I have Log Insight version 4.3 installed, and I would like the capability of limiting who can schedule a query or search. I know there isn't a capability in Log Insight for this feature (yet). I know that version 2.0 introduced an alert.log file. I have a script that stays in memory. The script reads the alert.log file. If a new line is found, then the script will parse the current line and send data (syslog or snmp) ...more »
In the Content Packs section for Log Insight, if you look at the Shared Content, there is a tab for Alerts, but you can't build any shared alerts. It would be really useful to be able to make user level alerts shared with everyone.
Queries can be defined in the Log Insight UI in many places, such as Dashboards or Saved Queries or Alerts or even the Share shorturl. It is difficult to translate these queries to the format necessary for the Query API.
Provide an API to execute a pre-existing UI-authored Query by its persistent name/id.
I`m not aware of such feature if I`m wrong please correct me. It would be very very useful to be able to use fields in alert definition and fields to be populated based on their actual value when the alert triggers. We are sending alerts to vROPS. Let`s take an example: I want to monitor when a vRO Workflow fails but I need to create an alert for each Workflow that runs into infrastructure in order to actual give some ...more »
Today the webhooks alerting option sends an unauthenticated web POST to a URL. Enabling an authenticated post would open up the possibility to integrate directly with vRealize Orchestration (vRO), which can accept only authenticated posts.
At the moment WebHooks are very Static regarding output format.
That is a problem if you have a monitoring Solution that is also very static by receiving WebHooks:
PRTG Only excepts this syntax
https://fqnd:5050/loginsight?content=XML String with fixed Syntax
Is there a way to integrate a WebHook Syntax Builder?
Some alerts should be only active during certain times:
for example admin log in should not be alerted during working hours, but is worth alerting in the middle of the night. Same may apply to certain configuration changes (VM configuration changed outside normal working hours).
When group by a field in a chart it would be great if I can associate an expected value with always the same color. Use case: I want to monitor my automation test logs in LI I have built proper query that returns the executed tests grouped by their result. I know that possible result value could be PASSED, FAILED or SKIPPED. So I want in my chart PASSED to be marked always with green, FAILED with red and SKIPPED with ...more »
Currently in email alert, the entire search query result is sent and it would be 10s of line in an matching event.
is it possible to highlight the match what exactly was queried?
For example: if we search for a string ERROR and setup a alert, entire event where "ERROR" string appears is sent as an email, in which i would want to highlight the queried string "ERROR' for easy identification in entire event
When an a email alert is sent out form Log Insight, the "TO" field does not show all the recipients listed which were configured to receive this..
This feature would be helpful to ensure that all the intended recepients have a copy of this email, especially from administrative perspective.
Allow for the reception and logging to SNMP traps; also allow for sending SNMP traps as alerts. All configuration should be in the UI.