When we launched LM Logs in November of 2020, we knew the product would aid in reducing troubleshooting time and identifying root causes to enable a more proactive approach to not only monitoring and planning, but also taking action. After talking with our customers and understanding what they needed in order to accelerate their business transformation, we focused on a few key enhancements in Q3.
TL;DR – Lumber Bob highlights the top features:
- 1 Year Retention – Maximize data hygiene and internal compliance initiatives.
- Hot Storage – Access any logs, at any time.
- Log Collection – More possibilities for logs for unmonitored resources, and additional service coverage in the cloud space.
- Search and Filtering – Ease of use enhancements to help you get the information you need, when you need it, and share it with the right users, at the right time.
Want the long version? Let’s dive into some of the enhancements we’ve made in the last quarter.
Log Collection Improvements
On the infrastructure side, we’ve added more flexibility to Syslog collection with additional filtering capabilities, support for UDP and TCP communications, and a backup mapping resource. To those unfamiliar with LM Logs, each log message is correlated to a monitored resource in LogicMonitor, providing unified logs and metrics. In the event a log message cannot be correlated to a resource, you may now choose a default resource to correlate with at the time of ingestion. This opens up more possibilities for logs of unmonitored resources.
Windows Events and Kubernetes Events collection have been improved. Previously, only Kubernetes Pod logs could be collected. Now you can configure the LM Collector to collect Kubernetes event logs (and Windows too).
Lastly, we’ve continued to add more service coverage in the cloud space. Some added services include AWS RDS, VPC Flow Logs, Kinesis Data Stream and Firehose, GCP Cloud Run, and CloudSQL logs. On the Azure side, we’ve added templates to make it quick and easy to configure Azure log ingestion. There are three templates to click on (seriously, it’s super easy), each configuring different components in Azure. The first button deploys the Azure function and creates the Event Hub, the second creates a managed identity, and the third configures log forwarding to the Event Hub.
Search and Filtering
We have a lot of great improvements coming to search and filtering at the end of Q4, but I’d like to showcase some of the minor changes that help set up some of those upcoming changes.
Saved Searches
Users now have the ability to save a search, similar to how you would save a view on the LM Alerts page. Saved searches will soon have the ability to be shared with other users and results will be tracked over time.
Alert Level Filtering
Log pipeline alerts have always been a popular feature in LM Logs, and we’ve enhanced that experience by including log alert level counts in the logs graph alongside the total number of logs and anomalies. Log messages that satisfy a pipeline alert condition also have an alert icon in the logs table. And did we forget to mention that resource groups can be added to pipeline alerts too? Creating alert conditions with the ability to apply them dynamically with resource groups was one of our most requested features – give it a try today!
Log Details
Speaking of the logs table, we’ve made changes to make it easier to view all of the data you need. The log message can be expanded in line to view longer log messages. You can also click on a log row and a details panel will pop up at the bottom of the page. The detail panel contains the full log message along with log fields and metadata information like resource groups and other metadata ingested with the logs.
Tiered Retention
In August, we released our 1-year log retention option to go along with the 30-day retention option. The tiered retention options (30d, 1y) help customers running critical production and compliance-sensitive environments meet any of your data retention needs for internal compliance, risk mitigation, and data hygiene. What’s even better is that all LM Logs data is available whenever you need it (hot storage) without having to store the data somewhere else or wait for log reingestion.
Quick Recap
To recap, we’ve added more flexibility and stability with log collection, improved the way you can view and filter your data, and enhanced our log retention options to meet your data requirements. This is just the beginning for LM Logs and we can’t wait to show you what we have planned for the end of Q4 and into 2022!
