Join fellow LogicMonitor users at the Elevate Community Conference and get hands-on with our latest product innovations.

Register Now

Platform

Get real-time insights and automation for comprehensive, seamless monitoring with agentless architecture.

Platform Overview
Infrastructure Monitoring
Cloud Monitoring
Digital Experience
AIOPS

Solutions

Whether you work in MSP, Enterprise IT or somewhere in between, the solution is clear.

Solutions Overview
By Initiative
By Industry

Resources

Explore our blogs, guides, case studies, eBooks, and more actionable insights to enhance your IT monitoring and observability.

View Resources
Learn

About us

Get to know LogicMonitor and our team.

About us
Get to know us
Services

Documentation

Read through our documentation, check out our latest release notes, or submit a ticket to our world-class customer service team.

View Resources
Support
TRY IT FREE
ON DEMAND DEMO

Product Documentation

Reset Log Anomaly Detection

Last updated on 12 April, 2025

Regularly resetting the log anomaly profile in LM Logs ensures accurate anomaly detection by maintaining a relevant baseline. Without a reset, an anomaly is flagged only once and never again for that device, potentially missing new behaviors or significant log pattern changes.

Benefits of Anomaly Profile Reset

  • Detects new log behaviors and changes in both sandbox and production environments.
  • Validates pipeline alerts for anomalies or “never-before-seen” conditions.
  • Resets logs after a major outage to remove outdated anomalies.
  • Transitions smoothly from trial to production with a clean slate.
  • Maintains accuracy with user initiated periodic resets (monthly, quarterly, or annually).
  • Adapts to new applications, system changes, or infrastructure migrations.
  • Ensures compliance during audits by refreshing anomaly baselines to detect new threats.

Regular resets improve troubleshooting and keep anomaly detection relevant.

Best Practices for Resetting Log Anomalies

To keep anomaly detection accurate and relevant:

  • Perform a portal-wide reset at least once a year to reflect the latest system behaviors.
  • Temporarily disable “never before seen” alerts during resets to prevent unnecessary alert floods.
  • Reset at the resource or group level as needed for infrastructure changes, testing, or post-outage recovery.

A structured reset approach ensures meaningful insights, reduced alert fatigue, and accurate anomaly detection in evolving IT environments. 

Requirements

To reset the log anomaly profile, you must have Manage Resource permissions on the folder or root directory. This requirement applies to global, resource, and resource group resets. 

Note: If you don’t have the required permissions and try to reset log anomalies for a resource or resource group, the Reset Log Anomaly Detection option appears in the UI, but selecting it results in an error. For portal level resets, if you do not have permissions on the root directory, you will not see the reset anomaly option at all.

Resetting Log Anomalies Detection

You can reset log anomaly detection at the resource, resource group, or portal level in the LogicMonitor portal.

Reset at the resource level

  1. In the LogicMonitor portal, go to Resource Tree.
  2. Select the desired resource and select the Logs tab.
  3. Select the More menu (⋮), then select Reset anomaly detection.
    Log anomaly reset
  1. In the confirmation dialog box, select Reset anomaly detection.
    Log anomaly reset confirmation
    A success message appears confirming that log anomaly detection has been reset.
    log anomaly reset confirmation

Note: The reset runs within a few seconds. Anomalies typically appear within a minute.

Reset at the resource group level

  1. In the Resource Tree, select the desired resource group.
  2. Select the Logs tab, select the More menu (⋮), and select Reset log anomaly detection.
  3. In the confirmation dialog box, select Reset anomaly detection.
    reset log detection at group level
    A success message appears confirming that log anomaly detection has been reset.

Note: It may take up to a minute for the success message to appear and up to 15 minutes for anomalies to trigger. The timing depends on the number of resources in the group.

Reset at the portal level

  1. In the Resource Tree, select the root folder.
  2. Select the More menu (⋮), and select Reset log anomaly detection.
    log anomaly reset at root level
  3. In the confirmation dialog box, select Reset anomaly detection.
    reset log anomaly at root level confirmation
    A success message appears confirming that log anomaly detection has been reset.

Note: Portal-level resets take longer and vary based on the number of devices sending logs.

Anomaly Reset Limitations

You can run the anomaly reset function multiple times, but there are limits on how often you can use it within a 24-hour period:

  • Portal level: You can reset anomalies once every 24 hours. The reset interval begins when the reset is performed.
  • Resource or resource group level: You can reset anomalies up to three times within a 24-hour period. The reset interval begins after the third attempt.

If you try to reset anomalies during the reset interval, a message shows how much time remains.
For example, if you reset at 1:00 PM, the feature is unavailable until 1:00 PM the next day. If you try again at 1:30 PM, the following message appears:
Please try again after 23 hours and 30 minutes.

Note: Limits are set per portal, not per user.

In This Article

Get Started with LogicMonitor