v.135 Release: LM Container Upgrade; New Monitoring for Fortinet
Last updated on 14 September, 2022v.135 Highlights:
- Platform Enhancements: Major version release available for LM Container; enhancements for LM Cloud
- New and Updated Monitoring Coverage: New out-of-the-box monitoring for Cisco HyperFlex, Fortinet (eight product lines!), VMware vCenter HA, and several AWS, Azure, and GCP cloud resources (including AWS Database Migration replication tasks)
Platform Enhancements
Collector
- Resolved inaccurate Collector size display. After upgrading, the Collector size indicated “Custom” in the LogicMonitor UI, despite the Collector not having any size customizations. This has been fixed.
LM Cloud
- AWS updates:
- AWS tags discovered for SQS and SNS. AWS tags are now discovered and added as properties for Amazon SQS (Simple Queue Service) and Amazon SNS (Simple Notification Service), and filtering based on those properties is now supported in the UI.
- Custom tagging for AWS Application ELB target groups. Custom tagging of AWS Application ELB (Elastic Load Balancing) target groups is now detected and added as properties within LogicMonitor.
- Immediate reporting of public and private IP properties. The Cloud Collector now captures the public and private IP properties for AWS EC2 instances during the NetScan process (previously this data wasn’t captured until the end of the Active Discovery process). This allows the local Collector to start on those tasks as soon as monitoring is enabled, removing a collection delay that was causing false alerts in some cases.
- Azure updates:
- Support for uae-central and uae-north regions. You can now configure your Azure monitoring operations to include resources located in Azure’s uae-central and uae-north regions.
- Azure data collection enhancement. LogicMonitor now allows 404 status returns from Azure data collection operations. This ensures that complex datapoints that evaluate status operate as expected.
- Discontinued Azure subscriptions now marked for deletion. If an Azure subscription is deselected (whether manually deselected or whether available subscriptions are automatically regenerated without this subscription on the Permissions tab of the Manage Account dialog), LogicMonitor now marks the subscription’s associated resource accordingly so that it gets deleted on the backend per the default service settings for the Azure account.
- Filtering of “Basic” Load Balancers from discovery. LogicMonitor is no longer discovering Azure Load Balancers with an SKU of “Basic” as the data for this SKU type is not available through Azure Monitor.
LM Container
- LM Container Argus v3 now available. A new major version of LM Container is now available that provides compatibility for Kubernetes 1.16 and 1.17, and Helm 3. Due to the large scope of updates in this major version, you will need to opt in to this upgrade. For upgrade details (prerequisites and steps), see LM Container Argus v3 Release: Support for Kubernetes 1.16 & 1.17.
- Kubernetes version selection. The Add Kubernetes Cluster dialog now features a Kubernetes Version field. This field defaults to Kubernetes version 1.14 or higher (>= 1.14.0), which prompts LogicMonitor to provide Helm 3 installation commands on the following wizard screen. (Helm 3 is now supported by the new LM Container version and we strongly recommend that you use this version with Kubernetes monitoring moving forward.) Alternatively, if you are adding Kubernetes versions older than 1.14, you can select “< 1.14.0” from the field’s dropdown and LogicMonitor will generate installation commands using Helm 2.
NetFlow
- Netflow interface details display. Resolved issue where Netflow interface details (at the resource group level only) were displayed as interface IDs rather than interface names from the Traffic tab.
Reports
- Interface Bandwidth report. The Interface Bandwidth report was including empty interface listings on resources that did not have the interface. The report has been fixed so that only resources with the selected interfaces will be included in the report.
- Resource Inventory report. The Resource Inventory report was incorrectly populating instance name and property values for resources where the instances or properties did not exist. This issue has been fixed and resources will now show blank entries for any selected instances or properties that do not exist.
Security
- Miscellaneous security fixes and improvements. Various security fixes and improvements are being released with this version.
New and Updated Monitoring Coverage
Upon your account’s upgrade to v.135, import our new and updated LogicModules from the LogicMonitor repository to expand and enhance your monitoring coverage.
New Monitoring Coverage
- AWS Connect – 1 DataSource
Monitors AWS Connect metrics from CloudWatch.
- AWS Database Migration Service Tasks – 1 DataSource
Discovers and monitors (via CloudWatch) replication task performance including memory usage, throughput bandwidth, and latency for the AWS Database Migration service. This new DataSource augments existing AWS Database Migration replication monitoring.
- Cisco ISE: TACACS+ Ports – 1 DataSource
Checks to see if port 49 for Cisco ISE TACACS+ is open and alerts if it is not.
- Cisco HyperFlex – 2 DataSources, 1 EventSource
Added two new DataSources (
Cisco_HyperFlex_NodePerformance
andCisco_HyperFlex_ClusterPerformance
) to the Cisco HyperFlex package for node and cluster performance monitoring. Added one new EventSource (Cisco HyperFlex Events
) for the capture of Cisco HyperFlex warning, error, and critical events. - (topology mapping) Dell EMC ECS – 1 TopologySource, 2 PropertySources
Added two PropertySources (
addERI_EMC_ECS_Cluster
andaddERI_EMC_ECS_Node
) and one TopologySource (EMC_ECS_Topology
) for enhanced topology mapping coverage.Note: As detailed in the next section, enhancements have been made to all existing Dell EMC ECS DataSources, also for the purpose of expanding topology support.
- Dell EMC Isilon 1 SNMP SysOID Map
New SysOID for mapping of Dell EMC Isilon H500 nodes
- Fortinet – 57 DataSources, 1 PropertySource, 7 SNMP SysOID Maps
LogicMonitor has greatly expanded its out-of-the-box monitoring for Fortinet’s product suite. Brand new coverage for seven Fortinet product lines has been added and coverage for FortiGate has been significantly enhanced.
- FortiADC – 8 DataSources
See Fortinet FortiADC Monitoring for details.
- Fortinet FortiAuthenticator – 3 DataSources
See Fortinet FortiAuthenticator Monitoring for details.
- Fortinet FortiGate – 23 DataSources, 1 PropertySource
LogicMonitor has released a new monitoring package for Fortigate that vastly expands coverage of Fortigate metrics, as well as the efficiency of data monitoring.
Note: These new DataSources deprecate LogicMonitor’s legacy FortiGate DataSources. For details on setup and migration, see Fortinet FortiGate Monitoring for details.
- Fortinet FortiMail – 4 DataSources
See Fortinet FortiMail Monitoring for details.
- Fortinet FortiManager – 12 DataSources
See Fortinet FortiManager Monitoring for details.
- Fortinet FortiSwitch – 1 DataSource
See Fortinet FortiSwitch Monitoring for details.
- Fortinet FortiWeb – 2 DataSources
See Fortinet FortiWeb Monitoring for details.
- Fortinet FortiWLC – 5 DataSources
See Fortinet FortiWLC Monitoring for details.
- FortiADC – 8 DataSources
- GCP Load Balancer Backend Service Health – 1 DataSource
Monitors the health check result for GCP Load Balancer backend instances.
- Microsoft Azure Blob Storage Capacity – 1 DataSource
Monitors capacity metrics for Azure Blob Storage services.
- Microsoft Azure ExpressRoute Circuit – 2 DataSources
Monitors Azure ExpressRoute circuit data bandwidth, and data bandwidth per peering.
- Microsoft Azure Machine Learning Workspace – 1 DataSource
Discovers Azure Machine Learning workspaces and monitors workspace performance and job metrics via Azure Monitor.
- Microsoft Azure SQL Database (vCore) – 1 DataSource
Azure SQL databases use one of two pricing models: the original DTU model or the newer vCore model. LogicMonitor’s initial DataSource for monitoring Azure SQL was returning data collection errors when attempting to track DTU metrics on vCore-based database instances. To remedy this, we have introduced a new DataSource named
Microsoft_Azure_SQLDatabaseNonDTU
for use with vCore-based database instances. As discussed in the next section, the originalMicrosoft_Azure_SQLDatabase
DataSource has additionally been updated to target DTU-based instances only. - (topology mapping) NetApp (7 Mode & Cluster Mode) – 2 TopologySources, 1 PropertySource
Added two TopologySources (
NetApp_7mode_Topology
andNetApp_Cluster_Topology
) and one PropertySource (addERI_NetApp
) for enhanced topology mapping coverage.Note: As detailed in the next section, enhancements have been made to several existing NetApp and VMware vCenter LogicModules, also for the purpose of enhancing NetApp topology support.
- VMware vCenter HA – 2 DataSources, 1 PropertySource
New out-of-the-box monitoring for VMware vCenter HA (High Availability) finds vCenter clusters with HA configured and monitors various cluster metrics.
Updated Monitoring Coverage
- (topology mapping) addCategory_TopoSwitch – 1 PropertySource
Made updates to prevent this PropertySource from incorrectly assigning the “TopoSwitch” system category to resources for which no topology data is returned.
- Aruba ESSID – 1 DataSource
Performed various cleanup, including adding missing datapoint descriptions; added graphs.
- Cisco HyperFlex – All 15 DataSources, 2 PropertySources
Refactoring of Active Discovery and data collection Groovy scripts in order to cache authentication tokens. This was necessary to comply with new authentication limits for generating authentication tokens Cisco implemented beginning with HyperFlex firmware 4.0(2a). This should be a seamless update for all customers running existing Cisco HyperFlex LogicModules, with no data loss expected.
Additionally, unrelated to authentication tokens, wildvalue sanitization was performed on the majority of DataSources in order to fix issues with spaces and invalid characters in the data collection scripts.
Additionally, added backwards support for older API versions to the
Cisco_HyperFlex_HypervisorVMS
DataSource.Note: As detailed in the previous section, a new EventSource was also added to this monitoring package.
- Cisco UCS Rack Servers – 1 DataSource
Added missing ##WILDVALUE## to the
physicalSecurity
datapoint. - Citrix XenApp Logon Performance – 1 DataSource
Fixed issue causing No Data / NaN to be returned for authentication and brokering datapoints.
- (topology mapping) Dell EMC ECS – All 7 DataSources
Updated scripts with ERI properties for topology support.
Note: As detailed in the previous section, brand new EMC ECS LogicModules are also available for the purpose of enhancing topology coverage.
- Email Service – 2 DataSources
Updated the data collection scripts for the
Email_RoundTrip
andEmail_TransitTime
DataSources to disable TLS when thesmtpType
property (as set on the instance) is configured to use port 25. If enabling TLS use when the scripts are configured to use port 25 is required in your environment, an optional property namedsmtp.force.TLS.25
is now available that, when set to TRUE on the resource, enables TLS when port 25 is implied (smtpType
is blank or ”). - F5 BigIP Failover Status – 1 DataSource
Improved the datapoint description and alert message.
- Fortinet FortiGate – 9 legacy DataSources (deprecated)
As detailed in the previous section, LogicMonitor has released a new monitoring package for Fortinet FortiGate, which effectively serves to deprecate existing FortiGate DataSources.
Note: If you are currently using the now-deprecated DataSources, you will not experience any data loss upon importing the new set of DataSources because of the name variations that exist between the two sets. However, you will collect duplicate data and potentially receive duplicate alerts for as long as both sets of DataSources are active. For this reason, we recommend that you disable the legacy DataSources after you have imported the new ones and verified that they are working as expected. For more information on migrating to the new FortiGate monitoring package, see Fortinet FortiGate Monitoring.
- Fortinet FortiGate Active IPSec VPN Tunnels – 1 DataSource
Changed the metric type of the
bytesOut
andbytesIn
datapoints from gauge to derive.Note: A brand new monitoring suite for Fortinet FortiGate was announced for this release, as detailed in the previous section. If you are downloading the suite for the first time, this update is already present in the
Fortinet_FortiGate_ActiveIPSecVPNTunnels
DataSource. However, if you have already downloaded it (this suite was made available in mid-April), you’ll want to update this DataSource. - GCP Data Analytics Cloud Pub/Sub Topic – 1 DataSource
Added datapoints for available topics that were not yet covered.
- Microsoft Azure Application Insight – 1 DataSource
Update the Exception metrics to use ##primaryaggregation## as
.count
was no longer working. Additionally, removed the twoBillingMetrics_xx
metrics from the DataSource as they aren’t listed as Insight components and are not working in customer accounts. See Microsoft’s Supported metrics with Azure monitoring documentation for a list of metrics. - Microsoft Azure Virtual Machines – 1 DataSource
Updated the
NetworkIn
andNetworkOut
datapoints to use Azure’s “Network In Total” and “Network Out Total” metrics, rather than the deprecated “Network In” and “Network Out” metrics; added a link to Azure’s metrics page from the DataSource’s Technical Notes field. - Microsoft Office 365 – All (13) DataSources, all (10) ConfigSources, and all (2) PropertySources
- Updates to all LogicModules in Office 365 package:
Switched to single quotes on global variables to capture special characters; added TLS 1.2 support; improved exiting of PSSessions to respect the three concurrent session maximum limits recently imposed by Microsoft Office 365.
- Updates to PropertySources only:
The AppliesTo statement for both PropertySources has been updated to better target only properly configured Office 365 resources, bypassing issues caused when Office 365 credentials (username and password) are set as properties at a level higher than the resource level in the Resources tree.
Additionally, reverted the previously-set “NoPing” category that these PropertySources were applying so that Office 365 resources are once again pinged.
Additionally, updated the script for the
addCategory_Office365Reports
PropertySource to capture error codes for improved debugging.
- Updates to all LogicModules in Office 365 package:
- Microsoft Office 365 Exchange Online Mailbox Statistics – 1 DataSource (removed)
This DataSource has been temporarily removed from the repository due to timeout issues stemming from slow Microsoft PowerShell module performance. We are researching alternative approaches to retrieving these metrics.
- Microsoft Azure SQL Database (DTU) – 1 DataSource
Updated the AppliesTo statement to only target database instances that use the DTU pricing model. As detailed in the previous section, a new DataSource named
Microsoft_Azure_SQLDatabaseNonDTU
has been released for use with vCore-based database instances. - (topology mapping) NetApp & VMware vCenter – 6 DataSources, 1 PropertySource
Added ERI properties for the purpose of enhancing NetApp topology mapping support to the following DataSources (and PropertySource):
NetApp_7mode_Disks
,NetApp_7mode_Volumes
,NetApp_Cluster_Disks
,NetApp_Cluster_Volumes
,VMware_vCenter_HostPerformance
,VMware_vCenter_HostStatus
, andaddERI_ESXi
.Note: The
NetApp_Cluster_Disks
DataSource update also features an alert threshold update on thessd_percent_remaining_life
datapoint (unrelated to topology mapping).Note: As detailed in the previous section, brand new NetApp LogicModules are also available for the purpose of enhancing NetApp topology support.
- NetApp Cluster Failover – 1 DataSource
Moved the default alert thresholds from the existing
node_state
datapoint to the newnode_state_alert
complex datapoint. - NetApp Cluster Fibre Channel – 1 DataSource
Moved alert threshold for states from the
State
datapoint to the newstateAlerts
complex datapoint. - NetApp Cluster Nodes – 1 DataSource
Added three new datapoints for tracking node health, epsilon, and cluster eligibility.
- (topology mapping) Networking_L2_snmpSwitch – 1 TopologySource
Removed “finally” from catch block to prevent duplicate
extractLldpRemotesWalk
call; instructed TopologySource to perform SNMP walks rather than GETs if ExtremeXOS device is detected. - Nimble Array Info – 1 DataSource
Added a graph for the
TotalArrayUsagePercent
datapoint; minor script cleanup. - Nutanix Virtual Machines – 1 DataSource
Increased SNMP timeout on walks; cleaned up Active Discover and data collection scripts.
- RabbitMQ Node Performance – 1 DataSource
Updated data collection script to handle No Data.
- Slack Events – 1 EventSource
Updated collection code to prevent duplicate alert discovery; updated alert message.
- Viptela Policy – 2 DataSources
Made updates to the Active Discovery and Collection scripts that create an MD5 hash from the ##WILDVALUE## to prevent special characters from breaking data collection.
- Viptela System – 5 DataSources
Added missing alert thresholds and updated various datapoint descriptions and alert messages for the following DataSources:
Viptela_System_CPU
,Viptela_System_Fans
,Viptela_System_Memory
,Viptela_System_PSU
, andViptela_System_Status
. - VMware ESXi: Datastore Performance – 1 DataSource
Update data collection script to test for counterMap key existence to address script errors.
- VMware VCSA – All 10 DataSources
Updated the AppliesTo statement to exclude isWindows() devices as VCSA is based on VMware Linux Photon OS.
- VMware vSphere VM Performance – 1 DataSource
Reverted the
CPUReadyperVCPUPercent
datapoint calculation change (which was made in v.134) back to original calculation. Per the VMware Knowledge Base, the original calculation was correctly converting CPU summation percent values. - Zoom User Stats – 1 DataSource
Fixed issues with the capture of user type codes and user status.