Embed Size (px)
Citation preview
GET STARTED
Get Deeper Insights from Your Infrastructure, Faster
VMware vRealize Network Insight Search Query Posters
vRealize Network Insight | vRealize Network Insight Cloud
IntroductionAs a VMware admin, you know VMware vRealize® Network Insight™ provides a robust search for all of the entities in your environment. It has property and entity terms, as well as aggregate function terms you can tune for best-results infrastructure to cloud to branch planning and analysis.
But we’re all busy. And with so little time and so many questions, our team came up with a series of vRealize Network Insight search query cheat sheets to inspire you while getting to insights faster.
Download, view, and display one. Or download, view, and display them all. As a go-to resource or simply an office conversation starter, each guide includes everything you need for results.
Search Guide Topics1. Flows
2. PKS – Kubernetes
3. VMware NSX – T
4. VMware NSX® Data Center for vSphere®
5. VMware SD-WAN™ by VeloCloud®
6. Virtual machine
vRealize Network Insight | vRealize Network Insight Cloud
Ready Queries
Visual Results
• Choose sample queries in grey
• View properties to search in green
• Find metrics delivered in blue
• View tables and graphs
• Sort options
• Filter results
vRealize Network Insight | vRealize Network Insight Cloud
How to Get StartedWhen you need results fast, select the search feature in vRealize Network Insight and start typing in the syntax highlighted on a poster.
• Discover which VMs have too many snapshots by entering this query: Top 10 vms by snapshot count
• Identify the top talkers from this VM by entering the following: sum(-bytes) of flows where Flow Type = ‘Src is VM’ and Flow Type = ‘Dst is Internet’
• Find out which countries your customers are coming from by entering this query: flow group by Destination Country
• Discover Kubernetes PODs that are failing due to image errors by en-tering the following: Kubernetes events where Event code = ‘Image-PullBackOff’ in last 24 hours
• Identify unstable internet connections in your SD-WAN by entering this code: SD-WAN Link where Connectivity State != ‘Stable’
These are sample searches:
vRealize Network Insight | vRealize Network Insight Cloud
flow where bytes > 100 gb flow group by vmtop 5 flow order by packetsflow group by Destination Countrycount of flow group by Destination IP AddressInternet traffic by source VM: sum(bytes) of flows where Flow Type = ‘Internet’ group by source vm order by sum(bytes)Internet traffic: flows where Flow Type = ‘Source is Internet’ and Flow Type = ‘Destination is VM’ order by bytesSum of bytes between VM & internet: Sum(bytes), sum(src bytes), sum(dest bytes) of flows where Flow Type = ‘Source is VM’ and flow type = ‘Destination is Internet’Total VTEP traffic: sum(bytes) of flows where Flow Type = ‘Source is VTEP’ or Flow Type = ‘Destination is VTEP’VTEP traffic grouped by VMKNIC: sum(bytes) of flows where Flow Type = ‘Source is VTEP’ or Flow Type = ‘Destination is VTEP’ group by IPTop VM pair by total bytes: sum(bytes) of flows group by src vm, dest vm order by sum(bytes) Aggregated traffic series for matching flows: series( sum( byte rate )) of flows where host = ‘myhost.abccorp.com’ and (flow type = ‘source is vm’ or flow type = ‘destination is vm’)VM flow between hosts:• flow where Flow Type = ‘VM-VM’ and Flow Type = ‘Diff Host’ order by bytes• sum(bytes) of flow where Flow Type = ‘VM-VM’ and Flow Type = ‘Diff Host’ group by vm order by sum(bytes)
Sample Queries
Flows Search Poster
NSX-V IPSet - Configuration Properties
All Parents Change EventIP Address IP Address IP RangeIP Address Range end IP Address Range start Translated VMVendor IDNetwork Address ProblemScope Scope Tag ManagerNSX Manager Name NetmaskIndirect Incoming Rules Indirect Outgoing RulesDirect Destination RuleSets Type Direct Incoming RulesDirect Outgoing RulesDirect Parent Security Group Direct Source RuleSets Type Indirect Destination RuleSets Type Indirect Source RuleSets Type
NSX-V Controller - Configuration Properties
Activated Change Enabled EventIDIP Address Join Status LdrMajority Status Manager MasterNSX Manager NameNetwork Address ProblemRole Name Scope StatusUpgrade Available VMVXLANVendor ID Version
NSX-V Policy Firewall - Configuration Properties
Change Event ExclusionFirewall Status Manager ModelName ProblemPublished Version Rule Count RuleSets Type RulesSerialSpoofguard Status VendorVendor ID Version
NSX-V Manager - Configuration Properties
Backup Enabled ChangeEventIP Address ModelNTP Server Configured NameProblem SerialSyslog Server Configured Transport ZoneVMVendor Version
NSX-V Policy Based VPN - Configuration Properties
Change Enabled EventLocal Address Local Address Local Endpoints Local Network Local Network ManagerPeer VPN Connection Peer VPN Gateway Peer VPN Session ProblemRemote Endpoints Remote Network Remote Network Remote Private Address Remote Private Address Remote Public Address Remote Public Address Tier0name
NSX-V Manager - Metrics
Incomplete tcp flow drop count Outbound expire flow drop count Wrong collector flow drop count
NSX-V Security Group - Configuration Properties
All Direct Child Group All ParentsChange ChildDirect Destination RuleSets Type Direct Incoming RulesDirect Outgoing RulesDirect Source RuleSets Type EventExcluded IP Address IPSetIncoming Rule CountIndirect Destination RuleSets Type Indirect Incoming Rule Count Indirect Incoming RulesIndirect Outgoing Rule Count Indirect Outgoing Rules Indirect Source RuleSets Type ManagerManager Model Manager Serial Manager Version Member MemberNSX Manager NameOutgoing Rule Count ProblemRegion Rule CountSecurity Tag Translated VM Vendor Vendor ID
NSX-V Firewall - Configuration Properties
NSX Manager NamePacket Type PortPort Range Port RangePort Range Display ProblemProtocolProtocol Port Range Rule IDRule Type Scope Section ID Section NameSecurity Group Sequence ID Service Service Service Any Service Profile Shared SourceSource Negate Source Security Group Source UserSource Vm Source Zone Event
FlowHIP Profile IP Address Status TargetTarget Negation VendorVendor vm seriesIndirect Source IPSetIndirect Source Security GroupLogging EnabledManager Manager Model Manager Serial Manager Version Action ApplicationApplication ID GUID AppliedtoCategory Change Configured Destination Configured Source Destination Destination AddressDestination Address Group Destination Any Destination IP
Destination IPSet Destination Negate Destination Security Group Destination Vm Destination ZoneDevice GroupDirect Destination AddressDirect Destination Address Group Direct Destination IPSetDirect Destination Security Group Direct Security GroupDirect Source AddressDirect Source Address Group Direct Source IPSetDirect Source Security Group DirectionIPSetIndirect Destination Address Indirect Destination Address Group Indirect Destination IPSetIndirect Destination Security Group Indirect Security Groupa Source Address Indirect Source Address Group Source AddressSource Address Group Source AnySource IP Source IPSet
vRealize Network Insight | vRealize Network Insight Cloud
Common Queries Search Flows: flows where Kubernetes Object = Object nameExample: flows where Kubernetes Cluster = ‘Production’View the service scale:kubernetes pods group by Kubernetes ServicesView the node load:kubernetes Pods group by Kubernetes NodeView the node health:MemoryPressure and PIDPressure and DiskPressure and Ready of Kubernetes NodeView flow compliance:flows from Kubernetes Object name of the object to Kubernetes Object name of the objectExample:flows from Kubernetes Namespace’PCI’ to Kubernetes Namespace’Non-PCI’View the Path topology:Kubernetes service service name to Kubernetes service service name Kubernetes service service name to Kubernetes pod pod name Kubernetes pod pod name to Kubernetes pod pod name
Kubernetes Objects Nodes :kubernetes nodes where Ready != ‘True’ kubernetes node where Virtual Machine = ‘vm-a’Flows:flows where kubernetes service is set flows where source kubernetes node = ‘a’Services:kubernetes pods where kubernetes services is not setkubernetes pods group by Kubernetes Services, Kubernetes ClusterNamespace:kubernetes namespace where L2 Networks = ‘a’list(Kubernetes Node) of Kubernetes Pod where Kubernetes Namespace = ‘a’
Kubernetes eventskubernetes events where Problem Entity = ‘<pod/namespace/node Name>’ kubernetes events where Event code = ‘ImagePullBackOff’ in last 24 hours kubernetes events where problem entity.Kubernetes Cluster = ‘<cluster-a>’View Applicationapplication where virtual member = ‘service-a’application where virtual member = ‘service-a’ and virtual member.Kubernetes Namespace = ‘namespace-b’count of applications where Virtual Member in (kubernetes services) list (virtual member) of applications where Name = ‘app-1’ and virtual member.Kubernetes Cluster is setView Tier Informationtier where virtual member = ‘service-a’ and virtual member.Kuber-netes Namespace = ‘namespace-b’Flowsflows where firewall action = ‘DROP’ group by Kubernetes Serviceflows where firewall action = ‘DROP’ group by source Kubernetes Namespace flows where firewall action = ‘DROP’ and Flow Type = ‘Destination is Internet’
Packet drops group by kubernetes podnsx-t logical port where (ConnectedTo in (Kubernetes Pods where kubernetes cluster is set)) and Rx Packet Drops > 0 group by ConnectedTo order by max(Rx Packet Drops)Packet drops group by kubernetes nodensx-t logical port where (ConnectedTo in (Kubernetes Nodes where kubernetes cluster is set)) and Rx Packet Drops > 0 group by ConnectedTo order by max(Rx Packet Drops)Packet drops by kubernetes namespacensx-t logical switch where Rx Packet Drops > 0 and Tag like ‘ncp/project:’ order by Rx Packet DropsPacket drops group by kubernetes servicesnsx-t logical port where (ConnectedTo in (Kubernetes Pods where kubernetes cluster is set)) and Rx Packet Drops > 0 group by ConnectedTo.Kubernetes service order by max(Rx Packet Drops)
Pod:
NSX-T Logical port where connectedto.modelKey in (modelKey of kubernetes nodes) order by Tx Packets desc
NSX-T Logical port where connectedto.modelKey in (modelKey of kubernetes pods) and Rx Packet Drops > 0 new kubernetes pod
in last 1 hour
Show <config Property> of kubernetes objectSupported properties for Configuration QueriesGroup by – Ex: kubernetes pods group by kuberentes servicesAggregate Functionsmax, min, sum, avgEx: sum(MemoryPressure) of kubernetes node
PKS - Kubernetes Search Poster
Kubernetes Namespace
Annotations Key Annotations Key Value ChangeCreation Time EventKubernetes Cluster L2 NetworksLabel Label Key Manager Name Problem Router Vendor ID modelKey status
Kubernetes Pod
Annotations Annotations Key CIFChange Containers Creation Time EventHOSTIP Address IPAddress Kubernetes ClusterKubernetes Namespace Kubernetes Node Kubernetes Services LabelLabel Key Logical Port Manager NameKubernetes Pod Name
Kubernetes Cluster
ChangeData Source Type EnabledEventNI Collector NSX Manager Name ProblemURL
PKS Data Source
Change Enabled EventNSX Manager ProblemURL
Kubernetes Service - Metrics
Nodes count Pods count
Sample Queries
Configuration PropertiesConfiguration Properties
Kubernetes Service
Annotations Key Annotations Key Value ChangeCluster IPCluster IPAddress Cluster NetmaskCluster Network Address Creation TimeEvent External IPExternal IPAddresses External Netmask External Network Address Kubernetes Cluster Kubernetes Namespace LabelLabel Key LoadBalancer IPLoadBalancer IP Address LoadBalancer Netmask LoadBalancer Network Address ManagerName Node Port PortPort Name Problem Protocol Selectors Selectors Key Target Port TypeVendor ID modelKey
Kubernetes Node
Annotations Key Annotations Key Value ChangeCreation Time DiskPressure EventHOSTIP Address IPAddressKube-Proxy Version Kubelet Version Kubernetes Cluster LabelLabel Key Logical Port Manager MemoryPressure NameNode Condition StatusNode Condition Status Message Node Condition Status TypeOS Image OutOfDisk PIDPressure Problem Ready Roles Vendor IDVirtual Machine modelKey
vRealize Network Insight | vRealize Network Insight Cloud
NSX-T Firewall
Destination Address GroupDestination IPSetDestination NSGroupDestination NSX-T IPSetDestination NegateDestination Security GroupDirect Destination AddressDirect Destination Address GroupDirect Destination IPSetDirect Destination NSGroupDirect Destination NSX-T IPSetDirect Destination Security GroupDirect Source Address GroupDirect Source AddressDirect Source IPSetDirect Source NSGroupDirect Source NSX-T IPSetDirect Source Security GroupIndirect Destination AddressIndirect Destination Address GroupIndirect Destination IPSetIndirect Destination NSGroupIndirect Destination NSX-T IPSetIndirect Destination Security GroupIndirect NSGroupIndirect NSX-T IPSetIndirect Security GroupIndirect Source AddressIndirect Source Address GroupIndirect Source IPSetIndirect Source NSGroupIndirect Source NSX-T IPSetIndirect Source Security GroupLogging EnabledSource Address Group
Source Security Group ActionApplicationApplication ID GUIDAppliedtoCategoryChangeDestinationDestination AddressDestination AnyDestination IPDestination VmDestination ZoneDevice GroupDirect NSGroupDirect NSX-T IPSetDirect Security GroupDirectionEventHIP ProfileIP AddressIPSetManagerManager ModelManager SerialManager VersionNSGroupNSX ManagerNSX Policy Firewall RuleNSX-T IPSetNamePacket TypePortPort RangePort Range
Port Range DisplayProblemProtocolProtocol Port RangeRule IDRule TypeScopeSection IDSection NameSecurity GroupSequence IDService ServiceService AnyService ProfileSharedSourceSource AddressSource AnySource IPSource IPSetSource NSGroupSource NSX-T IPSetSource NegateSource UserSource VmSource ZoneStatusTargetTarget NegationVendorVendorfirewall typevm series
nsx-t logical switch where Tx Packet Drops > 0top 10 nsx-t firewall rules order by sum(bytes)top 10 router interfaces order by Total Tx bytesnsx-t logical port where Rx Packer drops > 0nsx-t controllers where Management Connection Status != ‘Connected’nsx-t manager where VC Managers Count > 1nsx-t edge cluster where Deployment Type = ‘VIRTUAL_MACHINE’Firewalltop 10 nsx-t firewall rule order by Hit Countflows where firewall rule is not setnsx-t firewall rule where Flow Packets = 0 in last 30 daysnew nsx-t firewall rule in last 30 daysFlowsflow where application = app1flow where application = app1 and tier = Webflow where bytes > 100 gbflow group by vmtop 5 flow order by packetsflow group by Destination Countrycount of flow group by Destination IP AddressInternet traffic by source VMsum(bytes) of flows where Flow Type = ‘Internet’ group by source vm order by sum(bytes)Internet trafficflows where Flow Type = ‘Source is Internet’ and Flow Type = ‘Destination is VM’ order by bytesTop VM pair by total bytessum(bytes) of flows group by src vm, dest vm order by sum(bytes)
NSX-T Manager
Incomplete tcp flow drop countOutbound expire flow drop countWrong collector flow drop count
NSX-T Transport Node
ChangeControl StatusDeployment TypeEdge ClusterEventFabric NodeMaintenance ModeManagement StatusNameNetmaskNetwork AddressNode TypePnic StatusProblemRoll-up statusTransport ZonesTunnel StatusVendor IDmanager
NSX-T Policy Based VPN
ChangeEnabledEventLocal AddressLocal AddressLocal EndpointsLocal NetworkLocal NetworkManagerPeer VPN ConnectionPeer VPN GatewayPeer VPN SessionProblemRemote EndpointsRemote NetworkRemote NetworkRemote Private AddressRemote Private AddressRemote Public AddressRemote Public AddressTier0name
NSX–T Search PosterSample Queries Build your own query
Filters:• = , !=, like, not like• in, not in (membership)• is set, is not set (existence)• >, < (numeric), AND, OR (logical)Aggregation: SUM(), MAX(), MIN(), AVG()Modifiers: GROUP BY, ORDER BYProjection: LIST(), COUNT()
NSX-T Data Source
ChangeEnabledEventIPFIX EnabledLatency EnabledNI CollectorNameProblemURL
NSX-T Logical Switch
ChangeCreatorEventNSX-T Logical PortsProblemScopeTagTraffic TypeTransport ZoneVM CountVNIVendor IDmanager
NSX-T Manager
ChangeEventFQDNHost NameIP AddressKernel versionManagerNSX-T IP AddressNameProblemVC ManagersVersion
NSX-T Logical Switch
Multicast Broadcast Rx BytesMulticast Broadcast Rx PacketsMulticast Broadcast Tx BytesMulticast Broadcast Tx PacketsRx Packet DropsRx PacketsTotal Rx BytesTotal Tx BytesTx Packet DropsTx PacketsUnicast Packets RxUnicast Packets TxUnicast Rx BytesUnicast Tx Bytes
NSX-T Firewall Metrics
Flow BytesFlow PacketsHit CountSession Count
NSX-T Logical Port
Multicast Broadcast Rx BytesMulticast Broadcast Rx PacketsMulticast Broadcast Tx BytesMulticast Broadcast Tx PacketsNetwork RateNetwork Rx RateNetwork Tx RateRx Packet Drop RatioRx Packet DropsRx PacketsTotal Rx BytesTotal Tx BytesTx Packet Drop RatioTx Packet DropsTx PacketsUnicast Packets RxUnicast Packets TxUnicast Rx BytesUnicast Tx Bytes
NSX-T Distributed Router
ChangeEventLogical RouterManagerNameProblemRouter InterfaceRouter Interface CountTier Router TypeVRFVendor ID
NSX-T Logical Port
Administrative StatusAttachment TypeChangeConnectedToEventManagerNSX-T L2 NetworkNSX-T Logical SwitchNameNumbered Network InterfaceOperational StatusProblemScopeTagVMVendor IDVnic
NSX-T Layer2 Network
ChangeCreatorDefault GatewayEventHost CountHostsManagerNSX Policy SegmentNSX-T Logical SwitchNameNetworkProblemScopeTagTraffic TypeVLANVM CountVNIVendor IDVlan ID
NSX-T Firewall
ChangeEventExclusionFirewall StatusManagerModelNameProblemPublished VersionRule CountRuleSets TypeRulesSerialVendorVendor IDVersion
NSX-T Service
ChangeEventLocationManagerNamePortProblemProtocolSource PortVendor ID
NSX-T Security Group
All Direct Child GroupAll ParentsChangeChildDirect Destination RuleSets TypeDirect Incoming RulesDirect Outgoing RulesDirect Source RuleSets TypeEventIncoming Rule CountIndirect Destination RuleSets TypeIndirect Incoming Rule CountIndirect Incoming RulesIndirect Outgoing Rule CountIndirect Outgoing RulesIndirect Source RuleSets TypeLinked SGManagerManager ModelManager VersionMemberMemberNameOutgoing Rule CountProblemRegionRule CountScopeTagTranslated VMVendorVendor ID
NSX-T IPSet
All ParentsChangeDirect Destination RuleSets TypeDirect Incoming RulesDirect Outgoing RulesDirect Parent Security GroupDirect Source RuleSets TypeEventIP AddressIP RangeIndirect Destination RuleSets TypeIndirect Incoming RulesIndirect Outgoing RulesIndirect Source RuleSets TypeManagerNSX ManagerNameNetmaskNetwork AddressProblemScopeScopeTagTranslated VMVendor ID
NSX-T Transport Zone
ChangeEventHost Switch ModeHost Switch NameManagerNameProblemTypeVendor ID
NSX-T Edge Cluster
ChangeDeployment TypeEventMember Node TypeMembersNameProblemVendor IDmanager
NSX-T Fabric Node
ChangeDeployment TypeEventIP AddressesIP SourceNameNetmaskNetworkNode TypeOS TypeOS VersionProblemTransport NodeVendor ID
NSX-T Service Group
ChangeManagerNameProblem
NSX-T Router
Advertise NAT RoutesAdvertise NSX Connected RoutesAdvertise Static RoutesChangeDistributed RouterECMPEdge ClusterEventFailover ModeHA ModeLinked RoutersManagerNameOSPFOSPF Area IDOSPF Area TypeProblemRouter InterfaceRouter Interface CountRouting Advertisement EnabledScopeService RouterTagTier Router TypeVRF Vendor ID
vRealize Network Insight | vRealize Network Insight Cloud
top 10 nsx-v firewall rules order by connection countsum(bytes) of flows where Flow Type = ‘Src is VM’ and Flow Type = ‘Dst is Internet’sum(Session Count) of flows group by firewall rule order by sum(session count) where firewall ruleid = 1032host group by Firewall Statushost group by Hostprep Feature Status host group by Hostprep Feature Version vmware vm group by Firewall Rule NSX-V Controller group by Ldr CountNSX-V Controller group by Upgrade AvailableSecurity group where Indirect Incoming Rules is not set and Indirect Outgoing Rules is not set and Direct Incoming Rules is not set and Direct Outgoing Rules is not setUn-Protected FlowsFlows where firewall rule is not setList of firewall rules which are not hit by any flow in last 30 daysNSX firewall rule where flows is not set in last 30 daysFlows hitting specific rule id’s / firewall rules/specific security group/specific applicationFlow where rule id in (1011, 1012, 1013) Flow where firewall rule like rule1Flow where security group like sg1Flows hitting on an application.Flow where application = app1Flow where application = app1 and tier = TierNameNew Firewall rulesNew firewall rules in last 24 hours New firewall rules in last 30 days
VMware NSX® Data Center for vSphere® Search Poster
Sample Queries NSX-V IPSet - Configuration Properties
All Parents Change EventIP Address IP Address IP RangeIP Address Range endIP Address Range startTranslated VM Vendor ID Network Address
ProblemScope Scope Tag ManagerNSX Manager Name NetmaskIndirect Incoming RulesIndirect Outgoing Rules Direct Destination RuleSets Type Direct Incoming RulesDirect Outgoing RulesDirect Parent Security Group Direct Source RuleSets Type Indirect Destination RuleSets Type Indirect Source RuleSets Type
NSX-V Controller - Configuration Properties
Activated Change Enabled EventIDIP Address Join Status LdrMajority Status Manager MasterNSX Manager NameNetwork Address ProblemRole Name Scope StatusUpgrade Available VMVXLANVendor ID
Version
NSX-V Manager - Configuration Properties
Backup Enabled ChangeEventIP Address ModelNTP Server Configured NameProblem SerialSyslog Server Configured Transport ZoneVMVendor Version
NSX-V Firewall - Configuration Properties
NSX Manager NamePacket Type PortPort Range Port RangePort Range Display ProblemProtocolProtocol Port Range Rule IDRule Type Scope Section ID Section NameSecurity Group Sequence ID Service Service Service Any Service Profile SharedSourceSource NegateSource Security Group Source UserSource Vm Source Zone EventFlowHIP Profile IP Address Status
TargetTarget Negation VendorVendor vm seriesIndirect Source IPSetIndirect Source Security Group Logging EnabledManager Manager Model Manager Serial Manager Version Action ApplicationApplication ID GUID AppliedtoCategory ChangeConfigured Destination Configured Source Destination Destination Address Destination Address Group Destination Any Destination IPDestination IPSet Destination Negate Destination Security Group Destination Vm Destination ZoneDevice GroupDirect Destination Address Direct Destination Address Group Direct Destination IPSet Direct Destination Security GroupDirect Security Group Direct Source AddressDirect Source Address Group Direct Source IPSetDirect Source Security Group Direction IPSetIndirect Destination Address Indirect Destination Address GroupIndirect Destination IPSet Indirect Destination Security GroupIndirect Security Group Indirect Source Address Indirect Source Address Group Source AddressSource Address Group Source AnySource IP Source IPSet
NSX-V Security Group - Configuration Properties
All Direct Child Group All ParentsChange ChildDirect Destination RuleSets TypeDirect Incoming Rules Direct Outgoing Rules Direct Source RuleSets Type EventExcluded IP Address IPSetIncoming Rule Count Indirect Destination RuleSets TypeIndirect Incoming Rule Count Indirect Incoming Rules Indirect Outgoing Rule Count Indirect Outgoing Rules Indirect Source RuleSets Type ManagerManager Model Manager Serial Manager Version Member MemberNSX Manager NameOutgoing Rule Count ProblemRegion Rule CountSecurity Tag Translated VM Vendor Vendor ID
NSX-V Policy Firewall - Configuration Properties
Change Event ExclusionFirewall Status Manager ModelName ProblemPublished Version Rule Count RuleSets Type RulesSerialSpoofguard Status VendorVendor ID Version
NSX-V Manager - Metrics
Incomplete tcp flow drop count Outbound expire flow drop count Wrong collector flow drop count
NSX-V Policy Based VPN - Configuration Properties
Change Enabled EventLocal Address Local Address Local Endpoints Local Network Local Network ManagerPeer VPN Connection Peer VPN Gateway Peer VPN Session ProblemRemote Endpoints Remote Network Remote Network Remote Private Address Remote Private Address Remote Public Address Remote Public Address Tier0name
vRealize Network Insight | vRealize Network Insight Cloud
Total packets, Lost Packet Ratio , Retransmitted Packet Ratio of SDWAN EdgeTotal packets, Lost Packet Ratio , Retransmitted Packet Ratio of SDWAN Edge Application where edge = ‘Hillsboro, CA Hub’ Sd-wan edge where segment = ‘Global’
VeloCloud Link VeloCloud ProfileVeloCloud Segment
VeloCloud Edge VeloCloud ClusterVeloCloud Event
VeloCloud Datasoure VeloCloud Layer2 NetworkVeloCloud Gateway
VeloCloud Enterprise SDWAN ApplicationSDWAN Edges
Show <Config Property> of <VeloCloud Object> – show primary gateway of VeloCloud Edge<VeloCloud Object> where <config property> = value Supported properties for VM Configuration Queries Group by – Ex: VeloCloud Cluster group by edge Order by – Ex: VeloCloud Gateway order by city Aggregate Functionsmax, min, sum, avgEx: sum(memory), sum(cpu cores) of <VeloCloud Object>
Show <Metric> of <VeloCloud Object> – show Sys Uptime of VeloCloud EdgeSupported properties for VM metric QueriesGroup by is not available for metricsOrder by – Ex: <VeloCloud Object> order by coresAggregate Functionsmax, min, sum, avgEx: sum(cpu usage mhz), sum(active memory) of<VeloCloud Object>
SD-WANTM by VeloCloud® Search Poster
Sample Queries
SD-WAN Application - Configuration Properties
Category Change Description Enterprise Event Name Problem Vendor ID Vendor ID
SD-WAN Edge Application - Configuration Properties
Application Change Event Name ProblemSDWAN Edge
Velocloud Logical Router - Configuration Properties
Change Event Problem
VeloCloud Data Source - Configuration Properties
Change Enabled Event Problem URL
VeloCloud Site - Configuration Properties
edges name vendorId
VeloCloud Manager - Configuration Properties
Change Enterprises Event Name Problem Vendor ID
VeloCloud Enterprise - Configuration Properties
Change Event Name Problem Profiles Segments Vendor ID
VeloCloud Edge - Configuration Properties
Activation State Build Number ChangeDevice Family Edge State Enterprise EventHub Latitude Links LongitudeModel Number NamePrimary Gateway ProblemProfileRouter Interface Secondary Gateway SegmentSoftware Version VendorVendor ID wan
VeloCloud Layer2 Network - Configuration Properties
ChangeDefault Gateway EventHost Count Interface Name NetworkNetwork Address EndNetwork Address StartProblem SDWAN Edge SegmentVM Count Vendor ID Vlan ID
VeloCloud Link - Configuration Properties
Backup State Change Connectivity State EdgeEventInternet Service - Provider InterfaceName Network Side Network Type Problem Service State Vendor IDip address
VeloCloud Segment - Configuration Properties
Change Description Enterprise Event Name ProblemProfileCount Type Vendor ID
VeloCloud Profile - Configuration Properties
Change Description Edge Count Enterprise Event Name Problem Vendor ID
VeloCloud Gateway - Configuration Properties
Change City Continent Country EventIP Address Name Problem Region Vendor ID
VeloCloud Cluster Configuration Properties
Change Description Edge Enterprise Event Name Problem Vendor ID
VeloCloud Wan - Configuration Properties
discovery edge edgeInterface isplogicalId mode mtupublicIpAddress type
VeloCloud Link - Metrics
Link UptimeVeloCloud Link State UP Velocloud Bytes Received Velocloud Bytes SentVelocloud Link Downstream Average Throughput Velocloud Link Downstream Bandwidth Velocloud Link Downstream Jitter Velocloud Link Downstream Latency Velocloud Link Downstream Packet Loss Velocloud Link Transactional Quality Score Velocloud Link Upstream Average Throughput Velocloud Link Upstream Bandwidth Velocloud Link Upstream JitterVelocloud Link Upstream Latency Velocloud Link Upstream Packet Loss Velocloud Link Video Quality Score Velocloud Link Voice Quality Score Velocloud Packets Received Velocloud Packets SentVelocloud Total Bytes Velocloud Total Packets
VeloCloud Edge - Metrics
Bytes Bytes RateDestination Bytes Edge Uptime Lost Packet Ratio PacketsRetransmitted Packet Ratio Source BytesVeloCloud Edge State UPVelocloud Link Transactional Quality Score Velocloud Link Video Quality Score Velocloud Link Voice Quality Score
SD-WAN Edge Application - Metrics
Bytes Bytes RateDestination Bytes Lost Packet Ratio PacketsRetransmitted Packet Ratio Source Bytes
vRealize Network Insight | vRealize Network Insight Cloud
vm where name matches ‘[a-z]vm-delta[0-9]’ vm where host in (host of vm where name = ‘x’)vm where ip address in (192.168.91.11, 192.168.91.10) series(sum(network usage)) of vms where name like ‘app’ series(sum(memory usage)) of vms where name like ‘db’ series(avg(cpu usage)), series(avg(memory usage)) of vmsvm where not in (vm where Power State = ‘POWEREDON’ in last 30 days)L2 Network , vlan, ip address, default gateway of vms flows where VM = ‘Win2016-AD’flows where Flow Type = ‘Src is VM’ and Flow Type = ‘Dst is Internet’ by bytes flows where flow type = ‘Source is VM’sum(bytes) of flows where Flow Type = ‘Src is VM’ and Flow Type = ‘Dst is Internet’
Show <Metric> of VM – show Sys Uptime of vm VM where <Metric> = valueSupported properties for VM metric QueriesGroup by is not available for metrics Order by – Ex: vms order by cores Aggregate Functionsmax, min, sum, avgEx: sum(cpu usage mhz), sum(active memory) of vms
Show <config Property> of VM – show vxlan of vm VM where <config property> = valueSupported properties for VM Configuration QueriesGroup by – Ex: vms group by host Order by – Ex: vms order by cores Aggregate Functionsmax, min, sum, avgEx: sum(memory), sum(cpu cores) of vms
Virtual Machine Search Guide
vms group by Operating System Vms group by l2 network Vms group by VMTools Status Top 10 vms by snapshot count Top 10 vms by CPU usageTop 10 vms by memory usage Top 10 vms by CPU Wait Rate Top 10 vms by Max Packet Drops vms where memory > 4096 mbVms where Max Latency > 5ms vms where cpu usage rate < 70%vms where cpu usage rate <= 70% vms where memory >= 4096 mb vms where name like ‘app’vms where name not like ‘app’ vms where firewall rule is set vms where firewall rule is not set vm where name matches ‘.*’vm where name matches ‘a.*’ vm where Outgoing Port = 443 vm by vlan where vlan = “xyz” show Max Network Rate of VM show CPU Ready Rate of VM show Memory Balloon of VMshow Memory Overhead of VM
Sample VM Queries
Virtual Machine Configuration Properties
Tools VersionVMTools Config Status VMTools Status VcenterVnicVnic Count Vxlan Datacenter Datastore Datastore CountDisconnected Vnic Count VendorVendor ID Version Standard SwitchStandardPortgroup Virtual Disk Capacity Virtual DisksPower State Resource Pool SDDC Type Snapshot CountSnapshot Create Time SnapshotsSwitch Ports Switches ClusterConnected Vnics Connection State DvpgDvs Folder
Host TagTag Key ACI Application Profile AddressAddress Group Address Range Application ChangeDns Server Domain Name Endpoint Group EventFqdnOperating System Other Names Policy Group ProblemRegionSearch Domain SerialService Nodes Static IPTier RoleCPU Allocation Limit CPU CoresCPU Reservation MemoryMemory Allocation Limit Memory Reservation
Virtual Machine Metrics
Sys UptimeCPU Costop RateCPU Costop Rate vCPU CPU Costop TimeCPU Ready RateCPU Ready Rate vCPU CPU Ready TimeCPU Run RateCPU Run Rate vCPU CPU Run TimeCPU Usage Mhz CPU Usage Rate CPU Wait RateCPU Wait Rate vCPU CPU Wait Time Memory Consumed Memory Overhead Memory Swapin Rate Memory Swapout Rate Memory Swapped Memory Usage Rate Memory Balloon Active Memory Provisioned Space RW IOPSRW Throughput Read IOPS Read Latency Snapshot SizeCommitted Space Read Throughput
Rx Broadcast Packets Rx Broadcast Ratio Rx Packet Drop Ratio Rx Packet DropsRx PacketsTx Broadcast Packets Tx Broadcast Ratio Tx Packet Drop Ratio Tx Packet DropsTx PacketsTotal Network Traffic Total Packet Drop Ratio Total Packet Drops Total PacketsUnicast Rx Packets Unicast Tx Packets Max LatencyMax Network Rate Max Network Rx Rate Max Network Tx Rate Max Packet Drop Ratio Max Packet Drops Multicast Rx Packets Multicast Tx Packets Network RateNetwork Rx Rate Network Tx Rate
Uncommitted Space Write IOPSWrite Latency Write Throughput
VM Datastore Metrics
Committed Space RW IOPSRW Throughput Read IOPS Read Latency
Read Throughput Uncommitted Space Write IOPSWrite Latency Write Throughput
Virtual Disk - Metrics
ChangeChild Snapshot Count Child Snapshots Create TimeCurrent
EventFile Name Manager Name Problem
Security & Firewall
FirewallRule FirewallStatus IncomingRules L2Network L2NetworkCount MacAddressL2 Network IP Address IPSetIPSet Count Security GroupSecurity Group Count Security Tag Outgoing Port Outgoing Rules Incoming Port Incoming RulesNsx NSGroupcheckpoint host nat deviceVlanEnd Vlan
Virtual Disk / VM Datastore - Config Properties
Change Datastore Event Problem VM Backing Disk Capacity Change Datastore Device Name Disk Format Disk Mode EventFile Name Name Name ProblemThin Provisioned VMVcenter
Snapshots Config Properties
RW IOPSRW Throughput Read IOPS Read LatencyRead Throughput Used Space Write IOPSWrite Latency Write Throughput
Network
Default Gateway Default Gateway RouterDefault Gateway Router - InterfaceNetworkNetwork Address Network Address Count Network Group NSGroupCount NSXPolicyGroup NSXPolicyGroupCount NSX-TIPSetNSX-TIPSetCount NSX-TLogicalPortNSX-TLogicalPortCount
Snapshot - Metrics
Snapshot Size
RETURN TO FRONT
VMware, Inc. 3401 Hillview Avenue Palo Alto CA 94304 USA Tel 877-486-9273 Fax 650-427-5001 www.vmware.com Copyright © 2020 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. VMware products are covered by one or more patents listed at http://www.vmware.com/go/patents. VMware is a registered trademark or trademark of VMware, Inc. and its subsidiaries in the United States and other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies. Item No: vmw-toolkit-vmware-vrealize-network-insight-uslet-v5 0320
Want to do more with VMware networking?Try a quick introduction to vRealize Network Insight – Lightening Lab
Save time. Collaborate more. Find answers faster.
VMware vRealize Network Insight Cloud
