Extend vR Ops to integration beyond notification and launch in context: deliver metrics (i.e. number of events, number of error / warning events, number of tasks, kernel warnings, VOB events) to vROps and match it to existing vROps objects (vCenter, hosts, VMs).
Allow for the reception and logging to SNMP traps; also allow for sending SNMP traps as alerts. All configuration should be in the UI.
Many applications log some sort of heartbeat data, or are otherwise expectedly chatty. It would be nice to be able to alert on a query returning less than an expected result over time. If a host or other device suddenly goes silent, having the ability to be notified about it would be very useful.
Today the webhooks alerting option sends an unauthenticated web POST to a URL. Enabling an authenticated post would open up the possibility to integrate directly with vRealize Orchestration (vRO), which can accept only authenticated posts.
Several customers can not view HTML emails on PCs or mobile phones for security reasons.
They request a text format email option.
At the moment WebHooks are very Static regarding output format.
That is a problem if you have a monitoring Solution that is also very static by receiving WebHooks:
PRTG Only excepts this syntax
https://fqnd:5050/loginsight?content=XML String with fixed Syntax
Is there a way to integrate a WebHook Syntax Builder?
E.g. the Alers "*** CRITICAL *** vRA license has expired!" only searches for License Expired in all log swithout any containment of application or something like that.
This results a lot of false positive!
Currently log-insight does not have an option to raise and alert when it matches exact number of event in the query. This is especially required when i try to search for an unique error and want to send and email when it logs and the count =1
Some alerts should be only active during certain times:
for example admin log in should not be alerted during working hours, but is worth alerting in the middle of the night. Same may apply to certain configuration changes (VM configuration changed outside normal working hours).
When you go to look at stuff in My Content or Shared Content in the Content Packs view of Log Insight, you can't delete any content you don't want from there. You have to first open up the dashboard, query, extracted field, etc. in either the Dashboards or Interactive Analytics view. This feels like an unnecessary step. You should probably be allowed to delete things directly from the Content Packs view.
It would be very very useful to be able to use fields in alert definition and fields to be populated based on their actual value when the alert triggers.
We are sending alerts to vROPS.
Let`s take an example:
I want to monitor when a vRO Workflow fails but I need to create an alert for each Workflow that runs into infrastructure in order to actual give some... more »
It should be possible for an alert to trigger an action such as generate log bundle (or run a script).... more »
Currently in email alert, the entire search query result is sent and it would be 10s of line in an matching event.
is it possible to highlight the match what exactly was queried?
For example: if we search for a string ERROR and setup a alert, entire event where "ERROR" string appears is sent as an email, in which i would want to highlight the queried string "ERROR' for easy identification in entire event
That would be great to be able to configure the default VIP under cluster/ILB configuration tab.