You can configure and customize vRealize Log Insight to change default settings, network settings, and modify storage resources. You can also configure system notifications.
vRealize Log Insight Configuration Limits When you configure vRealize Log Insight , you must stay at or below the supported maximums.
Add a Log Filter Configuration You can add a configuration to drop logs that match the filter criteria you provide.
Add a Log Mask Configuration You can add a configuration to mask sensitive information in all logs or logs that match the filter criteria you provide.
Configuring Virtual Appliance Settings You can modify virtual appliance settings, including storage capacity and memory or CPU capacity.
Assign a License to vRealize Log Insight You can use vRealize Log Insight only with a valid license key.
Log Storage Policy The vRealize Log Insight virtual appliance uses a minimum of 100 GB of storage for incoming logs.
Managing System Notifications vRealize Log Insight provides built-in system notifications about activity related to vRealize Log Insight health, such as when disk space is almost exhausted and old log files are about to be deleted.
Add a vRealize Log Insight Log Forwarding Destination You can configure a vRealize Log Insight server to forward incoming log events to a syslog or Ingestion API target.
Configure Log Forwarding to vRealize Log Insight Cloud Add a cloud forwarder to forward logs from a vRealize Log Insight server to vRealize Log Insight Cloud without using a Cloud Proxy.
Synchronize the Time on the vRealize Log Insight Virtual Appliance You must synchronize the time on the vRealize Log Insight virtual appliance with an NTP server or with the ESX/ESXi host on which you deployed the virtual appliance.
Configure the SMTP Server for vRealize Log Insight You can configure an SMTP to allow vRealize Log Insight to send email notifications.
Configure an HTTP Proxy If your vRealize Log Insight appliance is restricted to the public network or the intranet, you can configure an HTTP proxy to let vRealize Log Insight send webhook notifications to endpoints such as Slack, PagerDuty , vRO, or a custom endpoint, which can be accessed through an isolated network.
Configure a Webhook You can configure a webhook to send alert notifications to a remote web server. Webhooks provide notifications over HTTP POST/PUT.
Install a Custom SSL Certificate By default, vRealize Log Insight installs a self-signed SSL certificate on the virtual appliance.
View and Remove SSL Certificates You can view the SSL certificates that have been accepted and added to the truststores of all the nodes in your vRealize Log Insight cluster. You can also remove the certificates that you do not require anymore.
Change the Default Timeout Period for vRealize Log Insight Web Sessions By default, to keep your environment secure, vRealize Log Insight Web sessions expire in 30 minutes. You can increase or decrease the timeout duration.
Retention and Archiving You can retain log data in index partitions by defining different retention periods for different types of logs. For example, you can define a short retention period for logs with sensitive information. You can also archive the log data in a partition for an extended period of time. If you enable archiving for an index partition, the data in the partition is moved to an NFS mount after its retention period.
Restart the vRealize Log Insight Service You can restart vRealize Log Insight by using the Cluster page in the Web user interface.
Power off the vRealize Log Insight Virtual Appliance To avoid data loss when powering off a vRealize Log Insight primary or worker node, you must power off the node by following a strict sequence of steps.
Download a vRealize Log Insight Support Bundle If vRealize Log Insight does not operate as expected because of a problem, you can send a copy of the log and configuration files to VMware Support Services in the form of a support bundle.
Join or Leave the VMware Customer Experience Improvement Program You can join or leave the VMware Customer Experience Improvement Program (CEIP) after deploying vRealize Log Insight .
Configure STIG Compliance for vRealize Log Insight You can configure vRealize Log Insight to ensure STIG (Security Technical Implementation Guide) compliance for better security. This configuration includes the DoD (Department of Defense) consent agreement and additional password policy restrictions.
Activate FIPS for vRealize Log Insight You can configure vRealize Log Insight to ensure FIPS (Federal Information Processing Standards) compliance for better security. This set of standards describes document processing, encryption algorithms, and other information technology standards for use within United States' non-military government agencies and by government contractors and vendors who work with the agencies. When you activate FIPS, vRealize Log Insight uses the FIPS 140-2 standard with Security Level 1, which specifies basic security requirements to protect sensitive or valuable data.