Recommended Posts

LogicMonitor Portal Metrics is a DataSource that queries the API of a specified LogicMonitor portal for overall statistics such as device, collector, and alert counts. It was originally written by fellow Sales Engineer @Jake Cohen, and updated by Monitoring Engineer @Julio Martinez (credit where credit is due!) It can be useful for tracking the activity within an account over time.

portalmetrics.thumb.png.57ff987c6f7fe8badb1e1f2ac4c1df1e.png

The recommended/ required method for implementing the DataSource is as follows:

  1. Download the LogicMonitor Portal Metrics DataSource from the LogicMonitor Repository using locator code J7RGZY.
  2. Add a new device to your account in Expert Mode - use 'logicmonitor.account' in place of IP Address/ DNS and whatever you'd like for the Display Name (LogicMonitor Portal, for example.)
  3. - This device won't respond to standard DataSources, so you'll probably want to do some alert tuning once it's been added.
  4. Add properties to the device to allow the DataSource to authenticate. The required properties are:
  • lmaccount (LogicMonitor account name - without the logicmonitor.com at the end)
  • lmaccess.id (LogicMonitor API Key Access ID)
  • lmaccess.key (LogicMonitor API Key Access Key)
  1. Once those properties are in place, the DataSource should automatically apply to the new device.
  2. Download the LogicMonitor Portal Metrics dashboard from Github.
  3. Let us know what you think!
Edited by Kerry DeVilbiss
nametags

Share this post


Link to post
Share on other sites

@Kerry DeVilbiss this is awesome. Question for y'all on this, the total alert count looks to be maxing at 800. I haven't done any troubleshooting yet to see if that's just what it's reporting, but curious if that's a limitation somewhere in the script.

image.thumb.png.ae9af8b7775fe134ef9bea34413363d8.png

Share this post


Link to post
Share on other sites

Cool. We do a similar thing for alert volumes in each of our regions, the types of alerts (based on data points) and the alert acknowledgements by operator.

Share this post


Link to post
Share on other sites

We recently received and deployed a datasource we got from @Jake Cohen that also displays the number of Cloud devices monitored by a Collector, which is important for my leadership to understand our account utilization/commit metrics. I would highly encourage "LogicMonitor Portal Metrics DataSource from the LogicMonitor Repository using locator code J7RGZY" also incorporate this datapoint. 

Share this post


Link to post
Share on other sites

This datasource is exactly what we are looking for, but there is one problem.

It isn't returning the proper counts for alerts.

I tried adjusting the two variables

    int maxPages = 5
    int itemsPerPage = 800

But the most I could get is 1000. Our current count is 9079 Warnings, 415 Errors and 284 Criticals, but everything gets moved to all equal 1000. Even when I adjust the two variables to a much higher rate.

Share this post


Link to post
Share on other sites

@Joe Williams the alerts count paging works differently to other calls. I don't know why, but it does:

https://www.logicmonitor.com/support/rest-api-developers-guide/v1/alerts/get-alerts/

Quote

Note: The response 'total' will be a negative number if there are additional alerts that satisfy the request criteria that weren't included in the request, and that "at least" that number of alerts exist. For example, if you request the first 500 alerts and you have 3000 alerts in your account, the response may include total=-1000 (i.e. you have at least 1000 alerts, but you didn't ask for them all).

 

Therefore, your recursion to fetch additional alerts should run if the 'total' is a negative number.

Something a bit like this (NOT complete code):

// Enclosure to GET alerts for a Group
def GETGroupAlerts(groupWildvalue,filterString='',offsetPassed=0)
{
	/*
	... define url including size, fields, filters etc and make API call for alerts.
	Initial offset will be zero as per default passed parameter.
	Hardcode size to be 1000 as this is the maximum number of results the API will return from one call.
	*/

	/*
	... actually use the above to make the API call...
	*/

	// Parse the API response and put the results into a map, something like:
	if (code == 200)
	{
		// 200 response code (OK), meaning credentials are good. Slurp...
		def allResponse = new JsonSlurper().parseText(responseBody);
		def alertCount = allResponse.total;

		// LOOP THROUGH RESULTS:
		allResponse.items.each
		{ alert ->
			alertsMap << [
							(alert.id) : [
											severity 	: alert.severity,
											sdted		: alert.sdted,
											acked		: alert.acked,
										],
						];

		}

		if(alertCount < 0)
		{
			/*
			// DEBUG
			println 'we ought to go get some more...';
			println 'alertCount: ' + alertCount;
			println 'size: ' + size;
			println 'offset: ' + offset;
			println 'size + offset: ' + (size + offset);
			// END DEBUG
			/**/
			alertsMap << GETGroupAlerts(groupWildvalue,filterString,(size + offset));
		}
	}
	return alertsMap;
}
//----------------------------------------------------------------------------------------

Whenever you finally get a response with a positive 'total' number, you're at the end of the alerts list, the recursion will stop, and you'll have one alertsMap object with all the alerts in it, which you can then do whatever you like with.

Note the above bits of code are from a script that uses the API v2 data structure. Note also, the hacked out chunks above are nothing like a complete script.

Note graph values match Alerts tab values:

 

5c0912fc62204_ScreenShot2018-12-06at12_15_36.thumb.png.9da0d96aebc07c84063b424c7e278b1f.png

Edited by Antony Hawkins

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now