VMware Log Insight Search Ideas

It is really cool that I can analyze all my Vsphere logs in log insight. it would be much better if I had a user interface option with per ESXI status and progress indicator to configure my ESXI servers as Log Insiht sources

Currently if any configuration option changed on the web interface a restart of the appliance is required.
Even if a simple e-mail address changed.

Taking account the below warning displayed before each restart it would be nice to reduce the number of config changes which requires a full restart of the appliance.

"Note that certain builds of ESXi 5.x need to have their logging system reloaded after restart, otherwise... more »

The only way to recognize that an invalid Default Domain was set in Configuration ->Authentication is to test the connection. But this will only give a similar message:

"Error trying to confirm user 'testuser' in domain 'ads.com'"

A more meaningful message can be found in the logfiles(/var/log/loginsight/runtime.log):

"[http-443-7 ERROR /127.0.0.1] com.vmware.loginsight.aaa.ad.ActiveDirectoryRealm] [Error while querying... more »

Have a small download, less than 50MB, which then downloads the OVA/OVF in a reliable, restartable fashion.

Be able to setup alerts (email, etc) based on queries or specific strings. This would remove the need to always be watching the dashboard.

Log Insight should notify an admin if a source which has sent log files in the past is no longer forwarding any log files to Log Insight. This would help to make sure that all previously registered sources are healthy and sending their log files to Log Insight. This notification should be customizable (i.e. raise an alert for an ESXi host after not receiving logs for at least 2 hours).

Please make an agent I can place on windows servers that will send raw log files(iis, sitecore, jboss, and everything else) and window's event logs. It wouldn't have to be a large thing and could just run on the server as a service. There are tools that sort of work but it would be nice for VMWare to package it with log insight.

You will need to do the following:
1. Register for our Technical Preview Community, http://loginsight.vmware.com/?signup=1
2. You will receive an email with instructions on how to download the Public Beta once your account has been processed.

This release has a number of improvements:
• Improved scalability, especially for querying log data
• Active Directory Integration
• Improved Health Monitoring
• In-Place Upgrade... more »

When I click "Dashboards and select the vmware dashboard(from the standard content pack) and then proceed to click around on the Storage pieces of the content pack will cause it to display "connection to the server was lost"

 

Log insight 1.5 TP3

I am using version 1.1.3-1355360 to troubleshoot some severe storage issues for a customer. I am seeing a bunch of SCSI error codes / Sense key data related to the device (e.g. failed H:0x0 D:0x2 P:0x0 Valid sense data: 0x5 0x20 0x0). However, the new SCSI Sense Code dashboard does not display any.

Host-based codes are being displayed correctly in the dashboard.

I am seeing this on an upgrade from release 1.0.4.... more »

IMPORTANT: As of LI 2.x a reset script exists on the LI VA under /opt/vmware/bin. The script is called "li-reset-admin-passwd.sh" and is in the default path.

Changing the admin password should be done from the web UI. If all admin passwords are unknown then the password must be reset from the command line. The command line steps are outlined here: http://www.vmware.com/pdf/log-insight-10-install-admin-guide.pdf.

Attached... more »

While it's nice to have a button to restart the Log Insight service, it might also be nice to also have a button to do a graceful shutdown and power off of the appliance in the GUI. Assuming role-based access is available (there is a post in this forum already about a "read-only" view), this capability could be selectively applied.

Has anyone had any luck with getting a Solaris 10 server to send syslog into LogInsight?

 

I've tried:

 

*.debug @IPADDRESS

 

and other variations in the /etc/syslog.conf

 

Then restarting or refreshing via:

 

svcadm refresh svc:/system/system-log:default

 

svcadm restart system/system-log

 

But nothing seems to work. Any thought/help would be great.

I am trying to update to the new GA release from beta 1.5tp3 says "Upgrade failed"

"error: /tmp/VMware-vCenter-Log-Insight-1.5.0-1435442.pak: not an rpm package"

I downloaded

VMware-vCenter-Log-Insight-1.5.0-1435442.pak
File size:79M
File type:pak
Release Date:2013-12-10
Build Number:1435442
VMware vCenter Log Insight 1.5.0 – PAK
Use the PAK file to upgrade an existing deployment of Log Insight 1.5.0 beta and preserve... more »

When LI zips up logs and kicks them out to an NFS mount, they're no longer searchable through LI, right? The NFS export is just for legal log retention compliance - not to add additional "second-tier but still searchable" storage?

 

Sorry if this has been asked before. Is there a way to search all questions that have been asked?