A covered how to configure the free Log Insight Windows agent when the Log Insight 2.0 beta was released. Since the agent’s announcement, the demand for the agent and the appropriate configuration has increased daily. The most common request I have received to date is, “how do I monitor logs for product X using the Log Insight Windows agent?” In this post, I would like to take a deeper look at the filelog configuration option of the agent and how to approach building configuration sections.
As you may have seen on the VMware Management blog, I recently announced updated Microsoft content packs for Log Insight. For those that are currently using either the Microsoft Windows or Microsoft Active Directory content packs, I would highly encourage you to upgrade and for those using the Microsoft Exchange there is an update for you as well. Read on for more information!
In this video presentation, I cover how to configure the Windows agent available in Log Insight 2.0 including how to properly handle multiline messages.
This week, I would like to talk about the Windows agent available in Log Insight 2.0. First up, I would like to cover how to deploy the Window Agent on your Window’s VMs. Please note the Windows agent support Windows desktop versions Vista and newer and server versions 2008 and newer.
I have been spending a lot of time working with vCAC logs files as of late and what I realized is that vCAC is made up of a lot of components and a lot of different log files. Unfortunately, vCAC does not support setting a remote syslog destination to forward all vCAC logs within the GUI today. As such, I would like to cover where all the log files are located and more importantly how you can forward them to a remote syslog destination like Log Insight.
UPDATE: This post is based on vCAC 6.0, if you are running vRA 6.1 or newer, please be sure to see my updated post here.
Someone recently asked me if Microsoft’s Log Parser application could be used as a syslog agent. To be honest, I had not heard of the application so I looked it up and tried it out. This post is a result of what I learned.
In order to send events from a Windows device to a remote syslog server like Log Insight, you need a syslog agent. Windows does not natively support syslog. The good news is that several syslog agents for Windows exist. I would like to cover my considerations and recommendations for a syslog agent on Windows.
UPDATE: As of Log Insight 2.0, Log Insight offers a free Windows agent that supports the syslog protocol and Log Insight’s ingestion API. For more information see these posts.