Search the Community

Showing results for tags 'security'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • From LogicMonitor
    • Product Announcements
    • LM Staff Contributions
    • Community Events
  • LogicMonitor Product Discussion
    • Feature Requests
    • LM Exchange
    • Ask the Community

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me

Found 9 results

  1. @Sarah Terry Please address urgently. These new verbose error dialogs expose the WMI password. Ideally I'd like a Settings options to disable such verbose error messages, or restrict them by role. (Also can these dialogs be more responsive, no a 1920x1080 screen these appear as narrow panels in the middle.)
  2. Curious if anyone is leveraging LM for first line Ransomware detection. Reading indicators typically include a high number of file name changes on the server/PC. Seems like that would be something that LM could help us identify early on and alert out to take action before additional servers are compromised. Looks like a working number is about 4 renames a second for the threshold. Thanks, Mitch
  3. I know I've brought this up before, but I'd like to bring it up again. LM's requirement that collectors run as local admins (or system) is a GAPING security hole in your product. No amount of certificate signing, or other like security measures are a replacement for running a collector or an agent as a read only account. The fact is, with every security measure you take, if the collector is running as an admin account or a system account, its going to be exploitable in one way or another. Having the signed scripts and what not, would be great, but really it shouldn't be the primary focus I
  4. Problem I have a datasource that collects information from the LogicMonitor API. In order for this to work correctly I need a valid user on the LM platform with a valid API token. I can see two potential paths forward. Case 1 - Use my existing account as the datasource author with my API token. This has a big downside that if I have to leave the company for any number of reasons and my account gets disabled this datasource will stop working and is customer facing. This is probably not so good. Case 2 - Create a 'service account' inside LogicMonitor that can have its' own API tok
  5. Our team has verified that secure syslog forwarding (via TLS) is not supported currently and would like to submit a feature request to LogicMonitor DEV team to asses whether secure syslog forwarding can be implemented. An example will be syslog-ng forwarding secure (i.e. encrypted) syslog messages to LogicMonitor collector. https://www.balabit.com/documents/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/concepts-tls.html This will enable centralized logging server to forward secure syslog messages to LogicMonitor collector then. Thanks & Best Regards, H
  6. It would be great if I could create a user role that had power user capabilities but without the ability to escalate their own account to the administrator level. The role would need to have permissions to create new users.
  7. We sometimes see datasource scripts with passwords in the body of their script. For testing this is fine, but in production datasource scripts, passwords in plain view isn’t just bad, it should be a cardinal sin. You can use Powershell to secure a password by creating a PSCredential object that uses the cmdlet Get-Credential and stores the output into a file. Note that it saves as a System.Security.SecureString. Now you can use the file in your script: $hostname= "##HOSTNAME##" $pass= Get-Content "\\Encryptedfile.txt" $user= "##PS.USER##" $password1= ConvertTo-SecureString
  8. Hi, As much as i love the graphs and visuals that LM produces for all sorts of metrics, unfortunately a big part of our monitoring is keeping an eye on Windows Event Logs, which i have to say LM is not that good at. Adding exceptions is a pain (i now have so many i often delete them by accident when adding new ones). I have been told this is in the pipeline for the new UI several times but it has not been mentioned as yet. My first line guys check our gfi & LM dashboard every morning and i hear time again that they prefer the gfi one for looking at Event log messages. I have even
  9. We need to be able to grant a user to be able to see only select or tagged instances of a datasource. For example VM statics inside a vcenter. We have Instance Groups with the tags by group or client. Need to be able to link users to see those. or a new security Tag we can add.