Here are some of the key highlights of vRealize Log Insight 8.4 that will help you leverage log data more quickly, accurately, and powerfully than ever before:
- Log Sources: You can now configure Fluentd to collect logs from various sources such as Docker, Kubernetes, Tanzu Kubernetes Grid, and OpenShift, and forward them to vRealize Log Insight. Fluentd is an open source log processor and forwarder, which lets you collect log data from different sources and enrich them with filters. It is the preferred choice for containerized environments such as Kubernetes. You can find the configuration steps for the Fluentd log sources within the vRealize Log Insight user interface.
- Log Masking: Your log data contains information that might be considered sensitive. Specific log messages may include user names, email addresses, URL parameters, and other information that you do not want to disclose. Log masking lets you mask any information by modifying the configuration that handles information you consider to be sensitive.
- Log Dropping: Sometimes, your infrastructure may generate a volume of log events that is too large or has significant fluctuations. In this situation, you may need to choose which logs to send to a log management solution, and which logs to drop. Log dropping lets you drop certain logs by modifying the appropriate configuration.
- Custom Webhooks: The vRealize Log Insight webhook connection is now available to send notifications from alerts to Slack and PagerDuty. You can also send notifications to custom webhooks by defining an appropriate payload.
- Archiving based on Partitions: Data archiving preserves old logs that might otherwise be removed from the vRealize Log Insight virtual appliance due to storage constraints. vRealize Log Insight can store archived data for data partitions in NFS mounts.
- Alert Management: With the upgraded alert management, you can see the entire list of alerts within the scope of your organization in one environment. Alerts are now organization-centric as opposed to being user-centric, which provides more flexibility to control organization alerts.
- Simplified Sizing with a New Sizing Calculator: Correctly sizing the vRealize Log Insight cluster is essential to achieve optimal performance when searching for and analyzing logs, and to ensure that a cluster has the required resources. The sizing calculator determines the required node size based on the types of servers and devices logging, the expected ingestion rate, and log retention requirements.
- NSX Security SKUs.
- Content pack updated: The following content packs have been updated:
- VMware NSX-v 4.2.1 (Updates related to fields extraction)
- VMware NSX-t v4.0.1 (Addition of new dashboard support “Unified Security Flow Logs” )
- VMware vRA 8.3+ (Support vRA 8.3+ product line)
- Microsoft IIS v3.4 (Improvement in “Setup Instruction” section to describe how to extract custom fields from logs.)
- VMware Horizon v4.0.1
- vSphere 8.4
- vRops v4.2
- vSAN (Support vSAN 70u2)
- Additional content packs validated:
- NPE Servers v1.1.1
- Mongo DB v2.4
- Solarwinds v1.1
- Oracle DB v1.1
- NPE Nimble v1.1
Documentation and Links: