Feature Highlight: LM Logs
Launching on November 18, LM Logs offers a unique and unified approach to log analysis centered on algorithmic root-cause analysis. LM Logs analyzes log events after they are ingested and mapped to a monitored resource to identify normal patterns and deviations from these patterns: anomalies.
Log anomalies represent log events that are new, or seen for the first time on the monitored resource it’s associated with. These anomalies are displayed in two places: (1) the new Logs page, where you can review raw logs and investigate log anomalies across your entire infrastructure and (2) the Graphs tab for alerts, where they are displayed contextually with metric alerts to help speed troubleshooting.
To get logs into LogicMonitor, you can choose from one of our provided integrations or send custom logs directly to the logs ingestion API. For more information, see the LM Logs Documentation.
- (FIX) Capturing dynamic threshold updates. In some instances, updates to dynamic thresholds were not being captured comprehensively in the audit logs. This has been corrected.
- AWS updates:
- AWS SWF Workflow support for duplicate names. Domain names will now be included as part of SWF Workflow naming conventions to support the presence of identical names across multiple domains. Note: Any dashboards that have been customized with AppliesTo statements that reference specific SWF Workflow names may need to be updated to accommodate this new naming convention.
- (FIX) AWS Kinesis Stream purging. Some removed AWS Kinesis Streams were not being properly purged from the portal. A fix has been made to resolve this issue moving forward and to retroactively remove any streams that were falsely persisting.
- (FIX) Route53 instances. Two issues pertaining to Route53 instances have been resolved:
- Custom AWS tags were not properly coming through on Route53 instances.
- Pagination was limited to 100 instances, even if more instances were present.
- GCP updates:
- (FIX) GCP usage count. An issue was causing inconsistent display of GCP usage from the resource usage count tables available on the Account Information page (Settings | Account Information). This has been fixed.
- (FIX) Data collection for host-networking pod configurations. The system.ips property wasn’t being populated properly for some pods configured with host-networking, which caused Ping and Host Status data collection issues for these pods. This has been fixed.
- (FIX) Importing modules. When importing a module from the public repository, an issue was causing the install status to display “Installing…” indefinitely. This has been fixed.
Network Traffic Flow Monitoring
- Exclude conversations filter. The conversations filter on the Traffic tab has been enhanced to support the exclusion of explicit conversations between one-to-one, one-to-many, many-to-one, or many-to-many endpoints.
User Interface (UI)
- (FIX) Visual display errors for graphs on Alerts page. For graphs that compare usage to total capacity, the visual display was incorrectly stacking, causing visual misalignment with actual capacity values. This was happening for graphs that displayed on the Alerts page; graphs that displayed on the Resources page did not experience this issue. This issue has been fixed.
New, Updated, and Deprecated LogicModules
Recently released to the LogicMonitor public repository, our new and updated LogicModules are available for import to expand and enhance your monitoring coverage.
|AWS Kinesis Video Streams||(DataSource) Gathers throughput, latency, request, and error metrics for Kinesis Video Streams.|
|BlueCat Address Manager||(5 DataSources, 1 PropertySource) Monitors status and utilization metrics for the BlueCat IP Address Manager server and DNS/DHCP appliances as well as utilization metrics for DHCP pools and subnets.|
|Cohesity Views||(DataSource) Monitors Cohesity Storage Platform View alerts and threshold data. Alerts are set in Cohesity when the View is created.|
|F5_BigIP_PoolMemberStats||(DataSource) This DataSource replaces the now-deprecated F5_BigIP_PoolMemberStatistics DataSource. Active Discovery and data collection methods were converted from SNMP to script to improve overall efficiency.|
|Veeam_BackupAndReplication_Jobs_SureBackups||(DataSource) This DataSource replaces the now-deprecated Veeam_BackupAndReplication_Jobs_VMWareSureBackups DataSource. The name was adjusted to remove “VMware” as the backups are not VMWare specific.|
|Cisco_AIPSSM_Processor||(DataSource) The UsedPercent datapoint no longer alerts on NoData.|
|Cisco_Meraki_Switch_Interfaces||(DataSource) Added datapoints for each type of packet counter, multicast, crc errors, packet alignments errors, stp topology detection, and so on; added warningCount and errorCount datapoints that report how many errors the switch detected in that port; common occurrences like disconnected/disabled ports are now ignored (users will have to check those errors in the console as the DataSource cannot report text in a clean way); added datapoints reporting connection enabled; added instance grouping.|
|Cisco_FRU_Power||(DataSource) Fixed invalid token (##auto.serial_number##) present in alert messages.|
|Cisco_NXOS||(ConfigSource) Updated script to support Cisco UCS devices running NXOS.|
|Citrix_Netscaler_FullBackup||(ConfigSource) Improved filtering of shell lines in output; increased connection timeout; removed spaces from log file name.|
|Cohesity_DataPlatform_Alerts||(EventSource) Added special handling of alerts to prevent duplication. Although this EventSource will work on all Collector versions, Collector 29.001 or higher is required to ensure duplicate prevention.|
|Cohesity_DataPlatform_Fans||(DataSource) Removed unused variables from Active Discovery script.|
|Kubernetes_Container||(DataSource) The container image is now recorded under “auto.image”.|
|LogicMonitor_Collector_BufferDataReporterLatency||(DataSource) Gathers newer queue status metrics for Collector versions 29.104 or higher; removed alerting from minReportLatency datapoint; renamed santabaConnection datapoint to persistentQueueStatus (note that this will delete historical data for this datapoint upon import).|
|(4 ConfigSources) Fixed sort order issue in collection script requests to return consistently sorted configurations between runs. Note: These ConfigSources will generate alerts upon initial import.|
|(2 ConfigSources) Made significant updates to collection scripts; sorted output by IP address to reduce noise; added check for WinRM.|
|Microsoft_SQLServer_AlwaysOnAvailabilityGroups Microsoft_SQLServer_AlwaysOnAvailabilityReplicas Microsoft_SQLServer_AlwaysOnDatabaseReplicaCluster Microsoft_SQLServer_AlwaysOnDatabaseReplicas Microsoft_SQLServer_Troubleshooter Microsoft_SQLServer_Databases Microsoft_SQLServer_SystemJobs Microsoft_SQLServer_GlobalPerformance||(8 DataSources) Updated scripts for all eight DataSources with
For the Microsoft_SQLServer_AlwaysOnAvailabilityGroups DataSource only, the Active Discovery script now creates instance names in uppercase to match Microsoft naming convention.
|Microsoft_SQLServer_SQLAuthConnections Microsoft_SQLServer_Connections||(2 PropertySources) Included the loginTimeout parameter in JDBC strings to resolve high CPU usage on Collector v29.003 caused by the script not timing out correctly.|
|NetSNMP_Memory_Usage||(DataSource) Updated collection script to fallback if snmpd version cannot be retrieved via the net-snmp version OID; updated datapoint descriptions; added graph for PercentSwapUsed datapoint.|
|Nimble_Array_Info||(DataSource) Improved OS version detection in Active Discovery script; fixed collection output spacing; performed general code cleanup; added alerts for TotalArrayUsagePercent datapoint; updated alert persistence and added graph for status datapoint; fixed overview graphs.|
|NTP||(DataSource) Updated AppliesTo statement to no longer match devices with the “CiscoNTP” category due to collection issues on these device types.|
|PingMulti-||(DataSource) Improved description; added technical notes.|
|snmp64_If-||(DataSource) Updated the alert description of the Status datapoint.|
|SNMP_Network_Interfaces||(DataSource) Reintroduced fix for UtilizationPercent datapoint calculations that was accidentally reverted in v1.6 of the DataSource; Fixed integer overflow bug that was causing invalid interface speed properties to be set on interfaces over 2.14Gbps.|
|(TopologySource) Improved linking of VMware macs to generate missing edges; resolved issue of false edges between HP switches.|
|(7 DataSources) Added a datapoint to monitor time since a job was last run; fixed issue preventing backup copy jobs from being discovered for Veeam version 10 and above.|
|Zoom_User_Stats||(DataSource) Fixed indices used for request by the collection script (previously the indices were not correctly matched to license types); updated the collection interval to one hour.|
LogicMonitor deprecates LogicModules for a variety of reasons. Most often, it is because we have published a replacement LogicModule that provides superior access to the monitored technology (for example, supports more versions of the technology or provides improved scalability).
However, there are times when a LogicModule is deprecated with no replacement (for example, when a technology becomes defunct or security issues beyond LogicMonitor’s control arise).
Note: When importing a replacement LogicModule, you will not experience any immediate data loss due to the name variation that LogicMonitor expressly adds. However, there will be a diversion in data collection between the deprecated and new LogicModule, and you will potentially collect duplicate data and receive duplicate alerts for as long as both LogicModules are active. For this reason, we recommend that you disable (rather than delete) the deprecated LogicModule after you have imported its replacement to provide time to (1) verify that it is working as expected and (2) build up a new set of historical data.
|LogicModule Deprecated/Replaced||Reason||End of Support Date|
LogicModules Deprecated in v.144
|(1 DataSource) It has been determined that all data gathered by this DataSource is being reported more robustly through the existing NetSNMPCPUwithCores and NetSNMP_Memory_Usage DataSources, making it redundant and unnecessary.||2021-02-09|
|(1 DataSource) Active Discovery and data collection methods were converted from SNMP to script to improve overall efficiency.||2020-12-07|
|(1 DataSource) “VMware” was removed from the DataSource name as the backups are not VMWare specific.||2020-12-07|
LogicModules Previously Deprecated (over past five versions)
|(4 DataSources)General cleanup of DataSources that are not widely used and no longer work correctly.||2021-01-19|
|(1 DataSource) Windows SNMP support has been deprecated by Microsoft since Server 2012 R2. As a result, this DataSource does not collect reliable data for Server 2016 and above.||2020-12-02|
Cisco AIP SSM Memory Pools
|(1 DataSource) The replacement DataSource offers a scripted SNMP version that returns accurate values. If you were previously using the now-deprecated DataSource, it can be deleted as it was providing invalid data.||2020-11-16|
|(1 DataSource) Uses a deprecated API. It is strongly recommended that this LogicModule be deleted and the replacement LogicModule be used.||2020-10-26|
|(1 DataSource) The replacement DataSources filter out instances to allow for separate DataSource monitoring of memory, flash storage, and standard storage.||2020-10-26|
|(1 DataSource) Did not provide accurate/useful data and can be deleted; the existing Linux_SSH_ServiceStatus DataSource has been retooled in v.141 to perform the same function.||2020-09-18|
|(1 DataSource) The replacement DataSource offers several advantages including (1) the use of the more widely supported nstat (part of iproute2) command and netstat as fallback if nstat is not available and (2) additional monitoring for packet, datagram and error related metrics||2020-09-18|
|(1 DataSource) Changed the collection method from standard SNMP to scripted SNMP to properly handle the units returned for the VolFreeSize and VolTotalSize datapoints. In the now-deprecated version, these datapoint calculations were failing if the returned values were not expressed as terabytes leading to data misrepresentation.||2020-09-18|
Entering Beta: Push Metrics API
LogicMonitor is developing a Push Metric API in order to allow metrics to be sent directly to LogicMonitor without the use of a Collector. Some technology landscapes where this capability is becoming vital include server-less infrastructures such as AWS Lambda, large distributed microservices environments with custom metrics (including business metrics), and IoT environments.
Beta for Push Metrics API is targeted for December. If you have a compelling use case and the resource availability, and would like to be considered for participation, please complete the Customer Beta survey.