Feature Requests

Allow for valid field values to be compared using the mathematical operators

Currently, the math operators only allow you to compare a filed value to a integer\decimal that you input. Typing the name of a custom field does not allow LI to compare the 2 values, rather LI will compare the value to the string. See the attached screenshot for clarification. I would like to alert on if this log string ever returns a cap value (cap=174) that is > 90% of the threshold value (threshold=250). In this ...more »

Submitted by (@manoj.kapoormemorialhermann.org)

Voting

4 votes

Feature Requests

Lightweight Forwarder for Edge Compute

For Edge Compute platforms for one example ROBO, something VMware is publicly discussing widely we need the ability to collect and send logs back to the datacentre.. Normally in these environments compute and storage space is a minimum, so we need a forwarder that is very lightweight in its install. Maybe even deployable as a container. The LI Forwarder would be good due to the compression it uses as we also need to consider ...more »

Submitted by (@nvenablesvmware.com)

Voting

4 votes

Collection

Cisco IPS Logs - SDEE

LogInsight is gradually overtaking our SIEM tool due to it's incredible accessibility and performance - thank you, everyone, for building such an awesomely easy-to-use product. Unfortunately, one of the key metrics we'd like to be able to report on is IPS/IDS logs generated from our Cisco ASAs ( we have many, many ASAs) and at the moment the IPS logs are firing into a bit of splunk code that converts them for splunk ...more »

Submitted by (@stevebristowpaypoint.com2)

Voting

3 votes

Feature Requests

Need better auditing of user activities

I have a user that changed or deleted a user alert. Well, I now have another user asking "who" made the change. I would like to see better auditing capabilities in Log Insight. I am looking for an auditing of the following types of changes: 1) Login and logout * This appears to be in the ui_runtime.log, but the data isn't exposed in the UI. 2) User alert creation, deletion, or modification via the UI or API. * We ...more »

Submitted by (@leroy.isaacpnc.com2)

Voting

8 votes

Feature Requests

vRLI - Catalog Requests - needs "AND" "OR" Dashboard Query abilities

I need data from log entries in both "cafe: catalog" AND "cafe: composition-service". The Dashboard I am trying to create will have a table with the following fields and can't do that without this future feature: vmw_vra_request_num, Extracted field LongReqNum, Tenant, Extracted field Tenant Name, Extracted Field SettingRequestAs, vmw_vra_cat_item_name, vmw-vra_req_service, vmw_vra_requested_for_user Date Entered: 1/25/2018 ...more »

Submitted by (@lorimthompsonoptum.com)

Voting

11 votes

Feature Requests

Full Configuration API

It appears that there has been a start to get some configuration options added to the API. I hope we can get to a point where everything available in the Administration section of the Log Insight appliance becomes available via the API. My most immediate need is user management -- IE, the ability to add a user from AD to LI and, while being added, assign a role(s) to that user. I've already figured out how to do this ...more »

Submitted by (@burkevmware.com)

Voting

6 votes