Getting Started

Defining authentication credentials

LogicMonitor may require credentials (e.g. JDBC passwords, SNMP community strings, etc.) in order to collect data from your devices.  You can use properties to set this information at the global, group, or device level.

Understanding property hierarchies

Before you set properties for your devices, you should understand where to set them, which depends on how many devices that property applies to. For example, if you have the same SNMP community string set for all of your Linux devices, it doesn't make sense to go and set that as a property individually for each Linux device in your account. It may be better to instead set this community string at the account level so that it applies to all Linux devices.

Properties set at the device level will override properties set at the group level, and properties set at the group level override properties set at the global (account) level. As a best practice, we recommend that you set global credentials and override them as needed for groups of devices or individual devices.

Understanding property hierarchies


Note:
A device that is a member of multiple groups with the same property defined uses the properties set at the deepest level group. If the same property is set in two groups at the same level, and a device is a member of both these groups, the selection of which property that the device will take effect is nondeterministic.

Adding a property

  1. Navigate to the Devices tab
  2. Navigate to the level that you want to set the property - the root level for your device tree, a group, or a device
  3. Click the Manage button for that group or device
  4. From the Manage dialog you can change the value for a property by clicking on the value field or add a new property by clicking the '+'
  5. Click Save for the property, and then save for the manage dialog. Remember that the value you set is inherited downward in the hierarchy until it is overridden at a deeper level. For example, applying wmi.user at the global level will attempt to use that user value wherever WMI is detected except when the property is defined at the group or device level.
  6. Repeat this process for any device properties necessary for the LogicMonitor collector to get data from your devices. (e.g. snmp.community, netapp.user, jdbc.ports)

Adding a property


Notes:

  • If you run the LogicMonitor collector as a windows service with sufficient rights to collect data, for example as a domain account that is local administrator on the systems being monitored, there is no need to enter any WMI credentials in LogicMonitor. In this case, as LogicMonitor never has the credentials, they are never transmitted anywhere by LogicMonitor.
  • If credentials are added they will be transmitted back to LogicMonitor, but will be encrypted while in transit and stored.

Common credentials

The following table provides examples of common credentials that can be set:

Property Name

Meaning

Notes

snmp.community The SNMP community string for SNMP versions 1 and 2c (the default is public) See the section below this table titled 'Defining SNMP credentials and properties'
snmp.security The username for SNMP version 3 See the section below this table titled 'Defining SNMP credentials and properties'
snmp.auth

snmp.authToken

The authentication algorithm and authentication credential to be used for SNMP version 3 (snmp.auth defaults to SHA, MD5 is also supported). See the section below this table titled 'Defining SNMP credentials and properties'
snmp.contextName

snmp.contextEngineID

These properties identify the SNMP context (a collection of management information) associated with the SNMP device. See the section below this table titled 'Defining SNMP credentials and properties'
snmp.priv

snmp.privToken

The privacy algorithm and encryption credential to be used for SNMP version 3 (snmp.priv defaults to AES, des is also supported). See the section below this table titled 'Defining SNMP credentials and properties'
snmp.port The UDP port for SNMP (defaults UDP 161). See the section below this table titled 'Defining SNMP credentials and properties'
wmi.user

wmi.pass

The Windows username & password for remote WMI and perfmon access If the collector is running as a domain account with local admin privileges on the host to be monitored, this is not necessary.To specify a local user when running in a domain, use ##HOSTNAME##\administrator
pdh.user

pdh.pass

The Windows username & password for remote perfmon access Usually these properties do not need to be defined because the wmi.user/wmi.pass properties will be used to access perfmon data. However, these may be needed if the WMI credentials include a domain\user, but the remote computer is in a different domain, and the user is local.
netapp.user

netapp.pass

The username & password used for accessing NetApp filers via the API For more information about declaring netapp.api.port, netapp.ssl, and netapp.api.sslport, see NetApp Filers.
jdbc.mysql.user

jdbc.mysql.pass

dbname

The username, password & database name used for MySQL access For more information see MySQL Credentials.
jdbc.oracle.user

jdbc.oracle.pass

The username & password used for Oracle access
jdbc.mssql.user

jdbc.mssql.pass

dbname

The username, password & database name used for SQL server access By default, the SQLServerConnection- datasource uses integrated security, so it is not necessary to set these if the user the collector runs as has rights to query the database.
jdbc.db2.user

jdbc.db2.pass

dbname

The username, password & database name used for DB2 access
mongodb.user

mongodb.pass

The username and password used to access for MongoDB database access. For more information about configuring your MongoDB, see MongoDB.
redis.ports

redis.pass

The alternative ports and password for your Redis data store. For more information about configuring Redis, see Redis.
esx.user

esx.pass

esx.url

Username, password, and URL, if necessary, for accessing your ESX server. For more information about configuring your ESX server, see ESX Servers and vSphere.
xen.user

xen.pass

xen.url

The username, password, and url used to access your XenServer. For more information about configuring your Citrix XenServer, see Citrix XenServer.
xen.pool Used to enable or disable discovery of the entire resource pool’s VMs rather than just the hypervisor’s current VMs. For more information about configuring your Citrix XenServer, see Citrix XenServer.
xen.pool.concurrency Manages the maximum number of connections to the Xen pool master. This property defaults to 10. For more information about configuring your Citrix XenServer, see Citrix XenServer.
naviseccli.user

naviseccli.pass

The username and password used to access your Navisphere server.
cim.user

cim.pass

cim.port

cim.ssl

The username, password, port, and SSL enablement status for EMC devices.
http.user

http.pass

http.port

The username, password, and port, if necessary, for the web page collection method.
tomcat.jmxports

jmx.user

jmx.pass

The Tomcat JMX ports (comma separated), username and password for JMX access to your Tomcat server. For more information about configuring your Tomcat server, see Tomcat.
jmx.port

jmx.ports

jmx.user

jmx.pass

A singular port to monitor a JMX object, a list of ports (comma separated) to monitor multiple JMX objects, and the JMX username and password that should be used for authenticating.
ipmi.user

ipmi.pass

The username and password used to access IPMI sensors and event logs. For more information about configuring IPMI, see IPMI Support.

 

Defining SNMP credentials and properties

LogicMonitor can use SNMP versions 1, 2c or 3. If your device supports 2c, it supports 64-bit counters and is preferable over version 1. SNMP version 3 adds authentication and encryption, making it more secure, but also more complicated to set up and troubleshoot.

For SNMP versions 1 and 2c you need to set the snmp.community (defined in the table above)

For SNMP version 3 you need to set the snmp.security, snmp.auth, snmp.authToken, snmp.priv, snmp.privToken (all defined in the table above).

SNMP version 3 also introduces support for snmp.contextName and snmp.contextEngineID. The snmp.contextEngineID value is a string used to identify the device on which the management information is hosted. The snmp.contextName identifies the individual SNMP context.  

Notes:

  • On an individual device, snmp.version is set by LogicMonitor to the version of SNMP which responds. LogicMonitor attempts SNMP communication initially with version 3, then 2c, and finally version 1. The highest responding version is used.
  • If you want to override the default UDP 161 port, set snmp.port (defined in the table above) to reflect your SNMP port.