Before you configure VMware Aria Operations for Logs to collect alarms, events, and tasks data from your vSphere environment, you must connect VMware Aria Operations for Logs to one or more vCenter Server systems.

VMware Aria Operations for Logs can collect two types of data from vCenter Server instances and the ESXi hosts that they manage.

  • Events, tasks, and alerts are structured data with specific meaning. If configured,VMware Aria Operations for Logs pulls events, tasks, and alerts from the registered vCenter Server instances.
  • Logs contain unstructured data that can be analyzed in VMware Aria Operations for Logs. ESXi hosts or vCenter Server Appliance instances can push their logs to VMware Aria Operations for Logs through syslog.
Tip: Tags let you add fields with pre-defined values to events coming from vSphere and configured ESXi hosts for easier querying. Note that comma (,) and equal (=) symbols are not supported in the tag values. The tags configured during vSphere integration can be assigned only to the logs coming from vCenter itself or from the logs coming from vCenter's ESXi hosts.

Tagging is based on the ESXi host configuration through integration.

Prerequisites

  • For the level of integration that you want to achieve, verify that you have user credentials with enough privileges to perform the necessary configuration on the vCenter Server system and its ESXi hosts.
    Level of Integration Required Privileges
    Events, tasks, and alarms collection
    • System.View
      Note: System.View is a system-defined privilege. When you add a custom role and do not assign any privileges to it, the role is created as a Read Only role with three system-defined privileges: System.Anonymous, System.View, and System.Read.
    Syslog configuration on ESXi hosts
    • Host.Configuration.Change settings
    • Host.Configuration.Network configuration
    • Host.Configuration.Advanced Settings
    • Host.Configuration.Security profile and firewall
    Note: You must configure the permission on the top-level folder within the vCenter Server inventory, and verify that the Propagate to children check box is selected.
  • Verify that you know the IP address or domain name of the vCenter Server system.
  • Verify that you are logged in to the VMware Aria Operations for Logs web user interface as a Super Admin user, or a user associated with a role that has the relevant permissions. See Create and Modify Roles for more information. The URL format of the web user interface is https://operations-for-logs-host, where operations-for-logs-host is the IP address or host name of the VMware Aria Operations for Logs virtual appliance.

Procedure

  1. Expand the main menu and navigate to Integration > vSphere.
  2. Enter the IP address and service account credentials for a vCenter Server, and click Test Connection.
  3. If the vSphere environment provides an untrusted SSL certificate, a dialog box appears with the details of the certificate. Click Accept to add the certificate to the truststores of all the nodes in the VMware Aria Operations for Logs cluster.
    If you click Cancel, the certificate is not added to the truststores and the connection with the vSphere environment fails. You must accept the certificate for a successful connection.
  4. (Optional) To register another vCenter Server, click Add vCenter Server and repeat steps 3 through 5.
    Note: Do not register vCenter Server systems with duplicate names or IP addresses. VMware Aria Operations for Logs does not check for duplicate vCenter Server names. You must verify that the list of registered vCenter Server systems does not contain duplicate entries.
  5. Click Save.
    If you did not test the connection and the vSphere environment provides an untrusted certificate, follow the instructions in step 4.

What to do next