Campaign: General Log Insight Q&A

Support german language for content packs

I would appreciate support for the content packs for german language, e.g. for german vCenter systems or german Windows-systems.

 

Currently my Windows machines (even Active Directory) are [sadly] running with german language and it's not that easy so switch the system language on Domaincontrollers afterwards.

Submitted by

Type : Enhancement

Voting

6 votes

Campaign: General Log Insight Q&A

Event Fields Not Showing Custom Field

When creating a custom extracted field for Windows Security logs, the field correctly highlights the string of text I need, but does not appear on the list of event fields that I can use for creating dashboards etc for my query. This has happened several times for different scenarios and appears to be related to including the new line property (\n). Custom fields that I created without the new line property appear in ...more »

Submitted by

Type : Bug

Voting

4 votes

Campaign: General Log Insight Q&A

General Log Insight recommendations/comments

As a VMware partner and consultant in the cloud and everything-VMware-space, I have been using this tool for a while now, and am extremely excited to see that, with v3.3, anyone with a vCenter license can use this tool. I think this opens up tons of possibilities and will hopefully generate a big uptick in adoption, which will hopefully drive more development, content packs, and more use cases. Here are some thoughts ...more »

Submitted by

Type : Enhancement

Voting

3 votes

Campaign: General Log Insight Q&A

Lookup field value

We have syslogs in LI with key-value pairs, and we'd like to show "lookup" values in LI dashboards. For example:

 

...bytes_in=100 protocol=6 ... or bytes_in=200 protocol=17...

 

We'd like to display protocols as TCP for 6 and UDP for 17 (and so on). Is there a way to do this in LI?

Submitted by

Type : Question

Voting

3 votes

Campaign: General Log Insight Q&A

Custom field

Hello,

 

Im trying to create a custom field for the following text:

 

 

 

Remote Desktop Services: User authentication succeeded:

 

User: NAME

Domain: itctest

Source Network Address: IP

 

the user can sometimes be empty

 

i have created the field username

 

custom regex: \S*

Context:

User:

\n

 

How i see in the events that it highlights everything correctly but when i save the custom field i dont see it in my fields pane..

Submitted by

Type : Question

Voting

2 votes

Campaign: General Log Insight Q&A

vcenter vpxd logs

Hi, I am searching through the logs in interactive analysis looking for a specific message that appears in a vpxd-822.log file for vcenter 5.5 installed on Windows. The entry I am looking for is: 2015-11-18T06:50:38.756Z [07920 info 'vpxdvpxdInvtHostCnx' opID=SWI-43915657] [VpxdIntHost] Missed 2 heartbeats for host myhostname. My Log Insight version is Version 3.0.0-3021606 Question: are the vpxd logs from vcenter ...more »

Submitted by

Type : Question

Voting

2 votes

Campaign: General Log Insight Q&A

Fail to add IPv6 Virtual IP

I've deployed a IPv6-only 3.3.1 loginsight, and wanted to add a virtual IP. The DNS-registration is correct from FQDN to IP-address that I try to add (and the reverse). I've also checked via shell access on the loginsight vapp.

 

There is only one vapp in the cluster, but I guess that is not relevant.

Submitted by

Type : Bug

Voting

2 votes

Campaign: General Log Insight Q&A

Trend - misleading icon

Hi

 

Please see the attached screendump. The trend chart is showing a downwards trend. When I hover the mouse over the icon it shows that there is not difference in past and present trend/the trend is so small that there is little to no difference in the trend.

 

This is misleading in the sense that the trend is almost non existing

Submitted by

Type : Bug

Voting

2 votes

Campaign: General Log Insight Q&A

Import data from SQL/Oracle (etc.)

Hi

 

Do we have a way to import data from SQL/Oracle (From tabels in DB)? Got a customer who needs this - Large Telco

Submitted by

Type : Question

Voting

2 votes

Campaign: General Log Insight Q&A

Event Forwarding Filter

Hi, Is it possible to create custom filters for event forwarding. We would like to use IP Address or possibly other variables?

 

Thanks

Submitted by

Type : Question

Voting

1 vote

Campaign: General Log Insight Q&A

What agent do you use on Linux?

Would be really interested to know which agent you use on Linux servers, as I am in a debate with security team regarding whether to use the LI agent or the syslog daemon on the redhat servers. In my mind the main pros for each are:- Syslog daemon - multiple destinations (this may become a requirement) - nothing to maintain outside of base OS, i.e not 3rd party software Log Insight - cfapi support - centralised configuration ...more »

Submitted by

Type : Question

Voting

1 vote

Campaign: General Log Insight Q&A

Error configuring LI integration in vRO 7.0.1

Not sure if this belongs here, but wanted to post it for the LI folks' eyes before declaring it a bug. Basically, when trying to configure LI integration from vRO 7.0.1 via the Control Center, we get an "HTTP Status 500 - Failed to edit Log Insight Agent configuration file!" error message. Logs aren't particularly helpful and mention this message in /var/log/messages. It seems to happen regardless of the auth type (vRA ...more »

Submitted by

Type : Bug

Voting

1 vote