vRealize Log Insight – Tracking SSH Logins to Edge Devices

Posted by stewud

Here is an example of a really simple but cool query that can be setup in vRealize Log Insight to track accepted and failed SSH logins to Edge devices.

Query:

Match ALL:

appname contains “sshd”

text contains “failed password” (This can be changed to “accepted password” to track accepted logins)

hostname contains “hostname”

One thought on “vRealize Log Insight – Tracking SSH Logins to Edge Devices”

Pingback: Newsletter: July 8, 2017 | Notes from MWhite

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Google account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

%d bloggers like this:

vWud.net

Everything to do with virtualization

vRealize Log Insight – Tracking SSH Logins to Edge Devices

One thought on “vRealize Log Insight – Tracking SSH Logins to Edge Devices”

Leave a Reply Cancel reply

Share this:

Like this:

One thought on “vRealize Log Insight – Tracking SSH Logins to Edge Devices”

Leave a Reply Cancel reply