as someone who was looking at a pretty expensive investment in splunk to achieve what i have done with NLS i'm thrilled that Nagios have released an ELK stack system with a sane user interface.
That being said there are plenty of annoying things about NLS that i'd love to see fixed.
- Apply configuration - this link should do what it says however it doesnt, the first time you do it you get a message "Deletion command has been sent to the backend." you then need to run it again to get the config to apply.
- Custom patterns should be configurable from the GUI, its pretty clear from the dashboards on the exchange that this is an essential feature but its currently quite difficult for novices to add them so it will hinder some people deploying it.
- exporting dashboards as a pdf - maybe I am missing something but i'd love to be able to export the dashboard as a pdf to show someone about an issue that is happening or for monthly reporting, sure I can print it as a pdf from chrome but it doesn't look right and there is a lack of functionality that a native export would achieve.
- Limited access accounts that are limited to running a set query (or better urls that people don't need to authenticate against to access specific data)- would mean that I can give people access to subsets of data from within NLS without concern that they can access all the log data in the repository
- make the "dark" style for dashboards work!
- a button that allows you to search NLS for a specific entry e.g. if I have a list of users web access and I want to look at what else that user has done on our systems I would love to click a button and search all of NLS for that username
- LDAP AUTHENTICATION or any other authentication method that can integrate with AD!