Have a small download, less than 50MB, which then downloads the OVA/OVF in a reliable, restartable fashion.
I love that the 1.5 version includes related kb articles in the notes section of each query in the content pack. I'd like to see this taken further. Add a link to the KB each log result from a search.
In our environment we have different needs for log retention. For example my vsphere logs can be aged after a month while my firewall logging should never be deleted.
so i would like to have a retention option per host or something.
When troubleshooting vCenter Log Insight performance, it would be helpful if it could send statistics to vcenter operations manager.
Maximize effectiveness of displayed data: Allow to adjust column width in field table view
Community content pack done by: http://velemental.com/2013/08/22/emc-avamar-with-vcenter-log-insight/
The Content Pack can be downloaded from here: http://velemental.com/?attachment_id=1200
Sometimes log messages contain embedded data with a fixed standard format, like XML, JSON or CSV, either when logging about configuration/state information or when the messages aren't really logs. Attempting to parse out any of these formats with regular expressions is difficult (and in the case of XML, strongly discouraged), especially when the structure includes nesting, lists or esoteric quoting/escaping rules. For ...more »
Analyzing the weather with Log Insight: http://sflanders.net/2013/11/18/analyzing-weather-log-insight/
Allow user-specified # of lines to display on screen (rather than forcing 50 as a limit).
An administrator may deem some messages undesirable, either specific logs produced by a source or a whole source. Such messages may result in CPU/disk resources being expended unnecessarily. Undesired log messages may result in Log Insight's data store being rotated more quickly than desired. In terms of licensing, one may wish to drop log messages from unlicensed sources, restricting sources from which log messages are ...more »
Has anyone had any luck with getting a Solaris 10 server to send syslog into LogInsight?
and other variations in the /etc/syslog.conf
Then restarting or refreshing via:
svcadm refresh svc:/system/system-log:default
svcadm restart system/system-log
But nothing seems to work. Any thought/help would be great.
I was wondering if you guys could make the data be zipped/dedupped during the night? If it already does dedup or something I guess its fine but it would seem that log insight takes a lot more space then our other logging system. We are trying to move everything to log insight but space constraints don't seem to be matching up.
When Log Insight's local capacity to store messages is exhausted, messages are archived to a remote NFS location. It would be beneficial if this flow could be tiered such that data was available online as today but moved to a slower & higher-capacity tiered disks as it ages. Consider the use-case of keeping the most recent 50GB of data on SSD, migrating it to ~5TB of slower spindles over time while keeping it searchable, ...more »
Provide the ability to dump raw events more than 20K at a time. The user should have the ability to run an export query and retrieve the results. (eg. User provides a date range and requisite filters.)
When user's UPN domain suffix is different than that of defined 'default domain'.