Log Insight Agent: Building a Configuration for Product X

A covered how to configure the free Log Insight Windows agent when the Log Insight 2.0 beta was released. Since the agent’s announcement, the demand for the agent and the appropriate configuration has increased daily. The most common request I have received to date is, “how do I monitor logs for product X using the Log Insight Windows agent?” In this post, I would like to take a deeper look at the filelog configuration option of the agent and how to approach building configuration sections.


Continue reading

Heads Up! Updated Microsoft Content Packs Now Available

As you may have seen on the VMware Management blog, I recently announced updated Microsoft content packs for Log Insight. For those that are currently using either the Microsoft Windows or Microsoft Active Directory content packs, I would highly encourage you to upgrade and for those using the Microsoft Exchange there is an update for you as well. Read on for more information!


Continue reading

vCAC remote logging

I have been spending a lot of time working with vCAC logs files as of late and what I realized is that vCAC is made up of a lot of components and a lot of different log files. Unfortunately, vCAC does not support setting a remote syslog destination to forward all vCAC logs within the GUI today. As such, I would like to cover where all the log files are located and more importantly how you can forward them to a remote syslog destination like Log Insight.

UPDATE: This post is based on vCAC 6.0, if you are running vRA 6.1 or newer, please be sure to see my updated post here.

Continue reading

Syslog Agents on Windows

In order to send events from a Windows device to a remote syslog server like Log Insight, you need a syslog agent. Windows does not natively support syslog. The good news is that several syslog agents for Windows exist. I would like to cover my considerations and recommendations for a syslog agent on Windows.

UPDATE: As of Log Insight 2.0, Log Insight offers a free Windows agent that supports the syslog protocol and Log Insight’s ingestion API. For more information see these┬áposts.


Continue reading