I have Log Insight version 4.3 installed, and I would like the capability of limiting who can schedule a query or search. I know there isn't a capability in Log Insight for this feature (yet). I know that version 2.0 introduced an alert.log file. I have a script that stays in memory. The script reads the alert.log file. If a new line is found, then the script will parse the current line and send data (syslog or snmp) to another host. The alert.log file doesn't log the "owner" of the User Alert. Is it possible to adjust a configuration file to LOG the "Owner" of the User Alert?
Idea No. 545