Feature Requests

Ability to inject data from an external source (DB,etc) in to log streams

I've repeatedly seen a requirement to enrich log event streams within vRLI using field injection of data sourced from external data providers (fetched from database or through REST API calls). To-date the only way to accomplish this is to use another 3rd party product to do the field-injection and/or field-replacement prior to ingestion by vRLI. To-date, we need to implement syslog-ng on an intermediary system, leveraging the syslog protocol, to accomplish this. If we could offer this enrichment with the vRLI product natively, we could greatly simplify our solutions for enrichment use cases.

 

These log streams may originate from either syslog and log file sources. Ideally, this enrichment could be at the time of ingestion OR after ingestion (hours or days later).

Last Edited by Mark Jusko

Tags

Voting

2 votes
Idea No. 541