vRealize Log Insight Cloud (formerly known as VMware Log Intelligence) provides visibility across public and private cloud environments including AWS. vRealize Log Insight Cloud features robust log aggregation and sophisticated analytics that enable you to determine root causes for an issue quickly and thoroughly.
Sending Data Set up your log collection with vRealize Log Insight Cloud and learn about the steps for log flows from multiple sources, with recommendations for collections of specific log types.
Explore and Modify the Home Page You can search for log events in the Home page. You can also view widgets that contain information about log trends, event types, alerts, and so on. As an administrator, you can decide which widgets are displayed for the members of your organization.
Searching for Logs You can search for and filter log events in the Explore Logs page by using queries. You can use fields in your search criteria for efficient log monitoring. You can also save queries, clone queries and modify them, compare query results from multiple systems, share queries and their results with other users, and pin queries to the pinboard.
Extracting Metrics from Logs Application logs contain important information about processes and operations in metrics. You can use these metrics to observe or troubleshoot applications for failures and to monitor their performance based on parameters at various levels of granularity in a data center. In vRealize Log Insight Cloud, you can extract the metrics from logs, tag them according your requirement, and post them to a metric store.
Working with Dashboards Dashboards present a visual overview of the state of events in vRealize Log Insight Cloud. A dashboard is a collection of widgets, in which each widget is associated with alerts or a query.
Alerts and Notifications vRealize Log Insight Cloud provides built-in system alerts for critical issues. You can also configure alerts based on queries that run at scheduled intervals or on every log ingested. You can view the recent alerts in the system and send email and webhook notifications for alerts.
Working with Content Packs Content packs contain dashboards, extracted fields, saved queries, and alerts that are related to a specific product or set of logs. You can enable or disable a content pack, export or import a content pack, and remove a content pack.
Forwarding, Retaining, and Archiving Logs You can forward incoming events to vRealize Log Insight, Splunk, or another destination. You can retain certain logs for a lesser number of days than the default retention period. If you want to retain logs for a longer period, you can archive the logs and download them to an Amazon S3 bucket.
Processing Logs You can configure log processing rules for tagging, filtering, and masking the logs that are ingested by vRealize Log Insight Cloud. For example, you can tag logs that contain a sent notification by using additional metadata such as
sent-notification: true, drop logs that are of no use by filtering them, or mask entire logs or fields such as
password within logs.
Securing Logs with API Keys vRealize Log Insight Cloud uses API keys to ensure the security of logs ingested by the vRealize Log Insight Cloud cloud proxy server.
Viewing Usage Reports Usage reports show how vRealize Log Insight Cloud is used across the organization - the amount of data streamed, log statistics, recent queries, and active users.
Working with vRealize Log Insight Agents A vRealize Log Insight Agent collects events from log files and forwards them to a vRealize Log Insight Cloud server or any third-party syslog destination.
Integrating vRealize Log Insight Cloud with vSphere As an administrator, you can set up vRealize Log Insight Cloud to connect to vCenter Server systems at two-minute intervals and collect data for events, alarms, and tasks. You can also configure ESXi hosts in vRealize Log Insight Cloud via the vCenter Server.