Log Insight Use Cases

Challenges For Using vRealize Log Insight

  • Solved the following operational challenges with vRealize Log Insight:
    • Improved the efficiency of a business process
    • Reduced problem resolution time
    • Improved management efficiencies of existing infrastructure resources
    • Reduced IT infrastructure costs
    • Reduced problem resolution time
    • Improved overall system uptime

VMware SDDC Stack Solution

  • VMWARE – VSPHER
  • VMWARE IDENTITY MANAGER
  • VMWARE – VSAN
  • VMWARE SRM
  • VMWARE – HORIZON
  • VREALIZE OPERATIONS MANAGER
  • VREALIZE AUTOMATION
  • VREALIZE BUSINESS FOR CLOUD
  • VREALIZE NETWORK INSIGHT
  • VREALIZE SUITE LIFECYCLE MANAGER
  • NSX-V FOR VSPHERE CONTENT PACK

Microsoft SharePoint – The Microsoft Sharepoint Content Pack for Log Insight removes the complexity of having to learn, decider and understand key trends, events, and general usage data related Sharepoint log files. Via this custom Sharepoint Content Pack, Sharepoint administrators can graphically view by functional areas specific log activities. These log activities offer early indicators of problem activities, and or offer the last mile of troubleshooting required to fix a Sharepoint web application framework problem. 

IIS Web Servers -The Microsoft IIS Content Pack for Log Insight offers a highly scalable, intuitive, and graphical approach for collecting, structuring and analyzing IIS log data. This content pack has a variety of dashboards, and display widgets for representing IIS log information functionally. At at glance IIS administrators can see IIS log trends, critical events and activities, and more readily make configuration, hosting, and common fixes for complying with IIS service level agreements. 

Windows Server – The Microsoft Windows Operating System content pack is a purpose built, downloadable add on to Log Insight. Operations managers can collect, analyze, and visually sort through Windows Operating System log data (log files) for more efficient troubleshooting. Log Insight’s graphical user interface offers at a glance viewing of log files, for quickly detecting anomalies and or other behavioral issues effecting health and performance and Windows servers.

Linux Servers – The content pack for Linux provides you with information about key entities of any Linux operating system installation’s health using Log Insight’s ability to monitor filesystem logs.

Log Insight offers very intuitive graphical representation, especially with regards to log events. Spikes in the number and types of messages received can be flagged as events with external notifications. System administrators can drill into these events for looking at where and why these are being generated.

Microsoft ADFS – The Microsoft Active Directory Log Insight content pack offers customized collection, analysis, and graphical representation of Active Directory log files for efficient troubleshooting of Active Directory operation problems. By simply downloading this content pack and installing into Log Insight, system administrators can within minutes begin making sense out of their Active Directory logs files. Operation tasks including detection of anomalies, being able to wind back to yesterday’s events, and/or being able to quickly sort through the logs in a more structured like manner, are several of the many features within this content pack.

Microsoft SQL Server Databases – The Microsoft SQL server content pack provides a set of dashboards, pre-defined extracted fields, queries and alerts which can be imported to any instance of Log Insight to provide easier to read and more organized monitoring to server administrators. It gives you a convenient overview of the major parameters of MS SQL server which play a necessary role in analyzing the overall health of a MS SQL server.

Microsoft Exchange – The Content Pack for Microsoft Exchange servers offers a simple, intuitive approach for collecting, structuring, analyzing and graphically displaying Exchange log messages, with an industry leading scale out architecture. Sources of log messages including those that are database, transport, administrative, mailbox, client access, and/or LDAP related are collected and consolidated. In near real time log messages are analyzed for identifying and alerting on critical events that are impacting end user performance.

APACHE – TOMCAT – Tomcat is an open-source web server that implements several Java EE specifications. Several Java applications that require web server capabilities leverage Tomcat. Like many web servers, Tomcat leverages the Apache Common Log Format (CLF) for web request logging.

APACHE – HTTP SERVER – Apache HTTP Server, often referred to as just Apache, is an open-source web server. Like many web servers, Apache leverages the Apache Common Log Format (CLF) for web request logging.

APACHE CLF – What is CLF and why should you care? CLF stands for Common Log Format and is a logging standard established by the Apache Foundation. While the standard was created for Apache web applications, the standard has been adopted by most other web applications including HAProxy, NGINX and Microsoft IIS.

Cisco Nexus switches – Logs offer the source of truth for operationally managing Cisco Nexus switches, yet require years of Cisco CLI experience to understand. The Cisco Nexus Content Pack for Log Insight, structures the Nexus logs into meaningful, actionable data with simple to visualize custom dashboards, and intuitive graphical views. Operation teams now have meaningful dashboards for what has traditionally been highly unstructured data.

VMWARE – VSPHERE CONTENT PACK – VMware vCenter Log Insight delivers automated log management through aggregation, analytics and search, enabling operational intelligence and enterprise-wide visibility in dynamic hybrid cloud environments. Content packs are plugins to VMware vCenter Log Insight that provide pre-defined knowledge about specific types of events such as log messages.

vCenter Log Insight ships with the VMware – vSphere content pack, which when used in conjunction with Log Insight vSphere integration provides deep knowledge and insight into VMware vSphere logs. Every vRealize Log Insight version comes with an all-new version of the content pack.

VMWARE – VSAN CONTENT PACK – VMware vRealize Log Insight delivers automated log management through aggregation, analytics and search, enabling operational intelligence and enterprise-wide visibility in dynamic hybrid cloud environments. Content packs are plugins to VMware vRealize Log Insight that provide pre-defined knowledge about specific types of events such as log messages.

The VMware – vSAN content pack, when used in conjunction with Log Insight vSphere integration provides deep knowledge and insight into VMware vSAN logs and urgent traces. The content pack contains various dashboards, queries and alerts to provide better diagnostics and troubleshooting capabilities to the vSAN administrators.

VREALIZE AUTOMATION – VMware vRealize Log Insight delivers automated log management through aggregation, analytics and search, enabling operational intelligence and enterprise-wide visibility in dynamic hybrid cloud environments. Content packs are plugins to VMware vRealize Log Insight that provide pre-defined knowledge about specific types of events such as log messages.

The VMware vRealize Automation (vRA) content pack compliments the vSphere content pack and provides a consolidated summary of log events across all vRA components of the environment including the vRA VA, vRA IaaS Components and vIDM.

NSX-T CONTENT PACK – The NSX-T Log Insight Content Pack provides operational and alerting visibility for different sources of log data within NSX-T. The graphically rich content pack is essential for analyzing and identifying NSX-T configuration, performance, security and traffic related issues and makes it easy to act upon the information provided. The Content Pack covers NSX-T functions such as audit information, logical switch, logical router, Firewall traffic, DHCP and represents the information via custom dashboards, filters, and alerts. The seven NSX-T dashboards sort information based on user defined time intervals and the data is presented graphically via bar graphs, pie charts and raw data collection widgets.

VMWARE – HORIZON VIEW – VMware View delivers virtual desktops and applications that run in the datacenter to end users, who can access their desktops and applications from any devices. A typical view connection includes several VMs: Connection Server, View Client and View Agent. Any issue happens are recorded in the log, then analyzed by GSS or Developers. This is a POST way of problem resolving, we encounter several problems during the daily debug:

  • Active view session count is hard to count within a time range. This is a real case from China GSS, who found predefined sessions are easily exhausted and wanted to find the sessions grow trend. The result is they got an one year log bundle and have to count active session manually to resolve the problem.
  • PCoIP network performance trace and warn user are needed. PCoIP is the protocol of data delivery between client and server. User may encounter mouse, key, image problems when receive/send package quality is poor, then fire bug to CPD. It would be useful if they can get warned immediately and aware it’s a network issue.
  • PCoIP image encode/decode amount and efficiency both on client and agent side.
  • PCoIP image transfer quality.
  • Active agent counting, divided by Agent pool, ESXI.
  • Session error statistic.
  • System resource usage status.

VREALIZE OPERATIONS MANAGER CONTENT PACK

MICROSOFT WINDOWS OPERATING SYSTEM CONTENT PACK

MICROSOFT ACTIVE DIRECTORY CONTENT PACK

VMWARE IDENTITY MANAGER CONTENT PACK

VMWARE VREALIZE BUSINESS FOR CLOUD CONTENT PACK

NSX-V FOR VSPHERE CONTENT PACK

APACHE – TOMCAT CONTENT PACK

VREALIZE NETWORK INSIGHT CONTENT PACK

LINUX CONTENT PACK

VREALIZE SUITE LIFECYCLE MANAGER CONTENT PACK

MICROSOFT IIS CONTENT PACK

VMWARE SRM 8.1 CONTENT PACK

MICROSOFT SHAREPOINT CONTENT PACK

CISCO UCS CONTENT PACK

CISCO NEXUS SWITCH FAMILY CONTENT PACK

Leave a Reply

Your email address will not be published. Required fields are marked *