About the LogicMonitor Collector

The Collector is an application that runs on a server within your infrastructure and uses standard monitoring protocols to intelligently monitor devices within your infrastructure.  You should install a Collector in each location of your infrastructure - one collector can typically monitor hundreds of devices, however, this capacity depends on how many metrics are being monitored for each device, as well as the available resources of the server on which the Collector is installed.


How does the Collector know what to monitor for the devices in my environment?

When you add a device in your LogicMonitor account, an Auto Properties step applies built-in intelligence to recognize what kind of device it is. Based on the information discovered about the device, LogicMonitor datasources are applied and act as templates that that tell the Collector how to monitor the device, including what metrics to collect, what graphs to display, and what values indicate issues that needs attention.

LogicMonitor has hundreds of DataSources that are pre-configured and will automatically apply when you add devices into your account.


Where does LogicMonitor store the data gathered by my Collector?

All of the data from your Collectors is consolidated in a LogicMonitor datacenter, and this data is accessible in your LogicMonitor portal anywhere with an internet connection. This necessitates that the server your collector is installed on can make an outgoing https connection to LogicMonitor's data centers (note, however, that Collectors can be installed on proxy servers).


What ports will the Collector use?

The collector uses the following ports on the server on which it is installed:




443 TCP Https connection (using TLS) to the LogicMonitor datacenter
7211 TCP Watchdog service (sbwinproxy.exe)
7212 TCP Collector Service (java.exe)
7213 TCP Watchdog service (java.exe)
7214 TCP Collector Service (java.exe)
31000 TCP Collector service (java.exe) establishes connection with wrapper.exe
31001+ TCP Watchdog service (java.exe) establishes connection with wrapper.exe

Collector Security

The LogicMonitor Collector has been carefully designed and developed with high-security in mind. All communications made by the Collector are outbound: either within your LAN to the devices it's been assigned to monitor, or out to the LogicMonitor platform. All sensitive device data handled by the Collector is always stored in-memory and never written to disk.

Communication between the Collector and the LogicMonitor platform is initiated only by the Collector, as outgoing HTTPS connections are typically in accordance with our customers’ existing firewall security policies. The Collector uses trusted certificates to prevent any possible man-in-the-middle attack between itself and the LogicMonitor platform. Each Collector authenticates itself to the LogicMonitor platform via a strong credential which undergoes regular rotation.

To ensure the security of your LogicMonitor account, Collectors should be installed on secured systems and networks to prevent unauthorized access. At minimum, we recommend applying baseline security hardening on all Collector systems:

  • use strong passwords for administrative accounts
  • change default passwords as applicable
  • disable guest accounts and unnecessary network services
  • keep up with vendor-provided security patches
  • ensure the network on which it is installed isn't directly accessible from the public internet