VMware Cloud on AWS Infrastructure Visibility using Log intelligence

In the blog post, I will be exhibiting key capabilities of Log Intelligence which helps Customers gain operational insights into VMware Cloud on AWS environment

VMware Cloud on AWS Service Overview

VMware Cloud on AWS brings VMware enterprise-class Software-Defined Data Center (SDDC) software to the AWS Cloud. It enables customers to run production across private, public & hybrid cloud environments based on VMware vSphere®, with optimized access to AWS services.

VMware Log Intelligence Service Overview

VMware Log Intelligence offers unified visibility across private clouds and AWS, including VMware Cloud on AWS, to provide deep operational insights and faster root cause analysis. It adds structure to unstructured log data, provides rich dashboards and delivers innovative indexing and machine learning based intelligent grouping for faster troubleshooting
AWS log intelligence

Key Capabilities of Log Intelligence for VMware Cloud on AWS

Log Intelligence is deeply integrated with VMware Cloud on AWS Infrastructure which makes it the only logging solution which provides visibility to VMware Cloud on AWS SDDC(s).
AWS log intelligence
The following section gives the details for capabilities which Log Intelligence offer

Audit and NSX-T firewall Log Data

By default, Audit logs are collected in Log Intelligence for all the SDDCs deployed in VMware Cloud on AWS. For NSX-T firewall its matter of enabling it in the Log Intelligence UI and admins will automatically start seeing firewall logs, allowing them to audit, monitor and troubleshoot VMC environment
This is a unique capability of log intelligence

VMware Cloud on AWS Content Pack

This content pack provides powerful insights into the NSX-T firewall rules, packet traffic rules created in VMware cloud on AWS along with audit details allowing administrators to audit, monitor and troubleshoot the behavior of configured rules in their VMware Cloud on AWS environment
Once enabled you will get queries, alert definitions which can be used
Queries
Alert Definitions
You can save the queries on the Shared or Private Dashboards or enable Alert Definitions to send email/webhook notifications.
Dashboards
Here I have saved 2 queries on Shared Dashboard so that all users can view the same
Alerts and Notifications
Once enabled you can view recent alerts on the Home Page and if configured you can get an email or webhook notification. Here I have sent webhook to slack
Recent Alerts
Email Notification
Webhook Notification on slack

Forward log events from Log Intelligence to other endpoints

Log intelligence allows you to forward logs to other endpoints. You can forward all VMC logs or use filters to forward specific logs.
Currently, it supports the following endpoints
  • OnPrem vRealize Log Insight
  • On Prem Syslog Server using TCP
  • On Prem Syslog Server using UDP
  • On Prem Splunk
  • On Prem Default – Authenticated HTTPs endpoint
  • Splunk Cloud Endpoint
  • Authenticated Cloud endpoint over HTTPs
Note – Any OnPrem endpoint will need Cloud Proxy deployed in your environment which log intelligence communicates with to forward logs
For detailed configuration on how to configure log forward please refer documentation here

Export Log Events

You can export the results of a log query to share them with other systems, or forward them to your support contact

Conclusion

Log Intelligence provides real-time visibility into VMware Cloud on AWS SDDC environment via Audit logs. Firewall Logs allows customers to log packets for specific firewall rules to accelerate troubleshooting and maintain security

Original Blog

My Original Blog is posted here 

0 thoughts on “VMware Cloud on AWS Infrastructure Visibility using Log intelligence

  1. This is a very interesting article to read. Thanks for sharing the information. Great post.Download the application:Make Money Online…2019 100% WorkingClick Here Now Free bigo liveVideo Streaming Online…2019 100% WorkingClick Here Now Free bigo live apkBest Messaging App…2019 100% WorkingClick Here Now Free video callingOnline Video Chat…2019 100% WorkingClick Here Now FreeLive ChatWatch Series Stream…2019 100% WorkingClick Here Now Free bigo live app

  2. Thank you for the great post.Prancer is a pre-deployment and post-deployment multi-cloud validation framework for your Infrastructure as Code (IaC) pipeline and continuous compliance in the cloud.

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: