What’s New in vRealize Log Insight Cloud – July 2022

Last week vRLI Cloud had its July release. In this blog, I will try to provide more details about the new features. 

There are 4 new features that got released.

  1. VMware Azure VMware Solution (AVS) Support
  2. VMware Oracle Cloud VMware Solution (OCVS) Support
  3. Service Proxy Resource Customization
  4. Log Forwarding with Ingested Fields

VMware Azure VMware Solution (AVS) Support

AVS provides you with private clouds that contain vSphere clusters built from dedicated bare-metal Azure infrastructure. All provisioned private clouds have vCenter Server, vSAN, vSphere, and NSX-T. For more details, you can refer to the official documentation

Logs from AVS are now available in vRealize Log Insight Cloud. This enables the following use case for the customers  

Audit Use Cases

  1. vCenter and ESXi Hosts Audit Logs for security compliance
  2. Virtual Machine Logs for vMotion tracking 

Diagnostic Use Cases

  • NSX-T firewall packet logs to troubleshoot firewall misconfigurations during migration, new workload rollouts, and day 2 operations.
  • Filtering and forwarding logs for centralized Data lake or SIEM solutions for threat prevention, threat detection, incident management, and machine learning.

You can refer to the instructions from the AVS Log Source within the Product. I will also try to write a detailed blog on the configuration

https://www.mgmt.cloud.vmware.com/li/sources/details?id=Azure%20VMware%20Solution%20(AVS)

VMware Oracle Cloud VMware Solution (OCVS) Support

Oracle Cloud VMware Solution allows you to create and manage VMware-enabled software-defined data centers (SDDCs) in Oracle Cloud Infrastructure. All provisioned private clouds have vCenter Server, vSAN, vSphere, and NSX-T. For more details, you can refer to the official documentation

Logs from OCVS are now available in vRealize Log Insight Cloud. This enables the following use case for the customers  

Audit Use Cases

  1. vCenter and ESXi Hosts Audit Logs for security compliance
  2. Virtual Machine Logs for vMotion tracking 

Diagnostic Use Cases

  • NSX-T firewall packet logs to troubleshoot firewall misconfigurations during migration, new workload rollouts, and day 2 operations.
  • Filtering and forwarding logs for centralized Data lake or SIEM solutions for threat prevention, threat detection, incident management, and machine learning.

You can refer to the instructions from the OCVS Log Source within the Product. I will also try to write a detailed blog on the configuration

https://www.mgmt.cloud.vmware.com/li/sources/details?id=Oracle%20Cloud%20VMware%20Solution%20(OCVS)

Service Proxy Resource Customization

You can modify the CPU and memory resources for a service proxy. Modifying these resources lets you override the default configuration to accommodate higher log ingestion rates. 

This was one of the most frequently requested enhancements from the Customers. By default, the log-forwarder service proxy (container) had 1 vCPU and 1 GB of Memory. Depending upon your environment it may not be able to handle the load which required customers to raise SR for requesting the resources to be increased. 

With this enhancement, the customer now has an option the Cloud Proxies UI to manage the resource configuration. You can refer to Cloud Proxy for the current resource limits to identify what configuration will be applicable to your environment.

Resource Limits 

Documentation

Log Forwarding with Ingested Fields

vRLI Cloud lets you forward all or a subset of incoming log events to a Splunk endpoint. Now, you can also forward all the ingested fields of logs to the endpoint.

To enable this configuration, select the Forward all fields check box in your log forwarding configuration.

Try out vRealize Log Insight Cloud

If you’re not already using vRealize Log Insight Cloud, check out our free 30-daytrial. To learn more about how to use Log Insight Cloud, please check out

Related Articles

vRealize Log Insight Cloud Migration Guide

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *