Administration of Log Insight

Customize fields in the alert.log file

I have Log Insight version 4.3 installed, and I would like the capability of limiting who can schedule a query or search. I know there isn't a capability in Log Insight for this feature (yet). I know that version 2.0 introduced an alert.log file. I have a script that stays in memory. The script reads the alert.log file. If a new line is found, then the script will parse the current line and send data (syslog or snmp) ...more »

Submitted by (@leroyisaacgmail.com2)

Voting

1 vote

Feature Requests

Better SSL certificate workflow/UI/UX

The current SSL certificate installation procedure is (IMHO) unnecessarily complex, since 90 % of the work needs to be done manually outside vRLI using weird command line instructions. It's like if the first instruction after buying an IKEA shelf would be "hey, go out and buy some screws and make your own wooden plugs". I think the procedure should be more like in NSX, where the product web UI can be used to create ...more »

Submitted by (@anders.o)

Voting

3 votes

Feature Requests

Role to manage Agent configuration

As of today, in order to manage Agent configuration the user needs to have "Super Admin" role which has very wide scope including the ability to manage access control.

 

We should be able to delegate Agent Configuration to some "power users" without giving them the ability to alter Access Control.

 

An "Agent Admin" role would great in that objective.

 

Thanks.

Laurent.

Submitted by (@lolichet)

Voting

2 votes

Feature Requests

PCI-DSS - logs/data Integrity

PCI-DSS 10.5.5 requires logs integrity mechanism. That would be great to have some kind of hashing for log entries/buckets, or any other way to check integrity. Also that should be possible to generate alerts on an attempt to tamper stored logs. 10.5 Secure audit trails so they cannot be altered 10.5.5 Use file-integrity monitoring or change-detection software on logs to ensure that existing log data cannot be changed ...more »

Submitted by (@maksym.bashkirov)

Voting

3 votes

Feature Requests

Configure ESXi syslog over SSL/TLS by default

When configuring ESXi hosts to send messages via syslog, the ESXi hosts need to be configured to trust the public key of the Log Insight server. Today this needs to be done by hand. Manipulating the ESXi host's CA trust store is done via "esxcli system security certificatestore", and esxcli is already used to read and manipulate the ESXi host's syslog configuration itself. Log Insight should support automatically pushing ...more »

Submitted by (@acastonguayvmware.com)

Voting

1 vote

Feature Requests

Forwarding Security Only Events

I'd like to setup Security Event Forwarding of anything in the ESXi Security logs (or any other Security-related logs in ESXi and vCenter) but I don't know the complete list of eventIDs or eventTypes to configure in my fowarder. It would be nice if LogInsight had an option in the Forward Events setup to check boxes for the different "known categories" (meaning, the categories VMware specifies that exist in the SysLog ...more »

Submitted by (@osburnm)

Voting

1 vote