It’s official – vRealize Log Insight 8.3 is available for download today! Log lnsight is a log analysis tool that delivers highly scalable log management with intuitive, actionable dashboards. It uses sophisticated analytics for event correlation and has broad third-party extensibility. The key features of this release include support for Federal Information Processing (FIPS) 140-2, a configurable consent agreement for the Department of Defense, unauthenticated download of the Log Insight agent, and cross-domain authentication for VMware Identity Manager (vIDM) users.
You must be running vRealize Log insight 8.2 in order to upgrade to the 8.3 release.
Support for Federal Information Processing Standard (FIPS) 140-2:
The National Institute of Standards and Technology (NIST) published a set of strict standards regarding cryptographic modules used in hardware and software. The Federal Information Processing Standard Publication 140-2 (FIPS 140-2) defines the security requirements that must be met by these modules. United States Federal Government customers, or research institutions, universities, defense contractors, or those with access to government data are required to adhere to these standards to protect sensitive and confidential data.
Log Insight has been updated to meet the FIPS security requirements for cryptographic modules. These changes require the cluster to be put in maintenance mode as this change requires a restart of all nodes in the cluster.
Note: Node communication via SSL is part of the update when FIPS Mode is enabled, but this setting can also be enabled without enabling FIPS Mode by following this KB.
Once FIPS is enabled, it cannot be disabled. Ensure you complete a full backup prior to modifying this setting. FIPS Mode can be enabled during deployment or at any point after the deployment/upgrade by navigating to Administration > General > FIPS Mode.
Configurable consent agreement for the Department of Defense
Select from three Login Message Types and enter the consent agreement. There is also a set of APIs that are in Tech Preview with this release. (GET /api/v1/dod, PUT /api/v1/dod, DELETE /api/v1/dod). All configuration changes are logged on the system.
The ‘simple’ consent option does not require the person logging in to acknowledge the consent, but they can view the consent agreement. The Login Message option requires that they attest to the disclaimer by checking a box, and the last option will show the disclaimer and require them to select “I Agree” before they can provide their credentials.
Support of cross-domain group-based authentication for vIDM users
You can now use groups from different, trusted Active Directory domains.
Example:
Unauthenticated Download of LI Agent
You can download the LI Agent using the API without authenticating to the server: GET https://<server>/api/v1/agent/install-packages/msi (file options /msi /bin /deb /rpm).
If you want to learn more about the features and capabilities of vRealize Log Insight, check out our learning paths at VMware Pathfinder. Pathfinder offers enablement for beginners to advanced users and includes technical deep dives. You can also get access to try it out for yourself using VMware Hands-on Labs. If you’re not using Log Insight today, make sure to check out the 60-day evaluation!