We have MS Exchange environment with 8 Exchange servers. We have Log Insight 4.3 with MS Exchange CP 3.2. While configuring it according to attached documentation we have encountered following problems that I ask for clarification: 1. Agents powershell scripts run on one or more MS Exchange servers 1.1 Observation: Running both scripts exchange_wrapper.ps1 and exchange_mailbox_wrapper.ps1 seems to give the same output ...more »
I'm deploying systems under ansible and each has different log directories to be pushed. And I might layer different services. Similar to see /etc/rsyslog.conf and rsyslog.d, I'd like to be able to add additional configurations by just simply dropping files into a liagent.d/ directory (the path of which would be defined in the main liagent.ini) This would allow me to drop say a liagent.d/httpd.ini to grab http logs ...more »
Veeam has issued a content pack for their popular product Veeam Backup & Replication with several dashboards and field extractions.
Still, Agent has no configuration and does not collect Veeam events.
Simple as it is, it could be useful to have Agent configuration ready here:
Yes, that's it :)
Should I really attach it as a separate content pack here?
Things have improved over time and I have noted the previous feature request (http://loginsight.vmware.com/a/idea-v2/8395) however it is very difficult to manage the status of the endpoints for both agents and syslog hosts. This is important both from an operational and security point of view. Some features which would help a great deal are:- - Ability to purge the "host" page - Add last active (or last received ...more »
The Log Path in the default Config is empty. The Logs for the vAPI Endpoint can be found in : /var/log/vmware/vapi/endpoint/
Do we have a way to import data from SQL/Oracle (From tabels in DB)? Got a customer who needs this - Large Telco
Microsoft (until recently) has not natively supported syslog. Event viewer's native format is XML. While the LI agent can collect event viewer logs, it formats them in a proprietary way. It would be ideal to collect in a standard format so when forwarding such events to a third party syslog destination (e.g. SIEM) the third party could properly parse it (without a custom parser). XML is that standard for Microsoft. ...more »
We, like many other enterprise users have many distributed vRLI Servers around the world that effectively serve as forwarders to a master cluster. It would be ideal if these servers inherited the agent configuration from the master cluster so all sub-servers do not need configured with agent groups. This will prevent configuration drift of the multiple servers acting as forwarders. There should however, be the ability ...more »
As of today, in order to manage Agent configuration the user needs to have "Super Admin" role which has very wide scope including the ability to manage access control.
We should be able to delegate Agent Configuration to some "power users" without giving them the ability to alter Access Control.
An "Agent Admin" role would great in that objective.
A Install Parameter for the Agent to enable or disable SSL would be useful.
In the list of Agents in Administration UI the SSL State of the Client would be useful .
When Multiple Virtual IP Addresses are configured the recently added VIP is the default for the agent default Configuration.
This should be selectable. Otherwise wrong tags are maybe added…
I would like to see the ability to force agents in a Group to copy the config from the agent Group into their liagent.ini file as startup config. After doing a mass deploy of agents i found that all agents come With auto_update=yes commented out, and if I use the option to change it in the agent Groups, it will not work as the agent obviously reads the local file at the time where the auto update is triggered. For me ...more »
Currently unable to set SSL=yes when using the command line parameters. It is possible to set all the other important parameters, protocol, host, port but not SSL. This is especially important if your LI servers need to be set to SSL only.
Yes you could create a MST but this is a rather complicated solution to a simple problem.
Initial use-case: Our team supports the Operating System, while the Application Team supports their application. The Application Team already has their own Log Insight cluster setup to collect their application logs with the LI Agent. Because of this, we are unable to use the LI Agent to collect the Operating System logs. Ideally we would like to be able to send OS logs to our LI, and application logs to their LI. Forwarding ...more »