vRealize Log Insight collects and analyzes all types of machine-generated log data, including application logs, network traces, configuration files, messages, performance data and system state dumps.
You can connect vRealize Log Insight to everything in your environment, including operating systems, applications, storage, firewalls, network devices for enterprise-wide visibility using log analytics.
vSphere Integration — vRealize Log Insight can integrate with vSphere to automatically ingest events from a vCenter server and logs from ESXi hosts.
vRealize Operations Manager Integration — vRealize Log Insight can integrate with vRealize Operations Manager to enable various alerts to send notification events in vRealize Operations Manager and e-mails to administrators.
Agents — vRealize Log Insight has collection agents available to send files and event logs from Linux or Windows to vRealize Log Insight
- Syslog — vRealize Log Insight can ingest data from any source via syslog. Just set the vRealize Log Insight server as your syslog destination.
- CFAPI — Events are sent in their original format to vRealize Log Insight using cfapi. Events sent over cfapi do not have to follow the guidelines of a syslog event and are not modified to comply with the syslog RFC.
Each event contains the following information.
|Timestamp||The time when the event occurred|
|Source||Where the event originated. This could be the originator of the syslog messages such as an ESXi host or a forwarder such as a syslog aggregation.|
|Text||The raw text of the event.|
|Fields||A name-value pair extracted from the event. Fields are delivered to the server as static fields only when an agent uses the CFAPI protocol.|