- About LogicMonitor
- Cloud Monitoring
- Dashboards and Widgets
- Getting Started
- LM Service Insight
- Backup and Recovery Systems
- Cloud Resources
- About LogicMonitor’s Kubernetes Monitoring
- Monitoring Google Anthos
- Adding your Kubernetes Cluster into Monitoring
- Updating Monitoring Configuration for your Kubernetes Cluster
- Troubleshooting Kubernetes Monitoring
- Istio Monitoring (Kubernetes)
- LM Container Argus v3 Release – Support for Kubernetes 1.16 & 1.17
- Networking & Firewalls
- Fortinet FortiWLC Monitoring
- Fortinet FortiWeb Monitoring
- Fortinet FortiSwitch Monitoring
- Fortinet FortiManager Monitoring
- Fortinet FortiMail Monitoring
- Fortinet FortiAuthenticator Monitoring
- Fortinet FortiADC Monitoring
- Ruckus ZoneDirector Monitoring
- Cisco VoIP Monitoring
- Cisco UCS Monitoring
- Cisco Wireless Monitoring
- Brocade Application Delivery Controllers
- Checkpoint Firewalls
- Cisco APIC Monitoring
- Cisco ASA/ASR
- Cisco Device SNMP and NTP Configuration
- Cisco Firepower Chassis Manager Monitoring
- Cisco SD-WAN Monitoring
- Cisco IP SLA Monitoring
- Citrix NetScalers
- Dell Switch Monitoring
- F5 BIG-IP Monitoring
- Fortinet FortiGate Monitoring
- Infoblox Monitoring
- Interface Status alerting and Bandwidth Utilization
- Juniper SRX
- Kemp LoadMaster Load Balancers
- Cisco Meraki Monitoring
- NetFlow and Other Network Traffic Monitoring Protocols
- Palo Alto Firewall Monitoring
- pfSense Firewalls
- Sonicwall Firewalls
- Operating Systems & Virtualization
- Linux (via SSH) Monitoring
- VMware Horizon Monitoring
- Citrix XenServer Monitoring
- Citrix XenApp/XenDesktop Monitoring
- VMware ESXi Servers and vCenter/vSphere Monitoring
- Linux Disk Performance
- Linux File Systems reporting more than 100% usage
- Linux Inodes
- Linux Interface Bandwidth Utilization
- Linux NFS Server
- Monitoring a Domain Controller (DC)
- Monitoring Remote Linux Files
- NTP Configuration
- NTP Monitoring
- Nutanix HyperConverged Infrastructure
- SNMP v1/v2 Configuration
- SNMPv3 Configuration
- Solaris Monitoring
- Troubleshooting Perfmon Access
- Troubleshooting SNMP
- Troubleshooting WMI
- VMware vCenter Server Appliance (VCSA) Monitoring
- Windows Cluster Monitoring
- Windows Firewall Issues
- Windows Server 2000
- Windows XP
- Applications & Databases
- Atlassian Statuspage (statuspage.io) Monitoring
- Microsoft Office 365 Monitoring
- OpenMetrics Monitoring
- Zoom Monitoring
- Windows Server Failover Cluster (on SQL Server) Monitoring
- Slack Status Monitoring
- Unomaly Monitoring
- Microsoft DHCP Monitoring
- Windows Active Directory Monitoring
- Apache Monitoring
- Cassandra Monitoring
- ConnectWise Monitoring
- Email Service Monitoring
- Java Applications
- Lighttpd Monitoring
- Microsoft Exchange Monitoring
- Microsoft SQL Server Monitoring
- MongoDB Monitoring
- MySQL Monitoring
- Nginx Monitoring
- Oracle Monitoring
- Pick & D3
- Postfix Monitoring
- PostgreSQL Monitoring
- RabbitMQ Monitoring
- Redis Monitoring
- Twilio Monitoring
- Varnish HTTP Accelerator
- Couchbase Server Monitoring
- Server & Operations Hardware
- Storage Systems
- Cisco HyperFlex Monitoring
- Dell SC Monitoring
- Apache Hadoop Monitoring
- SwiftStack Monitoring
- Infinidat InfiniBox Monitoring
- EMC ECS
- EMC Isilon Monitoring
- EMC Unity Monitoring
- EMC VMAX
- EMC VNX/Clariion SAN
- EMC VNXe
- EMC VPLEX
- EMC XtremIO Monitoring
- HPE 3PAR Storage
- HP MSA / StorageWorks / P2000 Monitoring
- HP P4000/Lefthand SANs
- NetApp E/EF-Series Monitoring
- NetApp FAS Monitoring
- Nimble Storage
- Panzura Cloud Storage
- Pure Storage Monitoring
- Quantum Small Tape Libraries
- VMware vSAN Monitoring
- Rest API Developers Guide
- RPC API Developers Guide - Deprecated
- Servicenow CMDB Integration
- Terminology and Syntax
Microsoft Office 365 is a line of cloud-based software offered by Microsoft as part of the Microsoft Office product line. LogicMonitor offers out-of-the-box monitoring for Office 365. With LogicMonitor’s Office 365 package, you can monitor the state of your Microsoft Office 365 deployment and the underlying services and license usage, allowing you to quickly identify faults and manage performance and license utilization accordingly.
Note: LogicMonitor also offers monitoring for the Microsoft Exchange server. See Microsoft Exchange Monitoring for more information.
Add Resource Into Monitoring
Add your Microsoft Office 365 host into monitoring. As cloud-based software, there is no physical resource to add into monitoring so simply create a new resource with “outlook.office.com” as the IP address/DNS name. Be sure to assign a Windows-based Collector or Collector group to the resource. For more information on manually adding resources into monitoring, see Adding Devices.
Create Credentials for Office 365
LogicMonitor must provide the appropriate credentials in order to successfully access Office 365. These credentials must belong to an Office 365 user account with the “Global reader” role assigned (the account does not require any licenses). The following roles are required:
- Reports reader
- Message Center reader
- Message Center Privacy reader
For more information on adding users, see Microsoft’s Office 365 documentation.
Once the user account is created, log into Microsoft’s Exchange Admin Center and add the new user to the “View-Only Organization Management” Exchange role.
Additionally, enter the username and password associated with the new account as properties on the Microsoft Office 365 resource you created within LogicMonitor. As discussed in the Assign Properties to Resource section of this support article, the properties that carry these values are office365.user and office365.pass.
LogicMonitor initiates remote PowerShell sessions to retrieve data from Office 365. There are two PowerShell modules that need to be installed on the Windows Collector host (or hosts if you are monitoring using an Auto-Balanced Collector Group or have a backup Collector) that is associated with your Office 365 resource in LogicMonitor:
- MSOnline PowerShell Module
Install-Module -Name MSOnline
- MSOnline SharePoint PowerShell Module
Install-Module -Name Microsoft.Online.SharePoint.PowerShell
Note: The PowerShell cmdlet Install-Module requires Windows Management Framework (WMF) 5.1.
Ensure that your Collector(s) can run PowerShell scripts by setting the execution policy to RemoteSigned on the Collector host(s):
Set Up Microsoft Graph API
LogicMonitor uses the reports API in Microsoft Graph to collect Office 365 usage data. For more information on Microsoft Graph, see Microsoft Graph documentation.
Follow these steps to register and authorize a new application to call the reports API:
- Log into the Azure portal using an administrator account.
- Navigate to Enterprise Applications under Azure Active Directory. Click + New Application.
- From the Add an application dialog, select “Application you’re developing”.
- From the App registrations dialog, click + New registration.
- Provide a meaningful name for the application.
- Leave all other settings as they are and click Register.
- On the Overview page for the new application, locate the following:
- Application (client) ID. Create a property on the LogicMonitor host named office365.clientid and enter this ID as the property value. (For more information on assigning properties, see the Assign Properties to Resource section of this support article.)
- Directory (tenant) ID. Create a property on the LogicMonitor host named office365.tenantid and enter this ID as the property value.
- Open the Open the Authentication page for the new application and perform the following steps:
- Click + Add a platform to allow access tokens for a web application.
- From the Configure platforms dialog that displays, select “Web”.
- On the following Configure Web dialog, enter your LogicMonitor portal URL as the redirect URI.
- Check the Access tokens option.
- Open the Certificates & secrets page for the new application and perform the following steps:
- Click + New client secret and provide a description.
- Immediately copy your new client secret value (you will not be able to view it again).
- Create a property on the LogicMonitor host named office365.clientsecret.pass and enter the client secret as the property value.
- Open the API permissions page for the new application and perform the following steps:
- Click + Add a permission.
- When the drawer from the right appears, select “Microsoft Graph” and then “Application Permissions”.
- Under the Reports heading, check the Reports.Read.All option.
- Click Grant admin consent for <domain>.
- When finished, two green checkmarks will display confirming that consent has been granted.
Assign Properties to Resource
The following custom properties must be set on the Microsoft Office 365 resource within LogicMonitor. For more information on setting properties, see Resource and Instance Properties.
Important: Because this is a cloud resource that relies heavily on the presence of properties for LogicModule association, care should be taken to set this property at the resource level only. Avoid setting these properties at the group or root level to ensure Microsoft Office 365 LogicModules aren’t incorrectly applied to other resources.
Note: If you’ve performed the setup requirements in the previous sections, several of these properties will already be present.
|office365.clientid||The “Application (client) ID” used for Microsoft Graph report retrieval from the reports API. See the Set Up Microsoft Graph API section for details on obtaining this ID.|
|office365.clientsecret.pass||The client secret used for Microsoft Graph report retrieval from the reports API. See the Set Up Microsoft Graph API section for details on obtaining this secret.|
|office365.tenantid||The “Directory (tenant) ID” used for Microsoft Graph report retrieval from the reports API. See the Set Up Microsoft Graph API section for details on obtaining this ID.|
|office365.tenantname||The tenant name used for Microsoft Graph report retrieval from the reports API (example: <customer name>.onmicrosoft.com)|
|office365.user||Username for the Office 365 admin account used to access Office 365 data (example: [email protected]<customer name>.onmicrosoft.com). See the Create Credentials for Office 365 section for details on creating this account.|
|office365.pass||Password for the Office 365 admin account used to access Office 365 data. See the Create Credentials for Office 365 section for details on creating this account.|
|office365.spoadminsite||The customer name portion of the URL of the SharePoint admin center. For example, if the SharePoint URL is “westbeachservices-admin.sharepoint.com”, the value of this property would be “westbeachservices”.|
From the LogicMonitor repository, import all Microsoft Office 365 LogicModules, which are listed in the LogicModules in Package section of this support article. If these LogicModules are already present, ensure you have the most recent version.
Once the LogicModules are imported (assuming all previous setup requirements have been met), the PropertySources will automatically detect the host and assign the appropriate values to the system.categories property. This, in turn, will automatically associate the DataSources (and ConfigSources if supported by your LogicMonitor account) and data monitoring will begin.
LogicModules in Package
LogicMonitor’s package for Microsoft Office 365 consists of the following LogicModules. For full coverage, please ensure that all of these LogicModules are imported into your LogicMonitor platform.
Note: The package includes ConfigSources (configuration file monitoring), which are only available to customers that are using the LM Config add-on feature. For more information on ConfigSources, see Creating ConfigSources.
|addCategory_Office365||PropertySource||Identifies if the Office 365 host is configured for Office365 monitoring and, if it is, adds the value of “Office365” to the system.categories property.|
|addCategory_Office365Reports||PropertySource||Identifies if the Office 365 host is configured properly to retrieve Graph reports and, if it is, adds the value of “Office365Reports” to the system.categories property.|
|Initially created to monitor Exchange Online mailbox statistics, this DataSource was removed from the Office 365 monitoring package in April 2020 due to timeout issues stemming from slow Microsoft PowerShell module performance. We are currently researching alternative approaches to retrieving the metrics.|
|Microsoft Teams: Device Usage||DataSource||Monitors the last seven days of Microsoft Teams device usage by number of users.|
|Microsoft Teams: User Activity||DataSource||Monitors the last seven days of Microsoft Teams activity.|
|Office 365 License||DataSource||Monitors Office 365 license usage.|
|OneDrive: File Counts||DataSource||Monitors OneDrive total and active files, as well as the time since the report was last updated.|
|OneDrive: Storage Used||DataSource||Monitors OneDrive total storage used.|
|Initially created to monitor OneDrive user activity metrics, this DataSource was removed from the Office 365 monitoring package in May 2020 due to excessive instance creation.|
|Outlook: Email Activity||DataSource||Monitors Outlook total and rate counts for read, received and sent emails.|
|Services: User Activity||DataSource||Monitors individual Office365 services and their associated user activity.|
|SharePoint Online: Site Status||DataSource||Monitors the overall status of the SharePoint site.|
|SharePoint Online: Site Usage||DataSource||Monitors SharePoint site usage metrics such as page views, file count, file usage, storage, etc.|
|Initially created to monitor Skype for Business user activity metrics, this DataSource was removed from the Office 365 monitoring package in May 2020 due to excessive instance creation.|
|Initially created to monitor individual Office 365 services and their associated user activity, this DataSource was removed from the Office 365 monitoring package in May 2020 due to excessive instance creation.|
|Yammer: Device Usage||DataSource||Monitors Yammer usage by device type.|
|SharePoint Online: Tenant Config||ConfigSource||Captures SharePoint Online organization-level tenant config.|
|Exchange Online: Groups||ConfigSource||Monitors the config group objects. Returns security groups, mail-enabled security groups, distribution groups, and role groups.|
|Exchange Online: Mailboxes||ConfigSource||Monitors the Exchange mailbox configs.|
|Exchange Online: Management Roles||ConfigSource||Monitors the Exchange management role objects in your organization.|
|Exchange Online: Mobile Device Mailbox Policy||ConfigSource||Monitors Exchange mobile device mailbox policy config.|
|Exchange Online: Mobile Devices||ConfigSource||Monitors Exchange mobile device config for identification, configuration, and status information for each mobile device.|
|Exchange Online: Organization||ConfigSource||Monitors Exchange organization config.|
|Exchange Online: OWA Mailbox Policy||ConfigSource||Monitors Exchange Outlook on the web mailbox policies in the organization.|
|Exchange Online: Transport Config||ConfigSource||Monitors Exchange organization-wide transport configuration settings.|
|Initially created to monitor Exchange users in your organization, this ConfigSource was removed from the Office 365 monitoring package in June 2020 due to excessive instance creation.|
When setting static datapoint thresholds on the various metrics tracked by this package’s DataSources, LogicMonitor follows the technology owner’s best practice KPI recommendations. If necessary, we encourage you to adjust these predefined thresholds to meet the unique needs of your environment. For more information on tuning datapoint thresholds, see Tuning Static Thresholds for Datapoints.
Example Use Cases
Next, we’ve highlighted a sample dashboard and some sample monitoring scenarios that could be accomplished with the Office 365 LogicModule package.
Granular Monitoring of SharePoint
The SharePoint DataSources will monitor multiple SharePoint site instances usage, traffic, storage, and file count, providing granular flexibility when monitoring SharePoint. With the information gleaned, you can decide whether to delete or combine sites that don’t get a lot of traffic but use up a considerable amount of storage.
Service Availability Monitoring
Track the availability of certain services including Exchange sign in, voice mail, email, calendar, Microsoft portal, and billing page. Along with service availability monitoring, the
Office365_Reports_ServicesUserActivity DataSource provides the total number of users that are utilizing the applications. The pairing of this information can be useful when prioritizing issues.
Office365_Account_License DataSource alerts users when licenses are about to expire and also counts the surplus licenses available at any given time. When combined with our forecasting feature, this DataSource can help license capacity planning by indicating when it’s time to increase your license allocation. In the same spirit, the OneDrive DataSources, which track file counts and storage usage, can also provide essential capacity planning information.
Using user activity historical data collected across multiple services, such as call volume, meeting attendance, message counts, and so on, you can look into repurposing the licenses of the least active users if you are running low on licenses, or you might find that some licensed users are not in the organization anymore.
There is also device usage breakdown, allowing you to track which devices (Windows, Macs, iPhones, Androids) are most popular within your organization. This data can be useful when testing internal applications to prioritize testing on those operating systems that are most heavily used within the organization.
Monitoring Exchange Configurations
With the slew of Exchange ConfigSources, you can closely monitor all Exchange activity happening in your environment, from the addition of new users to changes made to Exchange organization config files. This insight can alert you to any suspicious activity.
In this Article: