Campaign: Feature Requests

Better SSL certificate workflow/UI/UX

The current SSL certificate installation procedure is (IMHO) unnecessarily complex, since 90 % of the work needs to be done manually outside vRLI using weird command line instructions. It's like if the first instruction after buying an IKEA shelf would be "hey, go out and buy some screws and make your own wooden plugs". I think the procedure should be more like in NSX, where the product web UI can be used to create ...more »

Submitted by (@anders.o)

Voting

3 votes

Campaign: Feature Requests

Role to manage Agent configuration

As of today, in order to manage Agent configuration the user needs to have "Super Admin" role which has very wide scope including the ability to manage access control.

 

We should be able to delegate Agent Configuration to some "power users" without giving them the ability to alter Access Control.

 

An "Agent Admin" role would great in that objective.

 

Thanks.

Laurent.

Submitted by (@lolichet)

Voting

2 votes

Campaign: Feature Requests

PCI-DSS - logs/data Integrity

PCI-DSS 10.5.5 requires logs integrity mechanism. That would be great to have some kind of hashing for log entries/buckets, or any other way to check integrity. Also that should be possible to generate alerts on an attempt to tamper stored logs. 10.5 Secure audit trails so they cannot be altered 10.5.5 Use file-integrity monitoring or change-detection software on logs to ensure that existing log data cannot be changed ...more »

Submitted by (@maksym.bashkirov)

Voting

3 votes

Campaign: Feature Requests

Feature based rights and permissions

As a vRLI Administrator, I would like to have control over which users have access to which vRLI features because I want to revoke the ability for a user to perform an export of the data.

Submitted by (@dsaojose)

Voting

6 votes

Campaign: Feature Requests

Security, Compliance, and RBAC

Organizations with PHI/PCI or other regulatory compliance requirements may need to allow a person to Administer a LogInsight Server or Agents but not allow them to view logs collected by the agents or retained by the server.

Submitted by (@mark.dollar)

Voting

2 votes

Campaign: Feature Requests

Configure ESXi syslog over SSL/TLS by default

When configuring ESXi hosts to send messages via syslog, the ESXi hosts need to be configured to trust the public key of the Log Insight server. Today this needs to be done by hand. Manipulating the ESXi host's CA trust store is done via "esxcli system security certificatestore", and esxcli is already used to read and manipulate the ESXi host's syslog configuration itself. Log Insight should support automatically pushing ...more »

Submitted by (@alancastonguay)

Voting

1 vote

Campaign: Feature Requests

Forwarding Security Only Events

I'd like to setup Security Event Forwarding of anything in the ESXi Security logs (or any other Security-related logs in ESXi and vCenter) but I don't know the complete list of eventIDs or eventTypes to configure in my fowarder. It would be nice if LogInsight had an option in the Forward Events setup to check boxes for the different "known categories" (meaning, the categories VMware specifies that exist in the SysLog ...more »

Submitted by (@osburnm)

Voting

1 vote

Campaign: Administration of Log Insight

Show log insight logs in log insight

Allow log insight to analyze internal (linux and application) logs in the same instance. Currently it is not supported to redirect log insight logs to itself.

Submitted by (@tomas.baublys)

Voting

15 votes

Campaign: Administration of Log Insight

Active user list in administration view and log

Customer would like to see the list of users logged in currently and the log of user log-ins and past activities. This may be required as auditing feature (who looked at the logs, changed config and so on).

Submitted by (@tomas.baublys)

Voting

13 votes