General Log Insight Q&A

Bug - Content pack loading after uninstall

Hi

 

After uninstalling a content pack. Log Insight still tries to access the last used content pack, which in this case has been uninstalled. This results in Log Insight loading "forever" - Atleast i did not see it timeout.

 

Workaround close all browsers and log in again.

Submitted by (@michaelryom)
Add your comment

Voting

1 vote

Feature Requests

Should be able to delete content from Content Packs section

When you go to look at stuff in My Content or Shared Content in the Content Packs view of Log Insight, you can't delete any content you don't want from there. You have to first open up the dashboard, query, extracted field, etc. in either the Dashboards or Interactive Analytics view. This feels like an unnecessary step. You should probably be allowed to delete things directly from the Content Packs view.

Submitted by (@mfriedri)
Add your comment

Voting

3 votes

Feature Requests

Additional time ranges

Currently there are only some few time ranges possible: 5 minutes, 1h, 1d, 2d and custom. With custom only possible to define a fixed range. It would be nice to have a greater range of options. I love how Graylog is managing that. You can, for instance, define "Since Midnight" and then getting all message... well you guest it... since midnight. Or "Last Week", Today, Last Month ... you get it. For starting it would be ...more »

Submitted by (@rockaut)
1 comment

Voting

1 vote

Feature Requests

Improvement to query lists

Query lists can get quite large with dozens or hundreds of items inside. Allow the user to sort the query list by result. E.g. if a query returns "Has Results" show them on top. This makes it easier to focus on the relevant results. In addition the title bar of a query list shall display the amount of queries. Once the user has executed them (green play button), also display the amount of queries with "Has Results". ...more »

Submitted by (@v9bvohzrgzdeogn5)
2 comments

Voting

3 votes

Feature Requests

Math factor - for values

I was working on making a presentation of different values, and it struck me that it was exposing a lot of different values. One Place i got a Count, and another Place i had MB while on the NeXT one there was bytes. In making comparative Dashboards there should be the ability to use a Math factor for either multiplying or dividing the number you have, so you can alter the exposed value to the desired resultset.

Submitted by (@ronny.berntzen)
1 comment

Voting

4 votes

Content Packs

VMware vSphere - More FDM (HA) details

Hello,

 

most HA information's are at the moment focused on VM HA Events. But the FDM Log analysis fur all the hist states is also very interesting.

 

I created some examples for the enhancement.

Submitted by (@markus.kraus)
Add your comment

Voting

3 votes

Feature Requests

Promoting user content

We have some users that want to build dashboards for our entire team to consume but we don't want to give them (or their group) privileges to create arbitrary content. It would be nice if there was a feature that allowed you to promote content created by users to be shared by everyone.

Submitted by (@mfriedri)
Add your comment

Voting

6 votes

Content Packs

Geomap for NSX Fireall Dashboard

It would be really nice to have Geographic pinning similar to a lot of firewall tools & SIEM system where each outgoing IP address are pinned to a global map to have overview of where the traffics are going.

Submitted by (@jtsai.cp)
Add your comment

Voting

1 vote

Feature Requests

Execute persisted query via API

Queries can be defined in the Log Insight UI in many places, such as Dashboards or Saved Queries or Alerts or even the Share shorturl. It is difficult to translate these queries to the format necessary for the Query API.

 

Provide an API to execute a pre-existing UI-authored Query by its persistent name/id.

Submitted by (@acastonguayvmware.com1)
Add your comment

Voting

3 votes

Feature Requests

Embed dashboards in external tools

Expose dashboards widgets as sharable, reusable constructs that can be embedded in external tools -- either static images, iframes or embedded javascript.

 

Could be used when constructing a custom portal or when emailing a dashboard snapshot.

Submitted by (@acastonguayvmware.com1)
3 comments

Voting

12 votes

Feature Requests

Execute named query (dashboards, saved search, etc) via query API

Log Insight's Query API allows the expression of an arbitrary query directly. But Log Insight's UI also allows authorship of queries -- alerts, dashboards, saved queries and even share urls all fundamentally refer to a query Log Insight knows about.

 

Expose a query API endpoint which performs a query based on the name/id of a specific saved construct, without the API client needing to recreate the underlying query.

Submitted by (@acastonguayvmware.com1)
Add your comment

Voting

3 votes

Feature Requests

Provide SI units for the data parsed from logs

We need to have a feature where we can assign SI units to the numeric values parsed using the logs by writing a filter.

 

Say I am retrieving logs to parse the time taken or memory consumed in the logs. We should have capabilities to add SI units like sec, minutes, Bytes, KB etc.

Submitted by (@kjayantha)
Add your comment

Voting

4 votes