I love that the 1.5 version includes related kb articles in the notes section of each query in the content pack. I'd like to see this taken further. Add a link to the KB each log result from a search.
- vCenter, vpxa and hostd tasks are identified by an opID, relating task Start, Finish and subtasks within.
- ESXi vMotion tasks are identified by an MigID, relating Source and Destination... more »
Currently when building a query in Interactive Analytics, all of the filters can use AND logic or they can all use OR logic. You can create different groups with different pieces of logic like:
(f_1 AND f_2) OR (f_3 AND f_4)
This would help me condense multiple components in some of our dashboards into one component
Allow log insight to analyze internal (linux and application) logs in the same instance. Currently it is not supported to redirect log insight logs to itself.
Extract more Details from Windows Firewall File-Log
(ContentPack is attached)
- Blocked Connections by Source IP
- Blocked Connections by Destination IP
- Blocked Connections by Source Port
- Blocked Connections by Destination Port
- Blocked Connections by Protokoll
- Blocked Connections by Hostname
- Disabled / Enabled Firewall
LI has the option to notify when there isn't sufficient storage to comply with a certain retention period.
I would like to see somewhere (preferably as part of a dashboard) what the oldest logged event is.
Or as part of the statistics page.
Maximize effectiveness of displayed data: Allow to adjust column width in field table view
All software version info should be obtainable via API, currently private, should be public
The ability to add a second Timeframe with the same Search and Filters in the same Chart will be awesome. It can be used to compare Results.
Maybe it can also be used for a new Alert Triggers. E.g. differs 50% from last week…
I was working on making a presentation of different values, and it struck me that it was exposing a lot of different values. One Place i got a Count, and another Place i had MB while on the NeXT one there was bytes. In making comparative Dashboards there should be the ability to use a Math factor for either multiplying or dividing the number you have, so you can alter the exposed value to the desired resultset.
Allow user-specified # of lines to display on screen (rather than forcing 50 as a limit).
It would be fantastic (and... more »
We need to have a feature where we can assign SI units to the numeric values parsed using the logs by writing a filter.
Say I am retrieving logs to parse the time taken or memory consumed in the logs. We should have capabilities to add SI units like sec, minutes, Bytes, KB etc.
1) There is no way to use an agent and logs are not getting properly parsed on the server
2) Agent is installed, but administrator prefer not to risk any additional load on the source system caused by agent-side parsing
Solution: configure parsing (analogue to agent-side parsing) on the server or dedicated forwarder