Content Packs

MS Exchange Content Pack dashboards empty

We have MS Exchange environment with 8 Exchange servers. We have Log Insight 4.3 with MS Exchange CP 3.2. We have configured it according to attached documentation with regards to some doubts in another forum thred here. Now some dashboards are empty or contain wrong data: 1. Information on widget Microsoft - Exchange > User information > Number of users per server is wrong: Total number of users is correct (after ...more »

Submitted by (@pawel.orzechowskiindevops.com)

Voting

2 votes

Content Packs

MS Exchange Content Pack agent scripts configuration clarification needed

We have MS Exchange environment with 8 Exchange servers. We have Log Insight 4.3 with MS Exchange CP 3.2. While configuring it according to attached documentation we have encountered following problems that I ask for clarification: 1. Agents powershell scripts run on one or more MS Exchange servers 1.1 Observation: Running both scripts exchange_wrapper.ps1 and exchange_mailbox_wrapper.ps1 seems to give the same output ...more »

Submitted by (@pawel.orzechowskiindevops.com)

Voting

2 votes

Feature Requests

Provide mechanism for vRealize Log Insight to create Catalog item in Identity Manager

Provide a mechanism within vRealize Log Insight's Authentication Configuration section that allows for easy creation of the application within the within the catalog for VMware Identity Manager. At the moment, a user must manually create this, an operation that has the potential to change between vIDM releases which complicates the situation and causes a poor UX -- example : https://blogs.vmware.com/services-education-insights/2017/08/vrealize-log-insight-authentication-via-vmware-identity-manager.html ...more »

Submitted by (@gfritzvmware.com2)

Voting

3 votes

Feature Requests

Time between logs - as numerical value

I am suggesting that you should be able to Select "Time Between first-last" as a value. So if you for example have made a log Query that shows all error logs for a specific event, then you can present how long this event occured. This can also be useful if you have one log entry for start of a deplyment and one for finish, because then you could present build time from the Timediff between the first and last log entry ...more »

Submitted by (@hawkienorwayhotmail.com1)

Voting

5 votes

Administration of Log Insight

Customize fields in the alert.log file

I have Log Insight version 4.3 installed, and I would like the capability of limiting who can schedule a query or search. I know there isn't a capability in Log Insight for this feature (yet). I know that version 2.0 introduced an alert.log file. I have a script that stays in memory. The script reads the alert.log file. If a new line is found, then the script will parse the current line and send data (syslog or snmp) ...more »

Submitted by (@leroyisaacgmail.com2)

Voting

1 vote

General Log Insight Q&A

Log processing rate in vRealize Log Insight

Hi to all members. Could anyone help if we can capture the log processing rate and the log arrival rate by vRealize Insight ? I am particularly interested in 1. Capturing the arrival rate of the logs to the Log Insight in events/sec or bytes/sec 2. The processing rate of the logs by Log Insight in events/sec or bytes/sec. 3. Ensure my Log Insight processing rate is higher than the arrival rate. There are statistics ...more »

Submitted by (@sreejithparakkatil)

Voting

2 votes

Feature Requests

Ability to inject data from an external source (DB,etc) in to log streams

I've repeatedly seen a requirement to enrich log event streams within vRLI using field injection of data sourced from external data providers (fetched from database or through REST API calls). To-date the only way to accomplish this is to use another 3rd party product to do the field-injection and/or field-replacement prior to ingestion by vRLI. To-date, we need to implement syslog-ng on an intermediary system, leveraging ...more »

Submitted by (@mjusko)

Voting

2 votes

Feature Requests

Disable built in system alerts from sending emails

I would like to be able to disable default system alerts, specifically the SSL certificate handshake. I continue to receive alerts due to a an "SSL handshake problem. This may be a problem with the SSL Certificate or with the Network Time Service. In order for Log Insight to accept syslog messages over SSL, a certificate that is validated by the client is required and the clocks of the systems must be in sync." I am receiving ...more »

Submitted by (@mkvanmatre)

Voting

6 votes