vRealize Log Insight Cloud is VMware’s premier SaaS logging solution. Because your logs are in the cloud this means you don’t have the additional overhead of having to manage your logging solution. Plus, you’ll get immediate access to all the great new features we’re developing. We’re constantly evolving vRealize Log Insight Cloud to meet our customers’ demands and because of this, we’re starting a new series of regular blog posts highlighting new features. In this post, we’re going to look at six new features that we know you’re going to love!

vRealize Operations Cloud Integration

If you have vRealize Operations Cloud and vRealize Log Insight Cloud, then you’ll have the ability to use the two together without having to lift a finger. vRealize Operations is a must-have for any organization looking to run highly optimized environments. Pairing logs from vRealize Log Insight Cloud with vRealize Operations’ rich metrics, properties, and calculations give you a complete view of what’s happening in your environment.

vRealize Log Insight Cloud is available within vRealize Operations Cloud in several places. First, it’s available under the troubleshooting pillar. This gives you unfiltered access to all your logs in vRealize Log Insight Cloud.

If you’re viewing any virtual machine, ESXi host, vSphere Cluster, or vCenter in vRealize Operations Cloud then you can view its logs by clicking on the logs tab. This will show you all logs received by vRealize Log Insight Cloud for this object. One thing to point out is if you’re viewing the logs of a vSphere cluster, this will show the logs for all ESXi hosts in the cluster. Because vRealize Operations Cloud is aware of your environment’s topology, it can share that information with vRealize Log Insight Cloud. This is a real time saver especially when you’re trying to troubleshoot a problem. For example, if you’re troubleshooting a storage issue on an ESXi host, you can quickly take a look across the entire cluster to determine if the issue is with that one host or something impacting the entire cluster such as an issue with the SAN.

The troubleshooting workbench in vRealize Operations is an awesome tool for drilling into issues. It leverages artificial intelligence to point out areas of interest such as significant changes or anomalies in metrics, configuration changes, alerts, and of course logs. Logs provide context to what’s observed in vRealize Operations and can help provide the complete story when performing root cause analysis. By opening the logs tab in the troubleshooting workbench you’ll be able to see all logs for the selected object and be able to drill down deeper to discover the root cause.

If you need the full power of vRealize Log Insight Cloud, then simply click “Launch Log Insight Cloud” to be taken directly to Log Insight Cloud’s log explorer where you can correlate data, create dashboards and alerts, and identify trends (to name a few). Best of all, your filters will follow you, so you don’t have to re-create them. This integration is similar to what we offer with vRealize Log Insight and vRealize Operations on-premises but better because there’s no configuration needed on your part to get it.

Customized Log Stream Columns

vRealize Log Insight Cloud is full of useful information that it parses from your logs and we’ve recently introduced a powerful new way to use this information. Any field that vRealize Log Insight Cloud pulls from a log message can now be displayed as a column within the log stream.

Take the NSX-T firewall logs shown in the screenshot above for example. These logs contain a bunch of useful information such as the IP address of an outside entity trying to reach a system within the firewall, what port it’s trying to reach, and whether or not the firewall allowed the traffic through or rejected it. vRealize Log Insight Cloud is aware of the structure of these NSX-T logs and can therefore extract the IP addresses, ports, and actions as fields. These fields can then be inserted into the log stream viewer as columns.

Not only can you select what columns you want shown, but you can also pick the order by simply dragging and dropping them where you want. The view shown above makes things so much easier to read than trying to decipher the log message.

New Dashboard Widgets

We recently shared some of the new dashboarding capabilities in vRealize Log Insight Cloud with you back in February. You can check out that blog post right here. Just as logs provide context to what you can view in vRealize Operations, they can also provide context to Log Insight dashboards as well. That’s why we’ve introduced the ability to add alerts and log streams to dashboards. Is there a spike in firewall traffic to a host that you’re seeing in your dashboard? Log streams can pinpoint exactly where that traffic is coming from and alerts can warn you if there are a high number of failed login attempts. Having all this information available in a single view gives you the information you need to make critical decisions quickly.

Webhook Configurations

vRealize Log Insight Cloud can keep you informed even when you’re not logged in. Alerts can be configured to notify you when specific events occur such as a high number of failed login attempts to a secure server, or if a host loses all paths to its storage. These types of events are time-critical and require immediate action. vRealize Log Insight Cloud can, of course, send you e-mail based alerts, but not everyone is tied to a mail client 24/7. That’s why we offer webhook integration so vRealize Log Insight Cloud can notify you using the tools that work best for you and your team. Webhooks and API’s can be a bit daunting to some and that’s why we’ve introduced templates for some of the most popular tools requested by customers. This is a huge time saver since you don’t have to research and test the webhook payloads for these applications. All you have to do is select your application from a dropdown menu and provide the URL. If you want to include more information in your notifications, then you also have the flexibility to customize the payload right within the UI.

Export and Import custom content

One of the most powerful things about vRealize Log Insight Cloud is the ability to consume log data through alerts and beautiful dashboards. Many of which are included in Content Packs which are a bundling of dashboards, alerts, queries, fields, and agent configurations. If you’re a power user who loves to create your own content, then you’ll be happy to know that you can build your own content packs and export them for use in other vRealize Log Insight Cloud instances. This is awesome if you are an application developer and want to share your custom content with customers so they can leverage your expertise for managing or troubleshooting your application. Or if you manage multiple vRealize Log Insight instances, you can leverage this feature to provide a common set of dashboards and alerts across to all of your users. You also have the option of importing your custom content as a content pack so that users can’t alter your content or import everything and offer users the flexibility to modify it as needed.

Centralized Log Insight Agent Configuration

vRealize Log Insight Cloud can ingest logs in many ways including the vRealize Log Insight Agent. The Log Insight agent is installed on VM’s and physical hosts and is responsible for monitoring files and even Windows events. Any new messages that get logged in these files are then sent to vRealize Log Insight Cloud using a Cloud Proxy. By connecting the vRealize Log Insight Agent to your Cloud Proxy, you can also configure the agents from the Log Insight Cloud UI. Configuration includes telling the agent what files to monitor and even how to parse the log messages. Being able to manage your agent configurations centrally is useful if you’re managing many agents. You can also define rules based on naming conventions, IP addresses, or operating systems so that those agents collect the appropriate logs.

Conclusion

This is just a quick look at some of the new features recently introduced in vRealize Log Insight Cloud. If you want to test vRealize Log Insight Cloud for yourself, we have a free 30-day trial. Just visit the vRealize Log Insight Cloud product page and click “Start For Free.”