Embed Size (px)
Citation preview
© 2014 VMware Inc. All rights reserved.
VMware® vRealize™ Log Insight™Version 3.3 Overview
05/01/2023
David PasekVMware TAM
2
Agenda
1 The Big Picture
2 Log Insight Overview
3 Technical Overview
4 Integration with vRealize Operations
5 Use Cases and Resources
3
Automation
Service CatalogGovernance
Release Automation
Operations
Service HealthCapacity Optimization
Configuration Standards
IT Business
Cost TransparencyBenchmarkingService Quality
VMware Cloud Management
Compute
Physical Hardware
Private Clouds
Public Clouds
Hybrid CloudVMware &
vCloud Datacenter Partners
Virtualized InfrastructureAbstract & Pool
Compute Abstraction = Server Virtualization
Storage
Storage Abstraction = Software-Defined
Storage
Network
Network Abstraction = Virtual Networking
Applications Modern SaaSTraditional
The Control Plane for the Software-Defined Data Center and the Hybrid Cloud
VMware Cloud Management Leadership
All reports 2014 except 451 Research (Nov 2013)
1st in four of six Cloud Management and Automation categories:
• Self-service Catalog• Unified Cloud
Management Console• Cloud Governance• Metering and Billing
- 451 Research
1st in Cloud Systems Management Software
“Champion” in CMP Vendor Landscape
- Info-Tech
“... VMware is in a position to garner a significant portion of the CMP market to support enterprise hybrid clouds…”
Market Guide for Cloud Management PlatformsFrom Large Software and Emerging Vendors- Gartner
1st in Data Center Automation Software
IDC 2013 Vendor Shares Reports
Log Insight Overview
6
Powerful & Scalable Log Management
Solve problems faster,from days to hours
vRealize™ Log
Insight™Find problems you didn’t know you had
Get actionable insight into what logs mean
Integrate log data with performance analytics
vRealize Log Insight Overview
Intelligent Operations•Enterprise Scale •Predictive Analytics/Machine Learning for faster problem resolution
Built for the Software Defined Data Center•Base version now included with vCenter• Insight into VMware products incl. NSX, vRealize Automation, Horizon View
•Attractive pricing model for customers of all sizes – not based on log volume
Unified Management• Integration with vRealize Operations Management
Suite Inventory integration, 2-way alert visualization
Extensible• Over 40 Third Party Content Packs Available
The best real-time big data log management for SDDC
Operating system
vSphere
System statistics
Applications
Security
Other IT
All Kinds of Logs
Log Insight 2.0
AnalyzeDiscover
SearchVisualize
IT Operations
Security
Compliance
40B events 10 event types…by machine learning
OverviewAppApp
vRealize Log Insight for vCenter
vRealize Log InsightAvailable with vCenter Server Standard
Intelligent Log Analytics for vCenter• Free 25-OSI Log Insight pack per vCenter Benefits of vRealize Log Insight for vCenter• Powerful big data log management built for vSphere• Includes all VMware Content Packs • Extensive Log Management – Captures log data from physical
servers, network and storage devices, OSs, applications, and more • Intuitive on-the-fly keyword filtering and custom dashboards• Integration with vRealize Operations – Inventory integration, 2-way
Alert Visualization
NEW
The best real-time management for SDDC
Security
App
Operating System
vSphere
System Statistics
Applications Other IT
App
Logs
Upgrade to Full vRealize Log Insight for:
• Extensibility – 3rd Party and Custom Content Packs such as Microsoft, Cisco, EMC, NetApp (29+ available)
• Scalability – Cluster Support and Event Forwarding• High availability, Archiving and SSL
VMware vRealize Log Insight Extensibility
Highly Extensible• Captures log data from physical servers, network and storage devices, OSs, applications, VMs, and hosts, and more
Log Insight Content Packs• Encapsulate, pre-built dashboards and product-specific alerts from vRealize Log Insight• Provide vendor specific guidance and insight into which logs really matter
Log Insight Marketplace• Built into the UI or available at www.solutionexchange.vmware.com
Content Packs
Overview
• Operating System• Application• Network• Storage• SDDC• Security
Log Insight UI - Interactive Log Analytics
Interactive Visualization of Query Results, Plus Easy Drop-Down Menu Options
11
Primary Use Cases
Troubleshooting and Root Cause Analysis
• Follow the trail from vRealize Operations Manager to logs to get to root cause to an observed problem
• Identify the needle in the haystack in real time when troubleshooting a problem
Monitoring
•Monitor metrics and events (performance & change) that are visible only in logs •Identify problems proactively, ensure SLAs and comply to IT policies
Unstructured Data Warehouse
• Collect all the data in one place without the need for custom parsing, transformation of data
• Get full visibility across all your IT environment from a single place
Technical Overview
Log Insight Technical Overview
Cloud / Data Center
Log Management
OSLogs
VCLogs
AppLogs
SystemStats
SecurityLogs
API Syslog
Analyze• Can analyze any unstructured time-series data,
configuration etc.• Automatically identifies structures in the data
Scale• Central, scale-out store (no-SQL) for all collected logs• Configurable retention and archiving• Maintenance free
Best for SDDC• Queries, alerts, fields, charts in the vSphere Content Pack
Intelligent Operations
Predictive Analytics
• Machine Learning based Automatic Data Consolidation
• Intelligent data summarization• Cluster similar messages together
• Automatic Schema extraction• Automatically understand message
structure• Intelligent automatic field extraction
Technical Overview
Intelligent Operations
Better Integration and Visualizations
• Powerful Content Pack authoring capabilities
• Dashboard wide filters• Link dashboard widgets
• Visualizations (tables and chart types) for Interactive Analytics and Content Packs
Technical Overview
It’s like ‘Rosetta Stone’ for logs
Log Insight proactively learns:
from:
Then you can query it like a database!
Integration with vRealize Operations
Better Together: vRealize Operations and vRealize Log Insight
Leverage all your IT data for comprehensive visibility in one place
Structured Data
Metrics Alerts Events
VMware vRealize Operations
Capacity, Performance and Configuration Management Events
Launch in Context
Unstructured Data
Logs Messages
VMware vRealizeLog Insight
Log analytics, aggregation, and search
App App
App
App
App
App
App
App
App
App
App
Public Cloud
Use Cases & Resources
Industry
Headquarters
Employees
“vRealize Operations shows us what’s happening in our environment, precisely as it’s happening. This technology is able to marshal huge amounts of data to inform real-time metrics, all presented in a single pane of glass.”
— Chris Nakagaki, Virtualization Architect, AutoTrader.com
• VMware vRealize Operations Manager
• VMware vRealize Log Insight
Objectives• Managing far-flung data centers from a central location
• Getting a clear, comprehensive view into key performance metrics
• Correlate log events with performance metrics for proactive alerting
VMware SolutionWith VMware vRealize Operations and Log Insight, AutoTrader.com can proactively manage system performance, automate the delivery of infrastructure and application services, and achieve a whole new level of business insight.
Business Impact• Achieved comprehensive visibility into real-time performance• Identify and resolve issues before any system impact• Minimized system downtime with improved accuracy in capacity
planning
PROFILE
E-commerce
Atlanta, Georgia
3,300
VMWARE PRODUCTS & SERVICES
AMERICAS
VMware IT - OneCloud
Content Packs In Use • 18 node cluster
• 500GB per day of logs.*
• 51,459 Events Per Second
• 42,607 Alert Queries run since last
restart
• 11,543,166,777 Total events ingested
• 16 TB live storage
• 15 TB offline archival storage
*We are planning on doubling our ingestion rate over the next month to around 1 TB per day.*Numbers accurate as of Feb, 5 2016
On
22
Resources
• Competitive inquiries– [email protected]
• Vault Site:– https://vault.vmware.com/group/vault-main-library/id-246638
9
• Log Insight Information email Alias: – [email protected]
Thank You!
Summary Log Insight 3.x
Log Insight. Next
vRealize Log Insight for Large Environments• Faster - Each node can ingest three times more data - up to 15,000
events per second.
• Bigger - The number of nodes that can be included in a Log Insight cluster is doubled, from 6 to 12.
• Better - A cluster of twelve nodes can process an astounding 3.8 TB of data per day.
Improved Analytics Engine• Multi-Function Charts - Compare different aggregation functions
within the same chart, such as MIN, MAX, and AVG.
• Snapshots - Visualize your log browsing history and quickly create new dashboards based on your recent snapshots.
• Event Types Highlighter – Quickly identify important events.
• Event Trends Baselines – Set custom time periods to compare trends in event types.
• • URL Shortener - Share shortened URLs with your colleagues to the Interactive Analytics page.
What’s New in vRealize Log Insight 3.3?
New Intelligent Log Analytics Capabilities
Key Features / Solution:• Simple Query API for easy integration to existing processes
• Web Hooks support for 3rd party app integration (i.e., Slack)
• Support for pure IPv6 environments
The best real-time management for SDDC
New: Free 25-OSIs of limited feature Log Insight
included with vCenter Server Standard
Customer Scenario
Problem• Limited query flexibility
• Limited alert extensibility
• Pure IPv6 environment unable to benefit from log analysis within vRealize Log Insight
Security
AppOperating
SystemvSphere
System Statistics
Applications Other IT
App
Logs
