vRealize Log Insight: Part-1: Introduction


This week I decided to test my hands on the log management tool from VMware i.e vrealize Log Insight. We have this tool in our production environment and have to jump into analysis of Alerts received from this tool. Due to lack of knowledge troubleshooting sometime becomes very difficult so I decided to deploy this in my lab and play around options.

What is vRealize Log Insight?

vRealize Log Insight is a log management tool that aggregates logs from various systems into one place.The cool aspect of Log Insight is that it supports the collection of logs either from VMware infrastructure (i.e. ESXi hosts) either from physical infrastructure (i.e. physical servers, physical switches, etc.) either from application (i.e. virtual/physical machines guest operating systems).

With the introduction of vCenter Log Insight (Later renamed as vRealize Log Insight) VMware joined the already crowded log analytics market. There are several other products in market such as Splunk, LogRhythm, Sumo Logic and Loggly which are used for data center log consolidation and analysis. The advantage of Log Insight is its seamless integration with other VMware products.

What is the advantage of using Log Insight?

Log Insight is used for operational analytics in traditional data center and cloud environments. It has the ability to discover emerging patterns and guide administrators to the root cause of problems.

Log Insight makes it possible to do all sorts of queries and analytics on the data retrieved. Log Insight is just not for vSphere or other Vmware products, but can interact with other products such as Microsoft OS, SQL Server, IIS Server, Sharepoint, the .NET CLR, networking/storage products from Cisco (ASA, Nexus), Arista, Brocade, EMC (VNX), NetApp, Synology and even for compute products from VCE and Cisco (UCS) via Management packs for these products.

Loginsight-ingress

As of now Log Insight can be integrated with:

1: vSphere (Esxi + vcenter)
2: vRealize Automation,
3: vRealize Operations,
4: vCloud Director
5: NSX
6: Horizon View

Where did Log Insight come from?

As we all know VMware is known for acquiring the small companies and then re-design and rebrand the product under VMware name. Log Insight is no exception to this and  is a result of VMware’s acquisition of Pattern Insight in August 2012.

The current version of Log Insight is 3.3.1 and is available for download in form of ova file from vmware.com.

How Log Insight works?

Log Insight is deployed as a virtual appliance in vSphere Infrastructure. The virtual appliance contains the Log Insight application installed on a SUSE Linux operating system and database. The Log Insight database is a special designed database and contains something called “just-in-time schema” which enables it to ingest syslog data from hundreds of syslog agents and store the unstructured data without modifying the database.

Log Insight appliance contains the customizable dashboards which gives a visual representation of what’s going on with infrastructure. Dashboard contains custom graphs of log events that are coming from different pieces of infrastructure.

If you want to know more about Log Insight product, I would encourage you to read following blogs:

1: Log insight FAQ’s

2: What’s new in Log Insight 3.3

In next post of this series we will look into Installation and Configuration of Log Insight appliance. Stay Tuned !!!

I hope you enjoyed reading this post. Feel free to share this on social media if it is worth sharing. Be sociable

About Alex Hunt

Hi All I am Manish Kumar Jha aka Alex Hunt. I am currently working in VMware Software India Pvt Ltd as Operations System Engineer (vCloud Air Operations). I have around 5 Years of IT experience and have exposure on VMware vSphere, vCloud Director, RHEL and modern data center technologies like Cisco UCS and Cisco Nexus 1000v and NSX. If you find any post informational to you please press like and share it across social media and leave your comments if you want to discuss further on any post. Disclaimer: All the information on this website is published in good faith and for general information purpose only. I don’t make any warranties about the completeness, reliability and accuracy of this information. Any action you take upon the information you find on this blog is strictly at your own risk. The Views and opinions published on this blog are my own and not the opinions of my employer or any of the vendors of the product discussed.
This entry was posted in Vmware. Bookmark the permalink.

One Response to vRealize Log Insight: Part-1: Introduction

  1. Pingback: vRealize Log Insight: Part-2: Installation/Configuration | Virtual Reality

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s