General Log Insight Q&A

Vulnerability triggering from Log Insight Server

One of my clients have raised the below vulnerability for LI. Exploit CVE ID: "CVE:2009-1016" Description: Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite allows remote authenticated users to affect confidentiality, integrity, and availability, related to IIS. The Client has observed suspicious traffic from log insight server on port 443. Any Information on how to remediate ...more »

Submitted by (@rsurajvmware.com1)

Voting

1 vote

Feature Requests

Palo Alto content pack

There used to be Palo alto content pack https://blogs.vmware.com/management/2015/03/palo-alto-networks-content-pack-now-available.html but this is no longer available.

 

Does any one have old version that can be shared for use with fields, query and alarm definitions?

 

PS. This post should be in the Content Packs compain but I can not move it after it is created.

Submitted by (@pawel.orzechowskiindevops.com1)

Voting

1 vote

Feature Requests

valid characters in email

An email address containing an ampersand (&) character was not allowed when configuring an alarm in Log Insight. Ampersand is among the valid special characters for the "local" portion of an email address, per RFC5322. In fact, MOST of the special characters allowed in the local-portion by RFC5322 are not considered valid in the Log Insight alarms. Please correct the defect in Log Insight that is preventing use of ...more »

Submitted by (@jbronsontva.gov)

Voting

1 vote

Feature Requests

Lock widget to time frame

I would really like to Lock a Dashboard widget to a specific time frame. For example if i make a datacollection for data just within an hour or pr 6 hours, the data could be false if someone use it With another timespan. So i would like to be able to Lock a Dashboard widget to a timeframe, like 1 hour, 3 hours, 6 hours or 24 hours. This way it would be much easier to make custom widgets With events in different timespans ...more »

Submitted by (@hawkienorwayhotmail.com)

Voting

3 votes

General Log Insight Q&A

syslog timestamp not working

Hi I have the below three syslog entries. As it can be seen the timestamp from LI (the first one), does not match the one from the syslog msg. (This also affects the sort order in Log Insight. Making it hard to troubleshoot) Why? I'm think it might be at the source the problem is, but I cannot see what you be wrong with this syslog msg. 2018-04-2510:28:46.315 2018-04-25 10:28:26 10.65.2.14 Passwordstate: Password ...more »

Submitted by (@ryom.michaelgmail.com1)

Voting

3 votes