ms_ad_security_audit_target_account_name does not function properly. It does not show up under the fields list or extracted data nor can you create your own that is similar and have log insight extract the data.
We got some applications that are loggin very big SOAP events (not http POST) that are currently being truncated, so the 16KB log size is not enough for us. It would be very nice to have an higher limit.
An email address containing an ampersand (&) character was not allowed when configuring an alarm in Log Insight. Ampersand is among the valid special characters for the "local" portion of an email address, per RFC5322. In fact, MOST of the special characters allowed in the local-portion by RFC5322 are not considered valid in the Log Insight alarms. Please correct the defect in Log Insight that is preventing use of ...more »
I would like to be able to disable alert snoozing based on grouped queries. I'm using queries with groupings now since I need to be able to only include relevant fields in the email alert, not the entire event.
I would really like to Lock a Dashboard widget to a specific time frame. For example if i make a datacollection for data just within an hour or pr 6 hours, the data could be false if someone use it With another timespan. So i would like to be able to Lock a Dashboard widget to a timeframe, like 1 hour, 3 hours, 6 hours or 24 hours. This way it would be much easier to make custom widgets With events in different timespans ...more »
Hi I have the below three syslog entries. As it can be seen the timestamp from LI (the first one), does not match the one from the syslog msg. (This also affects the sort order in Log Insight. Making it hard to troubleshoot) Why? I'm think it might be at the source the problem is, but I cannot see what you be wrong with this syslog msg. 2018-04-2510:28:46.315 2018-04-25 10:28:26 10.65.2.14 Passwordstate: Password ...more »
I need to rebuild loginsight node.
How can I backup all content pack configuration and VA configuration.
Currently, to filter a data set on a VIP tag, there needs to be existing logs with that tag. I would like to set up roles based on tenant VIPs before there's any logs, so as soon as a tenant sends logs, they will see them, rather than the tenant sending logs then creating the data set and role.
I hope someone who can make content pack for Kemp load balaning
When highlighting/colouring a widget is accepted as an enhancement, the next logical step would be to allow the same on dashbooard level. It would be brilliant if not only the fact that one widget changed state drives the dashboard state. You can define a logical rule how their state will be taken into account to drive the change. E.g. Dashboard changes state/colour when all 3 widgets change state (widget1 & widget2 & ...more »
To notify someone visually when a certain/critical situation has been identified, it would be brilliant if you can highlight/colour a widget so you get the proper attention. E.g. host disconnections have been found the information mentions this is something you should investigate. How about defining there is a certain number of messages found and the widget switches it's colour to yellow/red?
Tried to prepare my own dashboard by using widgets from existing ones and found it would brilliant if there is a search field on the top left corner above the widgets to enter a search string which reduces the number of widgets to the ones matching the search string. Would speed the creation and improve the usage.