Several enhancements have been made to the UI in Log Insight 4.6. In this post, I would like to cover the changes to the Administrator pages. Read on to learn more!
On the Cluster page you can now filter by host:
On the Access Control page you can now filter by username. This might not sound like much, but if you have dozens or hundreds of users in Log Insight, it makes a world of difference.
In addition, you can perform bulk operations such as select all and delete.
On the User Alerts page you can perform bulk operations such as enable and disable as well as export alerts — features that were asked for more times then you might imagine.
I already covered the inactive hosts notification and I mentioned in Log Insight 4.5 that you could filter by hostname. Like the User Alerts page, you can now export the hosts as well — something that was asked for a ton!
The agents page gets a couple enhancements in 4.6. First, you can now configure multiple destinations from the agent builder wizard. To do this, select New next to Servers:
Then select which server you wish to configure:
In addition, you now have the ability to export the list of agents — probably the top requested features on the admin pages:
You will notice you can export all or export with filters. You may be wondering where the filters are entered. Remember, an agent group allows you to add filters:
Finally, you will notice that you can show only the agents which can be configured from this Log Insight instance. Remember, with multiple destination support it is possible to have the same agent reporting to multiple different Log Insight instances, but configuration can only be done by “server” (i.e. the first one):
I already covered the new raw event forwarding, but since I am listing all administrator UI changes, I figured I would mention this one.
The add and save buttons for vSphere integration have been moved to the top. In addition, Log Insight now supports 15 vCenter integrations PER NODE. This means if you have a 12 node cluster then that cluster supports up to 180 vCenter integrations (previous maximum was 10 per cluster)!
From the General page you can now enable regex in the query API:
Active Directory is supported again — though I would still advise going with VIDM:
© 2018, Steve Flanders. All rights reserved.