Allow log insight to analyze internal (linux and application) logs in the same instance. Currently it is not supported to redirect log insight logs to itself.
Customer would like to see the list of users logged in currently and the log of user log-ins and past activities. This may be required as auditing feature (who looked at the logs, changed config and so on).
That would be great to have some kind of hashing for log entries/buckets, or any other way to check integrity.
Also that should be possible to generate alerts on an attempt to tamper stored logs.
10.5 Secure audit trails so they cannot
10.5.5 Use file-integrity monitoring or
change-detection software on logs to
ensure that existing log data cannot be
changed... more »
A request has been made for functionality to ensure and confirm that sealed archives are absolutely tamper-proof. This will be a key requirement of audits of the customer's Log Insight implementation, specifically as it's dealing with monitoring a PCI environment.
As a vRLI Administrator, I would like to have control over which users have access to which vRLI features because I want to revoke the ability for a user to perform an export of the data.
It's like if the first instruction after buying an IKEA shelf would be "hey, go out and buy some screws and make your own wooden plugs".
I think the procedure should be more like in NSX, where the product web UI can be used to create... more »
Please integrate with Let's Encrypt for automated TLS certificate generation and renewal.
Organizations with PHI/PCI or other regulatory compliance requirements may need to allow a person to Administer a LogInsight Server or Agents but not allow them to view logs collected by the agents or retained by the server.
As of today, in order to manage Agent configuration the user needs to have "Super Admin" role which has very wide scope including the ability to manage access control.
We should be able to delegate Agent Configuration to some "power users" without giving them the ability to alter Access Control.
An "Agent Admin" role would great in that objective.
Manipulating the ESXi host's CA trust store is done via "esxcli system security certificatestore", and esxcli is already used to read and manipulate the ESXi host's syslog configuration itself.
Log Insight should support automatically pushing... more »