Skip to content

Tag: Automation

Log Insight: Using the Ingestion API

As I am sure you know, Log Insight 2.0 features an ingestion API, which makes it possible to ingest information without use of the syslog protocol. The API uses a JSON string to send events to Log Insight and also supports the ability to pass fields during ingestion time. An example of a JSON message would be:

Depending on your operating system, you have a variety tools to send API events like the above. For example:

Depending on the method you choose and the format in which you pass the information you will get one of the following return codes:

  • 200 OK
  • 400 Bad Request
  • 500 Internal Server Error
  • 503 Service Unavailable

Unless you receive 200 OK something is wrong that needs to be corrected. If you get 503 Service Unavailable then the issue is either server-side or network related. The 400 and 500 error codes point to a client-side error. The question becomes, how do you fix client-side errors?
api

Automating the Configuration of Log Insight

Now that you know how to automate the deployment of Log Insight, you are probably wondering how to automate the configuration of Log Insight. Automating the configuration of Log Insight is a little harder because Log Insight does not have a configuration API today and because by default SSH is disabled until the root password is set. In addition, the root password cannot be set through OVF properties today.
So how do you automate the configuration of Log Insight?

Automating the Deployment of Log Insight

Log Insight ships as a virtual appliance. Given its single packaging model, automated deployment is easy thanks to the freely available OVF Tool. OVF Tool is a command line utility available for Windows, Linux and Mac that allows you to deploy OVA/OVF files. For the list of options available with OVF Tool run ovftool –help or see check the documentation. I would like to walk you through how to automate the deployment of Log Insight via ovftool.
ovftool