Kerry DeVilbiss 0 Report post Posted October 9, 2018 (edited) LogicMonitor Portal Metrics is a DataSource that queries the API of a specified LogicMonitor portal for overall statistics such as device, collector, and alert counts. It was originally written by fellow Sales Engineer @Jake Cohen, and updated by Monitoring Engineer @Julio Martinez (credit where credit is due!) It can be useful for tracking the activity within an account over time. The recommended/ required method for implementing the DataSource is as follows: Download the LogicMonitor Portal Metrics DataSource from the LogicMonitor Repository using locator code J7RGZY. Add a new device to your account in Expert Mode - use 'logicmonitor.account' in place of IP Address/ DNS and whatever you'd like for the Display Name (LogicMonitor Portal, for example.) - This device won't respond to standard DataSources, so you'll probably want to do some alert tuning once it's been added. Add properties to the device to allow the DataSource to authenticate. The required properties are: lmaccount (LogicMonitor account name - without the logicmonitor.com at the end) lmaccess.id (LogicMonitor API Key Access ID) lmaccess.key (LogicMonitor API Key Access Key) Once those properties are in place, the DataSource should automatically apply to the new device. Download the LogicMonitor Portal Metrics dashboard from Github. Let us know what you think! Edited October 9, 2018 by Kerry DeVilbiss nametags Quote Share this post Link to post Share on other sites
Tom Lasswell 21 Report post Posted October 11, 2018 @Kerry DeVilbiss this is awesome. Question for y'all on this, the total alert count looks to be maxing at 800. I haven't done any troubleshooting yet to see if that's just what it's reporting, but curious if that's a limitation somewhere in the script. Quote Share this post Link to post Share on other sites
Tom Lasswell 21 Report post Posted October 11, 2018 Found it it's in the call to LM, int itemsPerPage = 800 Quote Share this post Link to post Share on other sites
Mosh 115 Report post Posted October 12, 2018 Cool. We do a similar thing for alert volumes in each of our regions, the types of alerts (based on data points) and the alert acknowledgements by operator. Quote Share this post Link to post Share on other sites
Joe Tran 23 Report post Posted October 15, 2018 We recently received and deployed a datasource we got from @Jake Cohen that also displays the number of Cloud devices monitored by a Collector, which is important for my leadership to understand our account utilization/commit metrics. I would highly encourage "LogicMonitor Portal Metrics DataSource from the LogicMonitor Repository using locator code J7RGZY" also incorporate this datapoint. Quote Share this post Link to post Share on other sites
Joe Williams 5 Report post Posted December 5, 2018 This datasource is exactly what we are looking for, but there is one problem. It isn't returning the proper counts for alerts. I tried adjusting the two variables int maxPages = 5 int itemsPerPage = 800 But the most I could get is 1000. Our current count is 9079 Warnings, 415 Errors and 284 Criticals, but everything gets moved to all equal 1000. Even when I adjust the two variables to a much higher rate. Quote Share this post Link to post Share on other sites
Joe Williams 5 Report post Posted December 5, 2018 I can't seem to edit my post. It appears the paging parameters aren't working, most likely the offset. Quote Share this post Link to post Share on other sites
Antony Hawkins 0 Report post Posted December 6, 2018 (edited) @Joe Williams the alerts count paging works differently to other calls. I don't know why, but it does: https://www.logicmonitor.com/support/rest-api-developers-guide/v1/alerts/get-alerts/ Quote Note: The response 'total' will be a negative number if there are additional alerts that satisfy the request criteria that weren't included in the request, and that "at least" that number of alerts exist. For example, if you request the first 500 alerts and you have 3000 alerts in your account, the response may include total=-1000 (i.e. you have at least 1000 alerts, but you didn't ask for them all). Therefore, your recursion to fetch additional alerts should run if the 'total' is a negative number. Something a bit like this (NOT complete code): // Enclosure to GET alerts for a Group def GETGroupAlerts(groupWildvalue,filterString='',offsetPassed=0) { /* ... define url including size, fields, filters etc and make API call for alerts. Initial offset will be zero as per default passed parameter. Hardcode size to be 1000 as this is the maximum number of results the API will return from one call. */ /* ... actually use the above to make the API call... */ // Parse the API response and put the results into a map, something like: if (code == 200) { // 200 response code (OK), meaning credentials are good. Slurp... def allResponse = new JsonSlurper().parseText(responseBody); def alertCount = allResponse.total; // LOOP THROUGH RESULTS: allResponse.items.each { alert -> alertsMap << [ (alert.id) : [ severity : alert.severity, sdted : alert.sdted, acked : alert.acked, ], ]; } if(alertCount < 0) { /* // DEBUG println 'we ought to go get some more...'; println 'alertCount: ' + alertCount; println 'size: ' + size; println 'offset: ' + offset; println 'size + offset: ' + (size + offset); // END DEBUG /**/ alertsMap << GETGroupAlerts(groupWildvalue,filterString,(size + offset)); } } return alertsMap; } //---------------------------------------------------------------------------------------- Whenever you finally get a response with a positive 'total' number, you're at the end of the alerts list, the recursion will stop, and you'll have one alertsMap object with all the alerts in it, which you can then do whatever you like with. Note the above bits of code are from a script that uses the API v2 data structure. Note also, the hacked out chunks above are nothing like a complete script. Note graph values match Alerts tab values: Edited December 6, 2018 by Antony Hawkins Quote Share this post Link to post Share on other sites
Joe Williams 5 Report post Posted December 6, 2018 @AnthonyH That was it. if (response.data.total > 0) { break } With that at the bottom instead of the original and I took out another portion it now works flawlessly. Quote Share this post Link to post Share on other sites
Kevin Ford 4 Report post Posted March 29 Thank you, Kerry, for making this available! I made a minor change to fix pulling of alert metrics, available at GJNN46. I also included an optional, commented-out variation of the function that processes alert metrics to account for SDT, resulting in numbers similar to those shown on the Alerts tab in LogicMonitor's sidebar. Using that would also make available a new metric - 'SDTedCount' - with the number of active alerts in SDT. (You'd need to add that metric as a datapoint if you try that alternate function.) Quote Share this post Link to post Share on other sites