6. Hi @Lothy, Yes, the integration(s) will continue to be supported on New York - I believe our apps are in the process of/ have already been certified for New York, but I would need to double-check with our product team. (We are running the integrations with several New York instances without any issue.) Thanks, Kerry
  7. Hey, We don't (at this time...) have that type of functionality built into the platform. However, one idea that might help is to set an alert threshold for "too much uptime." In other words, if you're patching a group of resources once a month, and the servers should be rebooted at least that often, clone an uptime datasource, apply it to the subset of servers you want, and set an alert threshold on "uptime greater than thirty days." One could probably do some creative things with scripting, DataSources, and the collector; but given that we're talking about rebooting servers, I recommend being exceedingly cautious with any efforts in that area. Cheers, Kerry
  8. They should be available for all accounts - I would try reaching out to our chat support - they should be able to help with this right away. If you run out of luck there, let me know and I can grab those locator codes for you. Thanks, Kerry * Just in case, I went ahead and grabbed these. FYI though, the latest/ greatest will always be the repository (!) Module Name Version Locator Code Linux_SSH_CPUCores 1.2 HTHH4C Linux_SSH_CPUMemory 1.1 C3KH9F Linux_SSH_Filesystems 1.1 EJHMRX Linux_SSH_NetworkInterfaces 1.2 E693TD Linux_SSH_NetworkTCPUDP 1.1 CLMGCE Linux_SSH_Uptime 1.1 7ADDAY
  9. Hey @SeanC, You should be able to pull down all the modules via the UI - they are all published to our core repository and start with Linux_SSH_* See for additional information. Let me know if you can't pull them into your account and we can share the locator codes, if need be(!) Cheers, Kerry
  10. @Ron - we have some "beta" Rubrik datasources that are available - I would suggest reaching out to your customer success manager and they can help facilitate adding those to your account. I'm not seeing anything for Cohesity but it looks like they have an SNMP agent available, so you could potentially tackle it that way. *Edit - I saw your other post, the beta datasources do use the Rubrik API (and not SNMP.)
  11. @Blake - apologies for the delay here - those modules were in flux for a little bit - now that we've published a set of new modules to the official repository, I've updated the Unifi dashboard to use the lastest / greatest: The download is available at Cheers, Kerry
  12. For anyone else who might be interested, you can now download this integration from the following location: Cheers, Kerry
  13. Hi @geekguy234, LogicMonitor is actually a software-as-a-service infrastructure performance monitor-ing company, but as such, we do have quite a few technical people with some potential recommendations. In general, the recommendations lean towards an IPS panel (for color accuracy,) and if budget allows, adaptive synchronization tech like FreeSync for gaming. You can often find good prices on Dell monitors in your stated range - for example, Amazon is offering a 24" Dell IPS Panel for about ~$210 right now... otherwise Reddit can be a good source of deals, if you keep an eye out. Also, we find The Wirecutter and Rtings generally have solid recommendations, if you're looking for some deeper analysis. Hope that helps! Best of luck in your search. Cheers, Kerry
  14. @Archana - that functionality is not currently available in the product. I will relay your request to our product team, and feel free to also reach out to your customer success manager to open a request. Best, Kerry
  15. @Archana - the widgets you mentioned (Big Number, Table) are generally intended to show current-moment-in-time metrics, so they need to pull from the "latest" datapoint. Sounds like you are requesting that they pull from the latest datapoint *within* the configured time period, is that a fair assessment? If you can provide more details about your use case we can probably advise further. Cheers, Kerry
  16. Hey @Richard Collisn - apologies for the delay! Due to popular demand, I'm actually in the middle of cleaning these up and checking for any new available data right now; I'll be sure to reach out as soon as I've done so. (Should be within the next week or two.) Cheers, Kerry
  17. Our Monitoring team released Cisco Firepower DataSources (+ PropertySource) to the core repository last night - check your portals for the download! Cheers, Kerry
  18. @Blake - not yet for the API, unfortunately. I've looked around but haven't been able to find anything yet; will be sure to update the repository if/ when that happens and make sure someone reaches out. I believe that they can also ingest LogicMonitor alert emails, but acknowledge that's less than ideal.
  19. In a little bit of a low profile announcement, we released the ability to import and export Custom HTTP integrations in LogicMonitor v.118! Using the collective available knowledge, I've sanitized and exported a handful of them as examples and/or starting points for anyone looking to utilize these solutions. See my 'LogicMonitor Integrations' Github repository to review and download the .JSON files for import to your LogicMonitor portal. Currently published integrations include: - Big Panda (Two Parts) - Freshdesk - Hipchat Server - Microsoft Teams - Neptune IO - OpsGenie - Status.IO - VictorOps - Zendesk
  20. @dharrison - they are available in the core repository (see my post above.)
  21. @mnagel - thanks for the catch - updated the published JSON, appreciate it!
  22. @Tanvir - I just published an example, as well - uses the latest versions of all the NetApp Cluster datasources.
  23. @Thangadurai - you might take a look at our External Alerting feature - it has the ability to send alerts from a collector to an external resource (like Splunk.) I don't know how selective you are trying to be, so this might be overkill, but take a look! Cheers, Kerry
  24. @Simon - I would reach out to our chat support for assistance on this.
  25. @Mike Moniz - sounds like maybe you've seen this - one of my colleagues wrote a scripted datasource that looks for stopped services, tries to restart them, and then reports back to LogicMonitor. (Which is nice, but not ideal as you've highlighted above.) There are no limit to the amount of integrations you can have, but our custom webhooks come from the SaaS portal, so getting "back to the device" is one of the major challenges here. We've tossed around the idea of sending webhooks to an orchestration tool that is accessible from the internet, but then we're just adding layers of complexity (and it's a hard strategy to officially endorse from the LM side.) I will offer that Actions are currently on our roadmap for the end of this year/ beginning of next year, so hopefully we'll see some officially productized functionality in this area in that timeframe. Cheers, Kerry