Reading Time: 4 minutes

VMware vCenter Log Insight is a VMware analytics  product introduced one year ago. Part of VMware vCenter family, Log Insight delivers automated log management through log analytics, aggregation, and search, extending VMware’s leadership in analytics to log data.

Now VMware is announcing the new version 2.0 of this product with new interesting features.

This product is part of the VMware Cloud Management portfolio, but is not included (yet) with any suite or bundle (and has a license little different compared to other products and also a new model in this version):

VMware-CloudManagement

The main purpose of this version is build a better real-time big data log and alert visualization management for VMware environments across physical, virtual, and cloud environments. It’s funny how VMware it’s trying to compete with the ecosystem (see also this post): first was with the backup solution, then the monitor and management, the storage and now the log and analytics. But competition it’s always good, for everybody.

Log-Insight

New version will be more faster in order di become more effective and usable:

  • 8X faster data collection
  • 6X query performance

But also able to scale up and out in serveral ways:

  •  Increase nodes (up to 6) to an  existing Log Insight installation
  • 2TB of live searchable data per node
  • High availability: no single point of failure for log ingestion
  • Load balanced via external load balancer. Tested with vCNS and F5
  • Single UI for distributed queries and single management interface

Also the new version will have new interesting features:

  • Intelligent Operations: Predictive Analytics/Machine Learning for faster problem resolution
  • Log Everything: Lightweight Windows Agent Built for the vSphere Ecosystem
  • Powerful big data log management for VMware products: Insight into VMware products incl. NSX, vCloud Automation Center, Horizon View
  • New pricing model for customers of all sizes – not based on log volume
  • Unified Management: Integration with vCenter Operations Management Suite 2-w The best real-time big data log ay alert visualization

As written there will be an new Windows Agent for a new collection framework: native Windows agent collects events from standard or custom channels spanning desktops and servers:

  • Low CPU & RAM footprint (less then 5% CPU, and less than 100MB-200MB RAM and is configurable)
  • Collect Windows Events from standard or custom Windows Events channels
  • Configurable which Windows Events channels to collect from
  • Understands and preserves schema from the different Windows Events channels
  • Collect logs from flat files and directories
  • Agent automatically understand and supports log file rotation
  • Flexibility in specifying what you want to monitor

Also new content pack will coming soon:

  • Brocade SAN Content Pack – monitors syslog events coming from Brocade Fibre Channel Switches; generates alerts
  • Microsoft Active Directory Content Pack
  • Microsoft Exchange Content Pack
  • Microsoft Windows Content Pack

VMware vCenter Log Insight 2.0 extensibility is probably one of the more attractive new features:

  • Highly Extensible
  • Captures log data from physical servers, network and storage devices, OSes, applications, VMs, and hosts, and more
    Log Insight Content Packs
  • Encapsulate pre-defined log queries, extracted fields, pre-built dashboards and product-specific alerts from vCenter Log Insight
  • Help customers to pinpoint IT issues rapidly and simplify troubleshooting
  • Help customers reduce IT costs related to root cause analysis and increase overall customer satisfaction
    Log Insight Marketplace
  • Marketplace features downloadable content packs from VMware and partners available at no cost
Share

Virtualization, Cloud and Storage Architect. Tech Field delegate. VMUG IT Co-Founder and board member. VMware VMTN Moderator and vExpert 2010-24. Dell TechCenter Rockstar 2014-15. Microsoft MVP 2014-16. Veeam Vanguard 2015-23. Nutanix NTC 2014-20. Several certifications including: VCDX-DCV, VCP-DCV/DT/Cloud, VCAP-DCA/DCD/CIA/CID/DTA/DTD, MCSA, MCSE, MCITP, CCA, NPP.