Clik here to view.
LI Agent Vs Snare
Scenario:Environment currently uses Snare agents on Windows Operating Systems that convert Windows Event Logs to syslog format that is consumable by a syslog server. Enter Log Insight. Now I need to...
View ArticleSharePoint Content Pack
Hello, where can I find the "ms_sharePoint_usageData_logging_2013.ps1"? The downloaded ZIP does not contain any PowerShell Scripts... Kind Regards,Markus
View ArticleFiltering Events that are Forwarded
In Management area under Event Forwarding, I am trying to forward specific events by using the filter in the edit destination area. If I add something like (text matches) "security" "error" etc, I can...
View ArticleClik here to view.
Filters bar missing - Add Filter not working
Our filters bar on any of the dashboards seem to be missing. Clicking Add Filter does nothing. Any ideas?
View ArticleNTP Woes
I'm having issues with NTP on multiple Log Insight Servers, Build 3.0.0-3021606. NTP is configured to use a Windows DC as a time source, other devices are configured to use the time source with out...
View ArticleExport event results returns a blank txt file
I have a Version 3.0.0-3021606 instance of log insight. On the interactive analytics tab, I have a 7 day query that returns some events that I would like to export. When I try to export feature it...
View ArticleClik here to view.
Modify Cisco ASA Content Pack to support emblem log format
Greeting: We are processing Cisco ASA firewall log with Log Insight 3.0, we've learned that Cisco ASA can configured two log format:(1) Default: The severity class field look like '%ASA-6-123456'(2)...
View ArticleLicensing question re. Log Insight and Windows Event Forwarding
Hi. I was wondering if there were any license implications for using Windows Event Forwarding to a Windows Event Collector, and then using Log Insight to collect events from that channel? Would I still...
View ArticleClik here to view.
Content Pack Validation Error: Query needs at least one complete text keyword
I am getting "Content Pack Validation Error: Query needs at least one complete test keyword" error for the dashboards I have created. What does actually mean, i feel like I am using the text keyword....
View ArticleClik here to view.
Content Pack Validator- Export Server logs- root user for ssh
I am using content pack validator to publish the content pack. And I was able to publish it as per the pop up screen. As a next step it is trying to get logs from vRLI using ssh. That needs root user...
View ArticleClik here to view.
Log Insight Content Pack Publishing WorkFlow
I used the Log Insight publisher to publish the content pack. End of the publishing it gave me ID (48ab-32556) and email ID to contact for any further question. However, I have't got any email...
View ArticleClik here to view.
MS Exchange content pack scripts
Hello, I am actually in the process of installing and configuring the MS Exchange content pack on a Log Insight 3.0 server. I did the SMTP setup on the Exchange server but I can't fin the scripts that...
View ArticlevCenter Log Format
What is the log format utilized by vCenter Server in the vpxd.log file?Is it Windows XML Event Log (EVTX) formatSyslog RFC 5424 format Or is it a proprietary format?
View ArticleHow do I use vROps content pack with vR Log Insight for a vROps cluster?
I'm evaluating vRealize Log Insight 3.0 and want my vROps Cluster log via liagent to vRLI. My vROps is a two-node cluster with a master and a data node.I've read the pdf doc and also seen the good...
View ArticleHow to allow many users to see alerts that a single user created
Hello, I have created some alerts in Log Insight 3.0 and I want my colleagues to be able to see and edit them. Is it possible? If yes, how can I do it? Thank you.
View ArticleClik here to view.
ESXi Syslog over TLS/SSL not working
Hi I have configured Log Insight (3.0) with 1 vCenter (5.5U2b) and 2 ESXi hosts (5.5U2). EVerything is on the same network subnet. When I configure them with Syslog over SSL in Log Insight, nothing...
View ArticleClik here to view.
vRealize Log Insight 3.0 + SNMP
Hi,sorry for my trivial question, but it's possible to receive/collect SNMP traps in vRealize Log Insight? For example I want collect all my logs/traps from my Blade servers (iLO and Enclosures) in vRLI.
View ArticleLI to vROPS more detailed alerts
Hello All I wonder if its possible to define the LI alerts a little more detailed? I use the LI-Agent on my DomainController to Forward the ActiveDirectory Eventlog. When a User-Account has been...
View ArticleSharePoint content pack issue
Hello, I am actually configuring the SharePoint content pack and I cannot find the SPServerName.txt file in the script folder. I must edit this file to input the SharePoint database server name. I...
View ArticleClik here to view.
HP / TrendMicro - TippingPoint Firewall ContentPack
Hello, I have created my first Content Pack. Example: Have fun and please share updates and enhancements. New in Version 1.2.1:- Enhanced Filters- HP SMS Interation New in Version 1.3.1:- Updated...
View Article