What’s New in vRealize Log Insight Cloud – August 2022

 

vRLI Cloud’s August release had the following features. In this blog, I will try to share details about the same 

  1. Log Root Cause Analysis (RCA)
  2. Log Compare
  3. AVS Content Pack
  4. OCVS Content Pack
  5. New Content Pack UI with Improved User Experience
  6. New Log Sources UI with Improved User Experience
  7. Log Forwarding in RAW Format over TCP/UDP
  8. VMware Cloud Disaster Recovery (VCDR) Log Support
  9. Handle Conflicting Fields

Log RCA (Root Cause Analysis)

It helps you investigate and troubleshoot incidents for a potential root cause in an environment.

You can create an investigation by specifying the time range when you think the issue happened. The good part is that the UI allows you to control the sensitivity.

I feel the Log RCA is a game changer in the world of logs as it leverages AI & ML technologies to reduce the turnaround time when troubleshooting an issue and bring back the normalcy of the Application / Infrastructure 

 

 

 

 

 

 

 

 

 

 

 

A couple of things to Note 

  • The log RCA service needs a few minutes to process logs, and a longer time to produce meaningful results. The accuracy of log RCA increases with the amount of time the service runs.
  • You cannot run an RCA for an issue that occurred before you activated the log RCA feature.

For more details, you can refer to the documentation 

Log Compare

It helps detect anomalies in logs across time or across log sources. This helps you determine what was different right before a release or a failure as compared to the previous day or previous week. You can run an analysis that helps you troubleshoot and discover root causes

In the below example I am checking firewall logs for my Application to compare what traffic was allowed to identify a user complaining that they are not able to access the Application 

 

 

New Content Packs for AVS & OCVS SDDC

In the July release, vRLI Cloud added support for AVS & OCVS SDDC. If you haven’t seen my blogs you can refer to the same

Forward AVS SDDC logs to vRealize Log Insight Cloud

Forward OCVS SDDC logs to vRealize Log Insight Cloud
In this release, the content packs have been released which is a collection of the following objects that are relevant for a set of product/application logs

  • Alerts
  • Dashboards
  • Queries
  • Extracted fields

You can refer to my blog for Content Packs 101

 

 

New Content Pack & Log Sources UI with Improved User Experience

UI has been completely revamped which allows an easy experience for the user to navigate supported log sources and installed content packs. For Content Pack, you can easily export the content pack for source code management or you can easily customize based on your environment

Log Forwarding in RAW Format over TCP/UDP

For TCP & UDP Syslog endpoint previously the only supported format was JSON however there was a couple of customer request where they wanted the default RAW format. Admins now can select the log format when configuring the log-forwarding configuration

VMware Cloud Disaster Recovery (VCDR) Log Support

Forward VCDR event logs to vRealize Log Insight Cloud and analyze event logs related to protection, recoverability, and user interactions. You can forward VCDR logs within a specific time range in the past, from a time starting in the past to the present, from a time in the past going forward, or from the present moving forward.

Handle Conflicting Fields

There are certain fields like  “id”, “timestamp”, “log_timestamp”, and “_version_” that vRealize Log Insight Cloud uses for internal processing. If such fields are detected during log ingestion, they conflict with the internal fields, resulting in some of the logs being dropped. To prevent this issue, logs with such fields are now appended with “_message_payload” .

Try out vRealize Log Insight Cloud

If you’re not already using vRealize Log Insight Cloud, check out our free 30-daytrial. To learn more about how to use Log Insight Cloud, please check out

Related Articles

What’s New in vRealize Log Insight Cloud – July 2022

 

Leave a Reply

Your email address will not be published. Required fields are marked *