Content Packs

Submitted by (@pawel.orzechowskiindevops.com)

MS Exchange Content Pack agent scripts configuration clarification needed

We have MS Exchange environment with 8 Exchange servers. We have Log Insight 4.3 with MS Exchange CP 3.2. While configuring it according to attached documentation we have encountered following problems that I ask for clarification: 1. Agents powershell scripts run on one or more MS Exchange servers 1.1 Observation: Running both scripts exchange_wrapper.ps1 and exchange_mailbox_wrapper.ps1 seems to give the same output ...more »

Voting

2 votes

Feature Requests

Submitted by (@rrauenza)

Add conf.d style configuration to liagent's config

I'm deploying systems under ansible and each has different log directories to be pushed. And I might layer different services. Similar to see /etc/rsyslog.conf and rsyslog.d, I'd like to be able to add additional configurations by just simply dropping files into a liagent.d/ directory (the path of which would be defined in the main liagent.ini) This would allow me to drop say a liagent.d/httpd.ini to grab http logs ...more »

Voting

3 votes

Content Packs

Submitted by (@oleksandr.karimovwiseit.com.ua2)

Veeam B&R Content Pack Agent configuration incomplete

Veeam has issued a content pack for their popular product Veeam Backup & Replication with several dashboards and field extractions.

Still, Agent has no configuration and does not collect Veeam events.

 

Simple as it is, it could be useful to have Agent configuration ready here:

 

[winlog|Veeam_Backup]

channel=Veeam Backup

 

Yes, that's it :)

 

Should I really attach it as a separate content pack here?

Voting

1 vote

Feature Requests

Submitted by (@hywelburris)

Better endpoint status

Things have improved over time and I have noted the previous feature request (http://loginsight.vmware.com/a/idea-v2/8395) however it is very difficult to manage the status of the endpoints for both agents and syslog hosts. This is important both from an operational and security point of view. Some features which would help a great deal are:- - Ability to purge the "host" page - Add last active (or last received ...more »

Voting

3 votes

Content Packs

Submitted by (@markus.krausgmail.com1)

vSphere CP - [filelog|vsphere6-linux-vapi-endpoint]

The Log Path in the default Config is empty. The Logs for the vAPI Endpoint can be found in : /var/log/vmware/vapi/endpoint/

 

[filelog|vsphere6-linux-vapi-endpoint-Custom]

directory=/var/log/vmware/vapi/endpoint/

include=*.log*;*.txt*

exclude=wrapper.log*;*-gc.log*

event_marker=^\d

tags={"vmw_product":"vcenter"}

Voting

0 votes

Feature Requests

Submitted by (@steveflvmware.com2)

LI Agent to collect Microsoft Event Viewer in XML format

Microsoft (until recently) has not natively supported syslog. Event viewer's native format is XML. While the LI agent can collect event viewer logs, it formats them in a proprietary way. It would be ideal to collect in a standard format so when forwarding such events to a third party syslog destination (e.g. SIEM) the third party could properly parse it (without a custom parser). XML is that standard for Microsoft. ...more »

Voting

2 votes

Feature Requests

Submitted by (@calebs71)

Inherit agent groups from master cluster

We, like many other enterprise users have many distributed vRLI Servers around the world that effectively serve as forwarders to a master cluster. It would be ideal if these servers inherited the agent configuration from the master cluster so all sub-servers do not need configured with agent groups. This will prevent configuration drift of the multiple servers acting as forwarders. There should however, be the ability ...more »

Voting

4 votes

Feature Requests

Submitted by (@lolichet)

Role to manage Agent configuration

As of today, in order to manage Agent configuration the user needs to have "Super Admin" role which has very wide scope including the ability to manage access control.

 

We should be able to delegate Agent Configuration to some "power users" without giving them the ability to alter Access Control.

 

An "Agent Admin" role would great in that objective.

 

Thanks.

Laurent.

Voting

3 votes