Skip to main content

VMware vRealize Log Insight

This page shows you how to configure log collection for VMware vRealize Log Insight and then forward your logs to Sumo Logic. VMware vRealize Log Insight is a log management and analytics tool.

Prerequisites

Before configuring log collection for vRealize, you must have completed the following:

  • Installed and configured vRealize Log Insight to retrieve logs from vCenter and ESXi hosts.

  • Installed a Sumo Logic collector on a VM (or an external machine), or rsyslog or syslog-ng, must be configured and reachable from the vRealize Log Insight host. To install a Sumo Logic collector, follow the Installed Collectors instructions.

Setting up vRealize Log Insight log collection

info

These instructions apply to vRealize Log Insight 8.0, may differ for earlier versions.

To set up vRealize Log Insight log collection for Sumo Logic, do the following:

  1. Sign in to vRealize Log Insight UI, and navigate to Management > Event Forwarding.
    vRealize_EventForwarding
  2. Add a new connection by clicking New Destination.
    vRealize_New-Destination
  3. In the Edit Destination dialog, specify the following information. Optionally, you can also add additional tags and also filter the events on this popup.
    note

    Select the Transport type as UDP if you are handling multiple messages.


    vRealize_Edit-Destination
  4. Test and Save the connection.
  5. Verify logs in Sumo Logic. The following is a sample log message of vRealize forwarded events.
    <167> 2019-12-15T13:08:16.441Z esxi1.esxlab.com Rhttpproxy: verbose rhttpproxy[2099567]
    [Originator@6876 sub=Proxy Req 07995] Resolved endpoint :
    [N7Vmacore4Http16LocalServiceSpecE:0x000000bef0b83650] _serverNamespace = /sdk action = Allow _port = 8307
Status
Legal
Privacy Statement
Terms of Use

Copyright © 2024 by Sumo Logic, Inc.