I have compared the ingestion API to syslog and also explained why you should use the Log Insight agent, but I have never compared the ingestion API to the Log Insight agent. In this post, I will do exactly that. Read on to learn more!
If you remember reason 9 from my 12 reasons why you should use the Log Insight agent post then you may be wondering how you can support time deltas greater than 10 minutes between the client and the server. In this post, I will cover how to do it.
In my last post, I talked about the differences between how events are displayed over the syslog protocol, which has a strict format structure, and the ingestion API, which sends events as-is. In this post, I would like to talk about the differences between using the syslog protocol versus the ingestion API when it comes […]
As you know, Log Insight introduced an ingestion API with the 2.0 release. This ingestion API can be used by anyone, but is leveraged by default by the Log Insight agent available for Windows as of 2.0 and Linux as of 2.5. The ingestion API is powerful because it provides functionality beyond what the syslog […]
For Log Insight 2.5, several enhancements have been made on both the agent and ingestion API sides. I would like to cover these enhancements in detail.
As I am sure you know, Log Insight 2.0 features an ingestion API, which makes it possible to ingest information without use of the syslog protocol. The API uses a JSON string to send events to Log Insight and also supports the ability to pass fields during ingestion time. An example of a JSON message […]
I am happy to announce that official API documentation has been released and is available on both the Log Insight 3.3 and Log Insight 3.6 documentation landing pages! Log Insight has always featured ingestion API documentation in the official product documentation. In Log Insight 3.3, a supported authentication and query API were made available in addition […]
I have covered Log Insight reference architectures in the past, but I have received a few inquiries about large Log Insight deployments. In this post, I will cover a variety of different large Log Insight deployments and the reference architecture information you need to know. Read on to learn more!
The event forwarder feature of Log Insight is powerful for a variety of reasons (several covered in this post). When it comes to event forwarding over the syslog protocol (i.e. to a third-party destination), some people have commented on the prefix Log Insight adds to forwarder events. It turns out this is true for event […]
Log Insight has featured event forwarding since version 2.5. One thing missing was the ability to apply tags (i.e. metadata) to events forwarded over the syslog protocol. In version 3.6, this capability has been added. Read on to learn more!