When you create a chart as a count of events over time grouped by event type, the output of the chart has a legend that lists the event_type which is typically a letter and number combo. Ex v2_4d8019f which translates into Lost connectivity to storage device I think that it would be more informative if you could choose to display the actual message "Lost connectivity to storage device" rather than "v2_4d8019f" in the ...more »
Once you have log data flowing in, what would help you explore, query, slice or process that data to drive insight?
Currently, the Log Insight virtual appliance is set to UTC time, but when querying logs through the HTML 5 interface the logs are always shown in the local time of the browser. This issue becomes for environments where all monitoring devices are set to UTC and the browser accessing Log Insight is not in UTC. In this case, the Log Insight monitoring tool will be out of sync with the other monitoring tools in the environment ...more »
Allow user-specified # of lines to display on screen (rather than forcing 50 as a limit).
Maximize effectiveness of displayed data: Allow to adjust column width in field table view