We held a “best practices session” on Log Insight and vRealize Operations recently, at VMWorld. We’ve already posted some of the comments from our friends at ACI.
Best Practices from Wisconsin
Peter Boguszewski, a virtual infrastructure administrator at the University of Wisconsin (AKA Greatest University Of All Time*), shared some of his thoughts recently in an email: (The highlighting is mine)
Bill, here are my best practices:
- Keep software version up-to-date for Log Insight and vRops.
- We have seen major improvements like the ability to run queries without specifying a target, major agent updates for Windows and Linux clients, and real-time dashboard presentation mode.
- Know your data!
- To get the most out of Log Insight you need to know what you are putting in to Log Insight.
- Multiline messages will be split on end of line character, the client has the ‘event_marker’ parameter you can use to denote the start of an event in the incoming logs. Setting this is imperative to getting useful data when using ruby, java, or other multiline loggers.
- Use alerting and dashboards to streamline troubleshooting and error trapping.
- Start by focusing on critical errors and work back
- Use automated processes to push configuration (or do anything that you have to do 3 or more times)
- We use Puppet to automate the delivery of custom application log collection
- We deploy code snippets that build all of the necessary configuration parameters and set the proper values based on the service (this is what we call components of a larger application) that is getting deployed, which service level the server is (dev, test, qa, prod), and the specific component(s) that are in use like Apache, Mysql, Java, etc.
This session was a good one, so make sure to listen to it in replay, when it gets posted. I’ll update this post when it does.
* OK, OK I am completely biased having graduated from the University of Wisconsin (MS ’93), but it is good information.
