Showing 33 ideas for tag "agent"
(@mfriedri) kudos icon +

Feature Requests

Enhance logging of Log Insight agent for parsing errors

I was trying to set up a content pack that included a csv parser in the agent configuration that was being pushed out. Because the actual log files contained extra fields that weren't defined in the parser, no fields were getting tagged appropriately. I was able to find this out and fix it eventually, but the Log Insight agent log didn't give any indication that this was happening. It would have reduced my troubleshooting... more »
(@mguttikonda) kudos icon +

Feature Requests

Agent should be able to monitor log files rotated to different directory

As agent does not look for recursive directories in a directory for monitoring archived files, there is a chance that logs are lost during file rotation.

How should we handle if the rotated file is moved to different folder in the same directory?

In our environment, the log file is rotated and moved to a new folder(Archive) in the same logs folder. So, in this case how can we ensure that the logs are not lost during... more »
(@joseph) kudos icon +

Feature Requests

Log Insight Agent - send logs to multiple different destinations

Initial use-case: Our team supports the Operating System, while the Application Team supports their application. The Application Team already has their own Log Insight cluster setup to collect their application logs with the LI Agent. Because of this, we are unable to use the LI Agent to collect the Operating System logs. Ideally we would like to be able to send OS logs to our LI, and application logs to their LI.

Forwarding... more »
(@oleksandr.karimovwiseit.com.ua2) kudos icon +

Content Packs

Veeam B&R Content Pack Agent configuration incomplete

Veeam has issued a content pack for their popular product Veeam Backup & Replication with several dashboards and field extractions.

Still, Agent has no configuration and does not collect Veeam events.

 

Simple as it is, it could be useful to have Agent configuration ready here:

 

[winlog|Veeam_Backup]

channel=Veeam Backup

 

Yes, that's it :)

 

Should I really attach it as a separate content pack here?

(@hywelburris) kudos icon +

General Log Insight Q&A

What agent do you use on Linux?

Would be really interested to know which agent you use on Linux servers, as I am in a debate with security team regarding whether to use the LI agent or the syslog daemon on the redhat servers. In my mind the main pros for each are:-

Syslog daemon
- multiple destinations (this may become a requirement)
- nothing to maintain outside of base OS, i.e not 3rd party software

Log Insight
- cfapi support
- centralised configuration... more »
(@steveflvmware.com2) kudos icon +

Feature Requests

LI Agent to collect Microsoft Event Viewer in XML format

Microsoft (until recently) has not natively supported syslog. Event viewer's native format is XML. While the LI agent can collect event viewer logs, it formats them in a proprietary way. It would be ideal to collect in a standard format so when forwarding such events to a third party syslog destination (e.g. SIEM) the third party could properly parse it (without a custom parser). XML is that standard for Microsoft.... more »
(@acastonguayvmware.com) kudos icon +

Feature Requests

YUM and APT repositories for Agent Packages

There should be a YUM and APT repository serving the Log Insight Agent.

The repository should be hosted on vmware.com somewhere (e.g., https://packages.vmware.com/tools/esx/latest/index.html alongside VMware Tools) and on the Log Insight Server. An administrator or configuration management tool should be able to add this repository to the OS's native package management.

Provide documentation for running `rpm --import`... more »