Feature Requests

Disable built in system alerts from sending emails

I would like to be able to disable default system alerts, specifically the SSL certificate handshake. I continue to receive alerts due to a an "SSL handshake problem. This may be a problem with the SSL Certificate or with the Network Time Service. In order for Log Insight to accept syslog messages over SSL, a certificate that is validated by the client is required and the clocks of the systems must be in sync." I am receiving ...more »

Submitted by (@mkvanmatre)

Voting

6 votes

Feature Requests

Add progress status for storage expandtion

Hi Just had to had storage to a Log Insight cluster. I guess I have not do that in a while or atleast I do not remember how long it takes. As it seems like the node is just stuck doing nothing it would be nice if a progress bar/status could be shown on console when storage is expanded. A plus would be is an ETA could be shown as well 🙂 the only way to see that the VM/node is not dead is to look at disk usage ...more »

Submitted by (@ryom.michaelgmail.com1)

Voting

2 votes

Content Packs

Super Pack for non-log data from Active Directory

Upon request from our security people, I have made a PowerShell module that collects non-log data from AD and pushes it as logs to the loginsight server. This way they can have a Dashboard of data that is either not accessible from logs, or where log retreival would mean a massive search from all data available, and thus very slow searches. I have built this in this way: 1. Powershell scripts running as scheduled jobs ...more »

Submitted by (@ronny.berntzen)

Voting

4 votes

Feature Requests

Generate Support Bundle for Host or Hosts from vRLI Data

Basically, the thought is that we have a UCS Blade based host go down and we've now lost our logs. But wait, we have vRLI running and has those logs, but I don't see anyway to collect a Support Bundle for the host that would include the proper log entries for a SR request with VMware. Well, I can say I want entries from this data range with the hostname of xxx, but am I sure I got what I needed? Also, when I export ...more »

Submitted by (@jlw52761)

Voting

6 votes

Content Packs

HP OA content pack

Hi

 

Had en issue - created an content pack 🙂

 

So here it is the HP OA content pack. All there is required is to set HP OA til send syslog to log insight.

 

It has three dashboards - Overview, changes and authentication.

 

Overview gives you quick insight to changes and problems in your environment.

Changes - is all about changes made by humans

Authentication - shows login attempts and failures

Submitted by (@ryom.michaelgmail.com1)

Voting

3 votes

Feature Requests

Add conf.d style configuration to liagent's config

I'm deploying systems under ansible and each has different log directories to be pushed. And I might layer different services. Similar to see /etc/rsyslog.conf and rsyslog.d, I'd like to be able to add additional configurations by just simply dropping files into a liagent.d/ directory (the path of which would be defined in the main liagent.ini) This would allow me to drop say a liagent.d/httpd.ini to grab http logs ...more »

Submitted by (@rrauenza)

Voting

3 votes

General Log Insight Q&A

STRUCTURED-DATA for non-agent messages

Ahoj there, i'm sending in messages directly to vRLI server over udp:514. They should be perfectly RFC compatible as it works on another syslog server (non vRLI server 😉 ). Question: i can't get vRLI to format/extract the structured data automatically. I found some docs regarding syslog structured-data extraction for agent but nothing for non-agent messages. Isn't this implemented? As an example: 2017-08-28T09:28:55.509334+02:00 ...more »

Submitted by (@rockaut)

Voting

1 vote

Content Packs

Veeam B&R Content Pack Agent configuration incomplete

Veeam has issued a content pack for their popular product Veeam Backup & Replication with several dashboards and field extractions.

Still, Agent has no configuration and does not collect Veeam events.

 

Simple as it is, it could be useful to have Agent configuration ready here:

 

[winlog|Veeam_Backup]

channel=Veeam Backup

 

Yes, that's it :)

 

Should I really attach it as a separate content pack here?

Submitted by (@o.karimov)

Voting

1 vote