The importer today does not support uncompressing bz2 -- it should especially given that VMware support bundles use bz2.
Let us know what will make Log Insight even better! Add new ideas & vote on other feature ideas to let us know what's important to you.
As a vSphere Administrator, I expect the Log Insight servces to reuse sessions to collect data for vSphere for vSphere Integration, because observing multiple active sessions does not appear to be efficient use of vSphere resources.
As a vRealize Log Insight user, I would like to interact with a cluster via API to create, modify, and delete Alerts.
As more Linux operating systems move to journalctl it will become necessary that the Log Insight Agent can interact with journalctl to grab requested logs since it does not use typical file based storage.
Allow for the reception and logging to SNMP traps; also allow for sending SNMP traps as alerts. All configuration should be in the UI.
Log Insight should facilitate understanding transactional flows, where a group of log messages tell a story together. The transaction identifier should be definable in content packs and by users, similar to an extracted field. For example: - vCenter, vpxa and hostd tasks are identified by an opID, relating task Start, Finish and subtasks within. - ESXi vMotion tasks are identified by an MigID, relating Source and Destination... more »
Hi! we use puppet to configure our systems. sometimes loginsight module is loaded before the component it is going to monitor, springtc for example. the liagent.ini has a path to springtc logs directory, but since it is not built yet - loginsight gets an error and marks it dormant...
we need a “retry” option for each channel – if path does not exists loginsight agent should retry without requiring a restart.
Dashboards make it possible to view data visually over time and alerts make it possible to get notified about events seen in the environment. What is needed is true reporting and more specifically: * Scheduling of when to run reports (both time of day and frequency) * Ability to at least email reports (pdf, html, and csv should be supported at a minimum) * Ability to include dashboards in reports (including legends)... more »
Provide the ability to dump raw events more than 20K at a time. The user should have the ability to run an export query and retrieve the results. (eg. User provides a date range and requisite filters.)
An administrator may deem some messages undesirable, either specific logs produced by a source or a whole source. Such messages may result in CPU/disk resources being expended unnecessarily. Undesired log messages may result in Log Insight's data store being rotated more quickly than desired. In terms of licensing, one may wish to drop log messages from unlicensed sources, restricting sources from which log messages are... more »
In our environment we have different needs for log retention. For example my vsphere logs can be aged after a month while my firewall logging should never be deleted.
so i would like to have a retention option per host or something.
I love that the 1.5 version includes related kb articles in the notes section of each query in the content pack. I'd like to see this taken further. Add a link to the KB each log result from a search.