LogicMonitor to Elastic

danN · August 25, 2025, 7:59pm

Hello, I am currently working on sending alert data from our LogicMonitor tenant to Elastic but i’m running into a few issues that I could use help with. To start, I selected the “Custom HTTP Endpoint Logs” integration option in Elastic, created an integration policy and installed an agent onto my computer for testing. I then went to the “Connection Details” in the upper right hand corner when this integration is selected and grabbed the link for the “Elasticsearch endpoint”.

I put all of that information into LogicMonitors custom HTTP integration and have it set to send a POST but I keep getting back a 405 error message from Elastic which says “"error": "Incorrect HTTP method for uri [/] and method [POST], allowed: [GET, DELETE, HEAD]",
"status": 405”. Even though on the front page of the customer http endpoint integration says it only accepts POST. I did change it to a GET but then the payloads empty from LM when I do so and I nor the AI assistant can find any alert data under the discover tab.

What am I missing?

leandrojmp · August 25, 2025, 8:38pm

Not sure what LogicMonitor is, but what is the endpoint that you are sending data to the agent?

Can you share how the configuration of the integration looks like? It is not clear what you configured or not.

If the agent is running on your computer, than you need to send the data to your computer, on the port that the agent is listening.

danN · August 25, 2025, 8:50pm

LM is a monitoring tool we are already in, here is a snippet from the integration there. It has to have a URL to send the HTTP request to.

The URL in the above screenshot was the “Elasticsearch endpoint” connection details I saw in elastic, so I figured that would be the URL used to send the alert data to the agent. Otherwise I dont know how else to route it to that agent.

leandrojmp · August 25, 2025, 9:18pm

No, this is wrong.

You need to send the data to the Elastic Agent, so you will need to expose your Elastic Agent host and port to the internet in some way to receive data from LogicMonitor.

It will be something like this:

LogicMonitor > Elastic Agent with Custom HTTP Endpoint Integration > Elasticsearch.

Elastic Agent is a data collector to receive data and send it to Elasticsearch.

danN · August 25, 2025, 9:20pm

Is there anyway to ingest data without the agent? We’re hoping to go agentless and use an API query eventually. We just werent sure which query would be the best to use. Also, thank you for the assistance, it’s appreciated

leandrojmp · August 26, 2025, 12:50pm

Does LogicMonitor has any native integration to Elasticsearch? Like, can it send the data in the format Elasticsearch expects? If it does not have any native way to send data to Elasticsearch, then you need an Agent to receive the data and format it in the way Elasticsearch is expecting.

Topic		Replies	Views
Sending logs to elastic search from outside Elasticsearch	4	673	November 29, 2017
No results There were no results because no indices were found that match your selected time span Elasticsearch	1	443	July 6, 2017
Post data to Elasticsearch best parctice Elasticsearch	3	651	July 5, 2017
How to send event to other elasticsearch Logstash	3	286	May 15, 2018
Elastic Search Cluster Monitoring with HTTP Port disabled Elasticsearch	2	372	July 6, 2017

LogicMonitor to Elastic

Related topics