Before you configure VMware Aria Operations for Logs to collect alarms, events, and tasks data from your vSphere environment, you must connect VMware Aria Operations for Logs to one or more vCenter Server systems.
VMware Aria Operations for Logs can collect two types of data from vCenter Server instances and the ESXi hosts that they manage.
- Events, tasks, and alerts are structured data with specific meaning. If configured,VMware Aria Operations for Logs pulls events, tasks, and alerts from the registered vCenter Server instances.
- Logs contain unstructured data that can be analyzed in VMware Aria Operations for Logs. ESXi hosts or vCenter Server Appliance instances can push their logs to VMware Aria Operations for Logs through syslog.
Tip: Tags let you add fields with pre-defined values to events coming from vSphere and configured
ESXi hosts for easier querying. Note that comma (,) and equal (=) symbols are not supported in the tag values. The tags configured during vSphere integration can be assigned only to the logs coming from vCenter itself or from the logs coming from vCenter's
ESXi hosts.
Tagging is based on the ESXi host configuration through integration.
Prerequisites
- For the level of integration that you want to achieve, verify that you have user credentials with enough privileges to perform the necessary configuration on the vCenter Server system and its ESXi hosts.
Level of Integration Required Privileges Events, tasks, and alarms collection - Note: is a system-defined privilege. When you add a custom role and do not assign any privileges to it, the role is created as a Read Only role with three system-defined privileges: , , and .
Syslog configuration on ESXi hosts Note: You must configure the permission on the top-level folder within the vCenter Server inventory, and verify that the Propagate to children check box is selected. - Verify that you know the IP address or domain name of the vCenter Server system.
- Verify that you are logged in to the VMware Aria Operations for Logs web user interface as a Super Admin user, or a user associated with a role that has the relevant permissions. See Create and Modify Roles for more information. The URL format of the web user interface is https://operations-for-logs-host, where operations-for-logs-host is the IP address or host name of the VMware Aria Operations for Logs virtual appliance.
Procedure
What to do next
- Collect events, tasks, and alarms data from the vCenter Server instance that you registered. See Configure VMware Aria Operations for Logs to Pull Events, Tasks, and Alarms from vCenter Server Instance.
- Collect syslog feeds from the ESXi hosts that the vCenter Server manages. See Configure an ESXi Host to Forward Log Events to VMware Aria Operations for Logs.