Come join our live training webinar every other Wednesday at 11am PST and hear LogicMonitor experts explain best practices and answer common questions. We understand these are uncertain times, and we are here to help!
To integrate LogicMonitor with StackStorm, you must install StackStorm on a device with one of the following:
For instructions on installing StackStorm, see StackStorm’s Installation documentation.
By default, LogicMonitor uses port 5000 on the StackStorm device. You can change this port by modifying self. port = 5000 in the logicmonitor_sensor file in the LogicMonitor Pack. Modifying the port requires you to reload StackStorm with the following command:
self. port = 5000
The following diagram illustrates a basic network configuration from LogicMonitor to the device where StackStorm is installed along with the networking considerations for proper communication:
iptables -I INPUT -p tcp --dport 5000 -j ACCEPT
To minimize security risks, ensure the appropriate file and user permissions are granted for both StackStorm and LogicMonitor.
Ensure that only the appropriate users have access to the files where StackStorm is installed (/opt/stackstorm/). You can modify the permissions as needed in the /opt/stackstorm/ directory.
For more information about StackStorm permissions, see StackStorm’s Role Based Access Control documentation.
When you create the API Token, ensure the user associated with the token has the minimum required permissions. This involves creating a role in LogicMonitor with only the necessary privilege required to execute the StackStorm Action, and then associating that role with the user. This is the user you would associate with the API Token required to enable communication between your LogicMonitor portal and the LogicMonitor Pack. The more defined the Action in StackStorm you need, the more granular your permission set must be for your LogicMonitor user.
For example, if you want to execute an Action in StackStorm that schedules downtime (SDT) for a LogicMonitor Collector so you can conduct server maintenance in your environment (i.e., using the logicmonitor.add_sdt.action command), your API Token should be associated with a LogicMonitor user that has a role with the “Manage” permission for Collectors.
For more information about users and roles in LogicMonitor, see the following:
In This Article