Finally, the highly-anticipated VMworld 2018 is underway in Las Vegas. Make sure to check out the exclusive session “Deep Dive: Multi-Cloud Troubleshooting for Infrastructure and Applications (MGT3192BU)” on August 27 from 2:00 – 3:00 PM.
Special Announcements Regarding Log Intelligence:
We are excited to announce these new updates to VMware Log Intelligence:
- VMware Cloud on AWS audit logs can now be accessed through Log Intelligence as a core service.
- Log Intelligence is now integrated with Wavefront by VMware for Dev-Ops end-to-end troubleshooting.
- There is now deep native AWS support for logs from CloudWatch and CloudTrail.
The integration of VMware Cloud on AWS and Log Intelligence will allow customers to increase security and become compliant with laws and regulations. DevOps customers will now have an end-to-end troubleshooting experience with logs and metrics through the integration of Wavefront and Log Intelligence. The native AWS support for CloudWatch and CloudTrail will help deliver for customers a single pane of glass for troubleshooting applications across multi-cloud environments.
VMware Cloud on AWS Audit Logs
We are pleased to inform you that an audit log collection feature has been added to Log Intelligence, and is now a core service accessible to all VMware Cloud on AWS customers.
Audit logs are electronic records that chronologically catalog events or procedures to provide support documentation and history that is used to authenticate security and operational actions. Audit logs can provide the following benefits:
- Increased Security: Monitor VMware Cloud on AWS deployments for potential security breaches or internal misuses of infrastructure.
- Demonstrate Compliance: Comply with regulations and federal laws for auditing requirements.
- Detailed Insight: Gain visibility into activities in your VMware Cloud on AWS deployments, including which users performed what actions and when.
Examples of VMware Cloud on AWS Audit Logs
The following are examples of VMware Cloud on AWS audit logs that will appear in Log Intelligence.
- Virtual Machine Created / Deleted
- Firewall Rule Created / Deleted
- NAT Rule Created / Deleted
- IPSec VPN Created / Deleted
- Number of Failed Logins
- Virtual Machine Power Failures
Accessing VMware Cloud on AWS Audit Logs
You can access audit logs directly from the CSP console in cloud.vmware.com, under “My Services”.
You can also access audit logs directly from the Add-on tab within your VMware Cloud on AWS console.
Explore Log Screen in Log Intelligence
Once you’re in Log Intelligence, you can find VMware Cloud on AWS audit logs in the Explore Log screen. Within this screen, the detailed fields of each log stream can be expanded for more details.
For example, if you create a firewall rule in the VMware Cloud on AWS console, it will appear in Log Intelligence’s Explore Log screen. If the appropriate audit log alerts are enabled, it should trigger.
Creating a Firewall Rule in the VMware Cloud on AWS Console
Triggering an Alert in Log Intelligence for the Audit Log Ingestion
Within Log Intelligence, you can also create custom dashboards, which can help you visualize the various VMware Cloud on AWS audit logs over time and see how often it occurs.
Dashboard Screen in Log Intelligence
Log Intelligence Integration with Wavefront by VMware
Log Intelligence is now integrated with Wavefront by VMware. With the integration, DevOps customers can utilize an end-to-end monitoring and troubleshooting experience with metrics and logs. Log Intelligence is pre-configured in Wavefront, allowing a cross-launch experience.
Benefits of using logs with metrics in your application troubleshooting:
- Ability to perform forensic and root cause analysis of application issues
- Proactively monitor and detect anomalies with smart alerts and notifications
- Achieve regulatory compliance with audit tracing through log management
Pre-Configured Log Intelligence in Wavefront
After launching Log Intelligence directly from Wavefront, you can go to the Explore Log screen and take a deep dive into the associated logs for an end to end troubleshooting experience. Within Log Intelligence, you can add more filters such as source, custom tags, and time slice.
Cross Launch Log Intelligence in Wavefront and Add More Filters
Furthermore, there will also be log to metrics configuration in Log Intelligence, followed by streaming to Wavefront by VMware. Both use cases will help improve the troubleshooting experience with metrics and logs.
Conclusion
Having been fully integrated with VMware Cloud on AWS, Log Intelligence and its audit log feature is now available as a core service of VMware Cloud on AWS, with the aim to help customers increase security and become compliant with laws and regulations.
The integration of Log Intelligence and Wavefront by VMware will drive an end-to-end troubleshooting experience for DevOps customers with logs and metrics. Lastly, the support for native AWS to ingest logs from CloudWatch and CloudTrail will help Log Intelligence deliver a single pane of glass for infrastructure and application logs across multi-cloud environments.
Request access to Log Intelligence today and try it today.
