I am happy to announce the release of Log Insight 4.5. As always, this release has a ton of new features. Read on to learn more!
What’s New
- General Enhancements
- Tons of new configuration APIs supported
- API to query alert execution and notification history
- Source field retained when using CFAPI event forwarding
- UI
- User alert history for aggregation query now includes count (just like in email)
- Hosts on the /admin/hosts page can now be exported
- Updated General and vSphere content pack
- VSAN and vROps content packs included out of the box
- Global time highlighting on Dashboards page
- Global legend highlighting on Dashboards page
- Separate options for description versus recommendation for user alerts
- Webhooks support basic auth in URL
- Agent
- Directory glob support
- Ability to parse PRI and SD (STRUCTURED-DATA) syslog fields
- Support for Photon OS 1.0 revision 2 and newer
- Enhanced silent install options
What’s Fixed
- tmp directory may not have enough room to support an upgrade
- Event forwarding over syslog from the Log Insight Agent over CFAPI without the complimentary fields option results in no STRUCTURED-DATA being sent
- Content Pack page works with Chrome
- Hosts expire after 3 months
- Trendline is no longer allowed with multiple functions
- Fix an invalid cluster configuration and allow Log Insight to start
- Fix an issue where ESXi reported a logging issue to Log Insight
- Inventory mapping is now case-insensitive (like the rest of LI)
- Properly migrate SSL certificate during upgrade
What’s Changed
- Active Directory authentication is deprecated, but still supported — use VMware Identity Manager instead
- External load balancers usage is deprecated — use the integrated load balancer instead
- When forwarding events from a Log Insight instance to another Log Insight instance the source field will be what the original Log Insight instance saw instead of the original Log Insight instance
- Event forwarding over syslog from the Log Insight Agent over CFAPI without the complimentary fields option sends STRUCTURED-DATA as expected
- Trendlines are not allowed for multiple functions (only single)
How to Upgrade
No changes.
- You must be running Log Insight 4.3 — upgrades must be sequential from every GA release.
- You must access the cluster master’s FQDN (not ILB VIP) and ensure you have access to ports 443 and 80.
- You go to the /admin/cluster page and follow the upgrade workflow.
Summary
VMware has done it again with another solid release of Log Insight. As always, it is recommended that you upgrade to the latest version, but be sure to read through the release notes before you do. Also, be sure to leave a comment and let me know how the upgrade went as well as what you think about the new features.
Note: Log Insight 2.5 went end of support on September 10, 2016. Now that Log Insight 4.0 is out, Log Insight 3.0 is on the clock for end of support — the official date is for Log Insight 3.0 remains 2017/09/10 and the date for Log Insight 3.6 moves to 2017/11/15. If you do plan to stick with Log Insight 3.x, the recommendation is to move to the latest 3.6.x version. You should really be planning for your 4.x upgrade at this time!
© 2017, Steve Flanders. All rights reserved.
Hi Steve,
So direct AD auth is not supported at all? This is going to cause us major issues and delays in getting LI upgraded as we’ll need to get a design signed off for VMware identity Manager and as such unable to keep the product patched.
Regards
Hywel
Hey Hywel — Thanks for the comment. Yes, AD auth is not supported in LI 4.5. It is the same as LI 4.3 so if it is working for you in 4.3, it should work in 4.5, however if you experience issues and want support from GSS then you will need to migrate to VIDM. More on this in a post early next week.
ActiveDirectory auth is deprecated in LI 4.5. This is an absolute no-go for me.
I don’t want to buy! and build an id-mgr environment just to authenticate a handful of admin-accounts accessing LI. That’s a joke, sorry vmware! Time now, to search for alternative syslog-servers.
Hey Christoph — Thanks for the comment. You do not need to buy VIDM, it is free with LI, but if you run into issues with the native AD support in LI then migrating to VIDM is the only way to get support for AD authentication issues. I hope this helps.
Hi Steve – also somewhat disappointed re: AD auth, but I know how it goes. That said, I deployed vIDM, hooked it into an AD directory, it syncs users and groups… but when I choose the “VMware Identity Manager” logon method I get “Not supported user type. Incomplete domain information received”. Any thoughts?
Hey Jon — I have not seen that error, but sounds like you may be trying to authenticate with a local VIDM user and not a AD user via VIDM? If this is not the case then I would suggest opening a support case as configuration information as well as a support bundle will be needed to troubleshoot.
Hi,
I am getting same error message as yours and unable to find any information online regarding below error,, if you did managed to fix this issue, please let me know the work around?
Not supported user type. Incomplete domain information received
Thanks
Rajesh
Hi Steve thanks for the grate article also, VMware has changed the support statement around native AD support..now it will still be supported in version 4.5 but is always advised to integrate through vIDM as it will eventually be deprecated.
Hey Anuj — Thanks for the comment. Indeed, I had updated https://sflanders.net/2017/06/22/log-insight-4-5-active-directory-deprecation/ already and now this post is as well.
Steve,
I am using vRLI 4.5 with log insight viDM which has AD integrated with that.
I have used the same process which you mentioned in VMword 2017.
Process :
install ViDM
Synced AD group with direct path.
Integrated vRLI with vIDM with local user of VIDM.
But I used vRLI master ip in url redirection rather than VIP for cluster.
ALl users came into vRLI. I have given all roles to my group.
But when I logout and login again and select VIDM option.
I get greyout option.
I cannot type username and password there for vIDM.
Please help!!!
Hey Namish — when you use VIDM log in you cannot enter username/password on the LI page. Instead, you select the “Login via SSO” blue button at the bottom.