Feature Requests

Let us know what will make Log Insight even better!  Add new ideas & vote on other feature ideas to let us know what's important to you.

Feature Requests

NSX CP - Edge Firewall action Field does not work

The Extracted Field in NCX CP Version 3.6 does not work with NSX 6.3.1. I have not tested other Versions of NSX or CP.

Submitted by (@markus.kraus)
Add your comment

Voting

1 vote

Feature Requests

Log Insights Alerting Add Fields

We use Log Insights to alert for Windows Event Log entries. It would be very helpful if we could select additional fields from the entries to include in the alerting.

Submitted by (@zentrout)
1 comment

Voting

3 votes

Feature Requests

vRO plug-in for Log Insight

It would be extremely helpful to have a vRO plug-in for vRLI that contains prebuilt workflows for common scenarios using the API.

Submitted by (@chipzoller)
2 comments

Voting

3 votes

Feature Requests

User Alerts Should Be Able to Be Added to Shared Content

In the Content Packs section for Log Insight, if you look at the Shared Content, there is a tab for Alerts, but you can't build any shared alerts. It would be really useful to be able to make user level alerts shared with everyone.

Submitted by (@mfriedri)
Add your comment

Voting

3 votes

Feature Requests

Should be able to delete content from Content Packs section

When you go to look at stuff in My Content or Shared Content in the Content Packs view of Log Insight, you can't delete any content you don't want from there. You have to first open up the dashboard, query, extracted field, etc. in either the Dashboards or Interactive Analytics view. This feels like an unnecessary step. You should probably be allowed to delete things directly from the Content Packs view.

Submitted by (@mfriedri)
Add your comment

Voting

3 votes

Feature Requests

Emailed Alerts

When an alert is triggered to send an email, the email has no contents that give details on the event.

 

For instance, we send syslog from Cisco routers and switches. We have an alert setup to show when a configuration change is made. The email shows "someone made a config change." It would be nice to include things that were in the log, username that made the change, the device/source, etc.

Submitted by (@mdrake)
2 comments

Voting

2 votes

Feature Requests

Additional time ranges

Currently there are only some few time ranges possible: 5 minutes, 1h, 1d, 2d and custom. With custom only possible to define a fixed range. It would be nice to have a greater range of options. I love how Graylog is managing that. You can, for instance, define "Since Midnight" and then getting all message... well you guest it... since midnight. Or "Last Week", Today, Last Month ... you get it. For starting it would be ...more »

Submitted by (@rockaut)
1 comment

Voting

1 vote

Feature Requests

high availability of data across workers

I'd looking for more than one copy of each unit of log data in order to survive the loss of individual node, similar to splunk. Maybe this takes the form of shipping closed Cassandra buckets (although that would not provide cover for recently ingested data).

 

Ideally, I could use this to provide support for loss of a worker within an AZ, or even the loss of an entire region.

Submitted by (@nthaler)
3 comments

Voting

3 votes

Feature Requests

NSX integration in vRLI to push logging configuration to all NSX components

Provide next-level integration with NSX. Enable an administrator of vRealize Log Insight to expedite a consistent logging configuration of all NSX components within an environment, similar to that exposed for vSphere.

Submitted by (@gfritz)
Add your comment

Voting

4 votes

Feature Requests

Host Groups

It would be very useful to be able to define host groups whether the client is an agent or a syslog devices to be used in queries or to even tag events which are from these groups. It's an overhead having to create forwarding rules to tag logs on forwarders as we don't give dashboard users access to forwarders it would be much simpler to allow them to create a group of hostnames and allow that group to be used in queries. ...more »

Submitted by (@hywelburris)
Add your comment

Voting

2 votes

Feature Requests

Better endpoint status

Things have improved over time and I have noted the previous feature request (http://loginsight.vmware.com/a/idea-v2/8395) however it is very difficult to manage the status of the endpoints for both agents and syslog hosts. This is important both from an operational and security point of view. Some features which would help a great deal are:- - Ability to purge the "host" page - Add last active (or last received ...more »

Submitted by (@hywelburris)
1 comment

Voting

2 votes

Feature Requests

Scheduling Export Chart Data

Log Insight only allows manuel export chart data to csv file. For example we need a VM names for a specific vCenter Alert rule past week. Also, we need counts of that alert by VM name. We can get with query that and also export chart to csv file. But scheduling that operation on weekly bases would be really nice.

Submitted by (@mcan06)
2 comments

Voting

0 votes