Have a small download, less than 50MB, which then downloads the OVA/OVF in a reliable, restartable fashion.
General Log Insight Q&A
Has anyone had any luck with getting a Solaris 10 server to send syslog into LogInsight?
and other variations in the /etc/syslog.conf
Then restarting or refreshing via:
svcadm refresh svc:/system/system-log:default
svcadm restart system/system-log
But nothing seems to work. Any thought/help would be great.
When user's UPN domain suffix is different than that of defined 'default domain'.
Im trying to create a custom field for the following text:
Remote Desktop Services: User authentication succeeded:
Source Network Address: IP
the user can sometimes be empty
i have created the field username
custom regex: \S*
How i see in the events that it highlights everything correctly but when i save the custom field i dont see it in my fields pane..
Using a single instance of LI 2.0 (2.0.3-1879692) with a 500 OSI license installed. The only systems sending logs to LI currently are 16 ESXi hosts and 1 vCenter. LI license usage reports between 61-64 OSIs consumed (it vaires a little bit day to day). When I "run a query of IA for unique count of hostname over time grouped by hostname" (thanks Steve!) it shows the correct hosts sending syslog data, but each one appears ...more »
Currently log-insight does not have an option to raise and alert when it matches exact number of event in the query. This is especially required when i try to search for an unique error and want to send and email when it logs and the count =1
Hi, Is it possible to create custom filters for event forwarding. We would like to use IP Address or possibly other variables?
Could somebody tell me whether Log Insight 2.5 or 3.0 will work with a certificate using key size 4096? The admin guides only mention 2048 but I was wondering if other values could be used?
Hello, I just found out that i have created an unsupported configuration. I just added more and more disks and now have 4,4TB diskspace added to my stand alone server. So i have to create a cluster. When i deploy the ovf it says: "For Log Insight Clusters medium and large sized nodes should be used" As 3 nodes is the minimum this would mean 3*8vCPU's + 3x 16GB memory. My standalone host only uses 4 cpu's and 8GB memory. ...more »
I would appreciate support for the content packs for german language, e.g. for german vCenter systems or german Windows-systems.
Currently my Windows machines (even Active Directory) are [sadly] running with german language and it's not that easy so switch the system language on Domaincontrollers afterwards.
Hi, I am searching through the logs in interactive analysis looking for a specific message that appears in a vpxd-822.log file for vcenter 5.5 installed on Windows. The entry I am looking for is: 2015-11-18T06:50:38.756Z [07920 info 'vpxdvpxdInvtHostCnx' opID=SWI-43915657] [VpxdIntHost] Missed 2 heartbeats for host myhostname. My Log Insight version is Version 3.0.0-3021606 Question: are the vpxd logs from vcenter ...more »
Would be really interested to know which agent you use on Linux servers, as I am in a debate with security team regarding whether to use the LI agent or the syslog daemon on the redhat servers. In my mind the main pros for each are:- Syslog daemon - multiple destinations (this may become a requirement) - nothing to maintain outside of base OS, i.e not 3rd party software Log Insight - cfapi support - centralised configuration ...more »