Feature Requests

Submitted by (@acastonguayvmware.com)

Datatype-aware field extraction

Sometimes log messages contain embedded data with a fixed standard format, like XML, JSON or CSV, either when logging about configuration/state information or when the messages aren't really logs. Attempting to parse out any of these formats with regular expressions is difficult (and in the case of XML, strongly discouraged), especially when the structure includes nesting, lists or esoteric quoting/escaping rules. For ...more »


8 votes

Feature Requests

Submitted by (@acastonguayvmware.com)

Drop specific incoming messages

An administrator may deem some messages undesirable, either specific logs produced by a source or a whole source. Such messages may result in CPU/disk resources being expended unnecessarily. Undesired log messages may result in Log Insight's data store being rotated more quickly than desired. In terms of licensing, one may wish to drop log messages from unlicensed sources, restricting sources from which log messages are ...more »


37 votes

General Log Insight Q&A

Submitted by (@erikkringlie)

Help with Solaris 10 syslog

Has anyone had any luck with getting a Solaris 10 server to send syslog into LogInsight?


I've tried:


*.debug @IPADDRESS


and other variations in the /etc/syslog.conf


Then restarting or refreshing via:


svcadm refresh svc:/system/system-log:default


svcadm restart system/system-log


But nothing seems to work. Any thought/help would be great.


0 votes

Feature Requests

Submitted by (@jacob.curranacxiom.com1)

Deduplication of Data

I was wondering if you guys could make the data be zipped/dedupped during the night? If it already does dedup or something I guess its fine but it would seem that log insight takes a lot more space then our other logging system. We are trying to move everything to log insight but space constraints don't seem to be matching up.


22 votes