Log Insight vRealize Operations Insight

Log Insight Machine Learning: Event Trends

One incredibly powerful use case of vRealize Log Insight that is often overlooked is the new Event Trends analyzer.  The Event Trends tab in the Interactive Analytics page provides automatic analysis of your events with context around new insights and anomaly detection.  I can now see how events are trending in a specified time interval and easily detect ones that are potentially affecting the health of your environment or application.  In the example below, we walk you through using Event Trends to quickly identify anomalies.  

vRealize Log Insight

Example

I had issued a query based on investigating an APD situation, and had selected the timeframe of “Latest 24 hours of data”.  Note that a specific query is not even required to use the Event Trends to identify trending patterns, but it is definitely beneficial when isolating a problem to detect anomalies.  The “Events” view/tab of course will show hundreds of related events – but by navigating to the Event Trends view as shown below you can see that Log Insight has narrowed the scope into just 7 different event types – and then automatically compared them with a “diff” of the previous selected time period.  I now have context in the form of trending, and you can see in the example below by mousing over the indicator, that this particular event type has occurred 244 times within my specified time range – and NONE in the previous time range.  I can now identify that this is a new – and somewhat frequent – occurrence of this particular event, and use this to quickly identify, isolate, and resolve issues in my environment.

 

Log Insight Event Trends

Summary

Event Trends are just one of many exciting features available in vRealize Log Insight.  vRealize Log Insight is an integral component of the vRealize Suite, VMware’s cloud management platform purpose-built for the hybrid cloud.  vRealize Suite provides a comprehensive, integrated management stack for IT services on vSphere and other hypervisors, physical infrastructure and external clouds, all with a unified management experience.