Campaign: Collection

Blacklisting/Discarding Events

From time to time there are occasions where i really would hope that blacklisting/discarding events is implemented in vRLI. For an example we currently are flooded with log entries from our 5.5 ESXi hosts which are coming from an "BUG" which is to be fixed in a patch without ETA. But there would be countless other examples too. I'm aware that there are possibilities to achieve that. One is with agents but for ESXi that ...more »

Submitted by (@rockaut)

Voting

3 votes

Campaign: Feature Requests

Native support for AWS CloudTrail

AWS CloudTrail is a web service that records API calls made during AWS infrastructure provisioning, including time of the call and identify of the caller.

 

Log Insight should natively consume events from AWS LogTrail, such as via the CloudTrail Processing Library consuming from an AWS SQS queue. Should not require running external services and should be enabled similarly to vSphere Integration.

Submitted by (@alancastonguay)

Voting

4 votes

Campaign: Feature Requests

Agent - Journalctl Integration

As more Linux operating systems move to journalctl it will become necessary that the Log Insight Agent can interact with journalctl to grab requested logs since it does not use typical file based storage.

Submitted by (@calebs71)

Voting

10 votes

Campaign: Feature Requests

Log Insight to properly handle Microsoft DNS debug text log

Within our environment our security team would like to enable a subset of the DNS debug log and use Log Insight to ingest it. This would allow us to capture requests to our internal space incorrectly leaving to internet resolvers, for instance. And that works well. By enabling Log Insight we would be able to keep the text debug log itself small. However this type of 'debug' log does not roll over to a newly named file ...more »

Submitted by (@c.ferreira)

Voting

2 votes

Campaign: Administration of Log Insight

Show log insight logs in log insight

Allow log insight to analyze internal (linux and application) logs in the same instance. Currently it is not supported to redirect log insight logs to itself.

Submitted by (@tomas.baublys)

Voting

15 votes

Campaign: Feature Requests

Drop specific incoming messages

An administrator may deem some messages undesirable, either specific logs produced by a source or a whole source. Such messages may result in CPU/disk resources being expended unnecessarily. Undesired log messages may result in Log Insight's data store being rotated more quickly than desired. In terms of licensing, one may wish to drop log messages from unlicensed sources, restricting sources from which log messages are ...more »

Submitted by (@alancastonguay)

Voting

34 votes