LogicMonitor to Elastic

danN · August 25, 2025, 7:59pm

Hello, I am currently working on sending alert data from our LogicMonitor tenant to Elastic but i’m running into a few issues that I could use help with. To start, I selected the “Custom HTTP Endpoint Logs” integration option in Elastic, created an integration policy and installed an agent onto my computer for testing. I then went to the “Connection Details” in the upper right hand corner when this integration is selected and grabbed the link for the “Elasticsearch endpoint”.

I put all of that information into LogicMonitors custom HTTP integration and have it set to send a POST but I keep getting back a 405 error message from Elastic which says “"error": "Incorrect HTTP method for uri [/] and method [POST], allowed: [GET, DELETE, HEAD]",
"status": 405”. Even though on the front page of the customer http endpoint integration says it only accepts POST. I did change it to a GET but then the payloads empty from LM when I do so and I nor the AI assistant can find any alert data under the discover tab.

What am I missing?

leandrojmp · August 25, 2025, 8:38pm

Not sure what LogicMonitor is, but what is the endpoint that you are sending data to the agent?

Can you share how the configuration of the integration looks like? It is not clear what you configured or not.

If the agent is running on your computer, than you need to send the data to your computer, on the port that the agent is listening.

danN · August 25, 2025, 8:50pm

LM is a monitoring tool we are already in, here is a snippet from the integration there. It has to have a URL to send the HTTP request to.

The URL in the above screenshot was the “Elasticsearch endpoint” connection details I saw in elastic, so I figured that would be the URL used to send the alert data to the agent. Otherwise I dont know how else to route it to that agent.

leandrojmp · August 25, 2025, 9:18pm

No, this is wrong.

You need to send the data to the Elastic Agent, so you will need to expose your Elastic Agent host and port to the internet in some way to receive data from LogicMonitor.

It will be something like this:

LogicMonitor > Elastic Agent with Custom HTTP Endpoint Integration > Elasticsearch.

Elastic Agent is a data collector to receive data and send it to Elasticsearch.

danN · August 25, 2025, 9:20pm

Is there anyway to ingest data without the agent? We’re hoping to go agentless and use an API query eventually. We just werent sure which query would be the best to use. Also, thank you for the assistance, it’s appreciated

leandrojmp · August 26, 2025, 12:50pm

Does LogicMonitor has any native integration to Elasticsearch? Like, can it send the data in the format Elasticsearch expects? If it does not have any native way to send data to Elasticsearch, then you need an Agent to receive the data and format it in the way Elasticsearch is expecting.

Topic		Replies	Views
Configure Elasticsearch monitoring integration 8.9.0 Elastic Agent elastic-stack-monitoring , integrations	1	267	September 18, 2023
Endpoint Security without using Fleet Endpoint Security fleet	10	2307	November 1, 2021
What is Elastic agent? Elastic Agent	7	830	November 24, 2022
How to send F5 telemetray data to Elesctic Cloud Elasticsearch	3	268	April 17, 2024
Sending logs to elastic search from outside Elasticsearch	4	670	November 29, 2017

LogicMonitor to Elastic

Related topics