Collection

Getting data in, whether from the Agent, Importer, or Syslog.

Collection

Cisco IPS Logs - SDEE

LogInsight is gradually overtaking our SIEM tool due to it's incredible accessibility and performance - thank you, everyone, for building such an awesomely easy-to-use product. Unfortunately, one of the key metrics we'd like to be able to report on is IPS/IDS logs generated from our Cisco ASAs ( we have many, many ASAs) and at the moment the IPS logs are firing into a bit of splunk code that converts them for splunk ...more »

Submitted by (@stevebristowpaypoint.com2)

Voting

3 votes

Collection

Blacklisting/Discarding Events

From time to time there are occasions where i really would hope that blacklisting/discarding events is implemented in vRLI. For an example we currently are flooded with log entries from our 5.5 ESXi hosts which are coming from an "BUG" which is to be fixed in a patch without ETA. But there would be countless other examples too. I'm aware that there are possibilities to achieve that. One is with agents but for ESXi that ...more »

Submitted by (@rockaut)

Voting

3 votes