vRealize Log Insight
vRealize Log Insight

What’s new in vRealize Log Insight 8.1

vRealize Log Insight has been VMware’s premiere log analytics solution for nearly seven years!! It’s hard to believe that Log Insight 1.0 was released back in September 2013 and I can remember installing it (and subsequently falling in love with it) as a customer. Now the year is 2020 and the vRealize Log Insight team has been hard at work to deliver your most requested features in 8.1. But do you want to know the best part? vRealize Log Insight 8.1 is available right now!! So why not take a moment to kick off that download before we get into all the great features?

Are you downloading it now?

Good! Let’s get into the fun stuff!

Scalability Enhancements

For those of you who love ingesting logs as much as we do, you’ll love this first new feature. vRealize Log Insight’s simple deployment model has just got better with support for up to 18 nodes in a single cluster. More logs! More storage! More horsepower! With each node able to ingest 15,000 log messages per second and store up to 4TB of logs each, that’s 270,000 log messages processed per second and 72TB of logging capacity. This 50% increase will provide plenty of headroom to grow with you for years to come.

 

View logs as metrics in vRealize Operations 8.1

 

 

Yes, you read that correctly! vRealize Log Insight 8.1 and vRealize Operations 8.1 go together like warm weather and spending time at the lake. This integration enhances troubleshooting by providing additional context to existing metrics in vRealize Operations. For any ESXi host, vCenter, or virtual machine monitored by vRealize Log Insight and vRealize Operations, you’ll see a new metrics category called “Log Insight Generated.”

These metrics will give you an idea of the number of log messages for each collection cycle. These include the total number of log messages, the number of warning logs, and the number of error logs. Because these are available as metrics within vRealize Operations, you get all the same benefits you’re used to with other metrics. For example, dynamic thresholds can indicate when a higher that usual number of error logs are being detected. vRealize Operations’ troubleshooting workbench can also pick up on any anomalies in the number of log messages being received. This is an awesome integration because it can help direct your attention to the logs (which are also directly available in the troubleshooting workbench) while drilling down to the root cause of any issue. For more information on what’s new in vRealize Operations 8.1 check out this blog post.

 

URL Based Dashboard Sharing

 

 

Speaking of troubleshooting… Collaboration just got a whole lot easier as well! In vRealize Log Insight 8.1 you can now share dashboards with unauthenticated users. Let’s say you’re trying to troubleshoot an issue with Kubernetes and need to collaborate with someone who doesn’t have access to your vRealize Log Insight environment. You can simply share a URL with them, and they will have a read-only view of that dashboard. And unlike screenshots, the unauthenticated user can interact with the dashboard.

 

 

Simply click the share button to generate a URL that you can pass along to your peers. They will then be able to see exactly what you see, including the time period, and interact with the dashboard such as inspecting widgets.

 

 

You can also manage existing URL’s such as extending their time or deleting them.

 

Enhancements to Unlimited Log Exports

 

 

In vRealize Log Insight 8.0, we blew through the log export barriers by allowing users to export an unlimited number of log messages as logs, CSV, or JSON. The way that this works is if you are trying to export 20,000 or less log messages, then these will be downloaded via your browser just as they always have. If you have more than 20,000 log messages Log Insight will prompt you for an NFS share to transfer the logs to. 8.1 we’ve made log exports even better with an all-new management interface. It’s now possible to queue multiple export jobs, see their progress, and cancel running exports if need be. You can also generate reports to include the file location and query for each export.

Variable Log Retention

 

 

vRealize Log Insight 8.1 brings some significant improvements to variable log retention as well. Log retention has been around for a while now, having been introduced in Log Insight 4.8. In its former implementation, this feature allowed you to configure how long you want the cluster to retain all logs. Be it a few days, several months, or longer. In 8.1 we’ve extended these capabilities so you can now have multiple log retention policies. This means you can hang on to the logs most important to your business for longer while aging out verbose logs that may have little value sooner. Think of it as a spring cleaning for Log Insight!

The new variable log retention feature works based on partitions and multiple partitions can be configured. Each partition is responsible for collecting and storing the logs for each retention policy. Each partition has a set of filters to tell it what logs to collect and what logs to reject. As logs get ingested in vRealize Log Insight, they will be checked to see if they meet the criteria of each partition. If they meet the criteria of a partition, it will get stored in that partition and will be aged out based on the retention period of that partition. If a log message doesn’t meet the criteria of any of the user-created partitions, it then gets collected in the catch-all or default partition. All logs stored in any partition are searchable within vRealize Log Insight until they are aged out and deleted. By leveraging this feature, you can reduce log clutter, speed up log searches, and save your storage for the logs that matter most.

 

UI Improvements

 

 

As you may have noticed in the screenshots above, vRealize Log Insight 8.1 has a shiny new user interface (UI). This new version fully utilizes VMware’s Clarity UI for a consistent user experience across our products. For the power user, you’ll really appreciate having the Content Pack and Administration menus available at the top of the user interface. I’ve been using this for a while now and having these options out in the open is a real time saver! We’ve also included a new set of icons for administration items as well as content packs. All other features are exactly where you would expect to find them.

 

Content Pack Updates

 

 

And finally, we can’t close out this blog post without talking about content packs!! Content packs are a bundle of dashboards, alerts, queries, fields, and configurations which provide expert-level knowledge for VMware and third-party products. Everyone’s talking about the new vSphere 7 with Kubernetes these days and as you’d expect, vRealize Log Insight has custom-built content to help you keep an eye on what’s happening. The new vSphere – Kubernetes dashboard is a great example. General information such as events happening in each namespace, what and how many containers have been spun up, and the number of pods that have been created. All are available in a single view! We also have a new Linux Systemd content pack for monitoring newer Linux OS’es that are running system such as Photon version 3, SLES 15, and RedHat 7.3.

 

This is just a quick look at what’s new in vRealize Log Insight 8.1. Stay tuned as we’ll dive deeper into some of these new enhancements in future blog posts. For more information be sure to check out the vRealize Log Insight product page and the vRealize Log Insight 8.1 release notes.

 

Related Posts:

Matt Bradford

Matt Bradford is a Staff Technical Marketing Architect for VMware's Cloud Management Business Unit and is based in New England. He is heavily involved in the VMware community as a…

Related Articles