Assign global permissions to the svc-vrli-vsphere service account to collect log information from the vCenter Server instances and ESXi hosts with vRealize Log Insight. The svc-vrli-vsphere user account is dedicated to collecting log information from vCenter Server and ESXi.
- Log in to vCenter Server by using the vSphere Web Client.
- Open a Web browser and go to https://nyc01r01vc01.rainpole.local/vsphere-client.
- Log in using the following credentials.
- From the Home menu, select Administration and click Roles under Access Control.
- Create a role for vRealize Log Insight.
- From Roles provider drop-down menu, select nyc01r01vc01.rainpole.local
- Select Read-only and click the Clone role action icon.
You clone the Read-only role because it includes the, , and privileges. vRealize Log Insight requires those privileges for accessing log information related to the vCenter Server instances.
- In the Clone Role Read-only dialog box, complete the configuration of the role and click OK.
vRealize Log Insight User
These host privileges allow vRealize Log Insight to configure the syslog service on the ESXi hosts.
- Assign global permissions to the firstname.lastname@example.org service account.
- In the vSphere Web Client, select Administration from the Home menu and click Global Permissions under Access Control.
- On the Manage tab, click Add Permission.
- In the Global Permissions Root - Add Permission dialog box, click Add to associate a user or a group with a role.
- In the Select Users/Groups dialog box, from the Domain drop-down menu, select rainpole.local, in the filter box type svc, and press Enter.
- From the list of users and groups, select the svc-vrli-vsphere user, click Add, and click OK.
- In the Add Permission dialog box, from the Assigned Role drop-down menu, select vRealize Log Insight User, select Propagate to children, and click OK.