Feature Requests

Datatype-aware field extraction

Sometimes log messages contain embedded data with a fixed standard format, like XML, JSON or CSV, either when logging about configuration/state information or when the messages aren't really logs. Attempting to parse out any of these formats with regular expressions is difficult (and in the case of XML, strongly discouraged), especially when the structure includes nesting, lists or esoteric quoting/escaping rules. For ...more »

Submitted by (@acastonguayvmware.com)

Voting

7 votes

Feature Requests

Drop specific incoming messages

An administrator may deem some messages undesirable, either specific logs produced by a source or a whole source. Such messages may result in CPU/disk resources being expended unnecessarily. Undesired log messages may result in Log Insight's data store being rotated more quickly than desired. In terms of licensing, one may wish to drop log messages from unlicensed sources, restricting sources from which log messages are ...more »

Submitted by (@acastonguayvmware.com)

Voting

35 votes

General Log Insight Q&A

Help with Solaris 10 syslog

Has anyone had any luck with getting a Solaris 10 server to send syslog into LogInsight?

 

I've tried:

 

*.debug @IPADDRESS

 

and other variations in the /etc/syslog.conf

 

Then restarting or refreshing via:

 

svcadm refresh svc:/system/system-log:default

 

svcadm restart system/system-log

 

But nothing seems to work. Any thought/help would be great.

Submitted by (@erikkringlie)

Voting

0 votes

Feature Requests

Deduplication of Data

I was wondering if you guys could make the data be zipped/dedupped during the night? If it already does dedup or something I guess its fine but it would seem that log insight takes a lot more space then our other logging system. We are trying to move everything to log insight but space constraints don't seem to be matching up.

Submitted by (@jacob.curran)

Voting

20 votes