vRealize Log Insight provides highly scalable heterogeneous log management, it has more in which to perform the operation intuitive dashboards, comprehensive analysis and a wider range of third-party extensibility. It is also across physical, virtual and cloud computing environments provide in-depth insight into the operation and maintenance of information and speed up troubleshooting speed.
First, the main function of
a universal log collection and analysis of
all types of log data collection and use vRealize Log Insight analysis machine-generated. Administrators can all contents (operating systems (including Linux and Windows), applications, storage, firewall, network equipment, etc.), so that by log analysis to obtain enterprise-wide visibility of its application environment.
2, enterprise scalability
highly scalable, and is designed to handle all types of data generated by the machine design. Recent internal testing found, Log Insight than other industry-leading solutions to three times faster in the query test against 1 billion log message. The amount of data per node receives double, and can support up to 15,000 events per second per node.
3, intuitive graphical user interface, easy deployment
by means of intuitive GUI-based interface, users can easily run a simple search, interactive and in-depth analysis queries quickly gain insight into information, which can provide immediate value and improve IT efficiency. vRealize Log Insight automatically select the optimal display mode for your data, saving you valuable time.
4, built-in vSphere knowledge base
developed by VMware experts vRealize Log Insight comes with a built-in knowledge base and native support for VMware vSphere with Operations Management of. You can analyze the log other than the virtual infrastructure, and the use of a central log management solutions to analyze data across your IT environment.
5, integration with vRealize Operations
Integration with vRealize Operations platform operation and maintenance of the visibility and proactive management capabilities extended to infrastructure and applications. This integration will also unstructured data (such as log files) and structured data (such as metrics and key performance indicators) together.
Second, the deployment uses vRealize Log Insight
for the deployment vRealize Log Insight, the overall relatively easy, with a focus on the use of collected log analysis, the focus of this document is to deploy the use of, for specific log analysis please refer to other information. In addition, other configurations using the Document This document is different from what the teacher of writing, first introduced the overall function of use, re-introduce deployment.
1, vRealize Log Insight deployment requirements
VMware vSphere or later version 6.0;
if you use vRealize Log Insight cluster, configure DNS server;
log collection requires hard disk space, rational planning of hard disk space;
2, deployment vRealize Log Insight
Step 1, Log vRealize log Insight main interface universal dashboard, you can see the common log collection. 
Step 2, to view the general problem of the dashboard can see the problem log collected. 
Step 3, General dashboard view event type.
Step 4, the query universal dashboard state.
Step 5, see general dashboard vRealize Log Insight substituting _ management, please note that if there is no reason to collect log _ substituting the dashboard without content, the figure shows the virtual machine 2 mounted vRealize Log Insigh substituting _ management.
Step 6, and substituting vRealize Log Insight _ the same reason, please note that, if not collected syslog logs, which are not displayed in the dashboard, the figure shows the virtual machine 2 mounted vRealize Log Insight _ substituting Li.
Step 7. Check the dashboard VSAN related logs. 
Step 8, see the dashboard vRops related logs.
Step 9, see the dashboard vSphere related logs.
Step 10, view interactive analysis of events.
Step 11 to view the interactive analysis fields of the table.
Step 12 to view an interactive event trend analysis.
Step 14, Log Insight system interface statistics, statistics of the Log Insight monitor.
第15步,Log Insight系统群集界面,Log Insight支持多台虚拟机组成群集使用,特别注意,Log Insight群集要求3台Log Insight虚拟机以及配置使用DNS服务器,后续操作会介绍。
第16步,Log Insight监控的主机列表,Log Insight支持ESXI主机、vCenter Server、WINDOWS以及LINUX虚拟机等。
第17步,Log Insight支持虚拟机安装代_理进行监控。
第18步,Log Insight允许事件转发到其他平台,需要许可证支持。
第19步,添加许可证。
第20步,Log Insight支持配置与vSphere集成。
第21步,Log Insight支持与vROPS集成。
第22步,Log Insight常规邮件通知配置。
第23步,Log Insight时间配置,强烈推荐使用NTP服务器。
第24步,Log Insight支持配置SMTP。
第25步,Log Insight支持存档配置,相当于将日志导出,与事情转发一样,该功能需要许可证支持。
第26步,Log Insight支持第三方内容包收集日志。
第27步,查看已安装的通用监控收集包。
至此,Log Insight基本使用界面介绍完成,对于不同系统的日志分析请参考其他资料。接下来介绍如何部署单台Log Insight以及群集。
3、 部署单台Log Insight
第1步,Log Insight通过OVF模板进行部署,可访问VMware官方进行下载,目前最新版本是Log Insight 4.5。
第2步,命名Log Insight虚拟机。
第3步,选择Log Insight虚拟机运行的群集。
第4步,验证OVF模板信息。
第5步,接受用户许可协议。
第6步,配置虚拟机硬件信息,不同的环境Log Insight要求不同的CPU、内存等。
第7步,选择Log Insight虚拟机使用的存储。
第8步,选择网络。
第9步,配置网络具体参数。
Step 10 to complete the basic configuration OVF template.
Step 11, began deploying Log Insight virtual machine.
Step 12, the virtual machine power Log Insight opened, the system automatically deployed.
Step 13, after the Log Insight network deployment is complete, PING Virtual Machine.
Step 14 to view the Log Insight virtual machine-related information.
Step 15 to complete the Log Insight virtual machine deployment.
Step 16, using a browser to access the Log Insight virtual machine.
Step 17, you can choose a new deployment or cluster deployment.
Step 18, the configuration admin password Log Insight system.
Step 19, enter the Log Insight license.
Step 20 configure Log Insight system messages.
Step 21, the configuration Log Insight system time.
Step 22, the configuration SMTP.
Step 23, Log Insight deployed.
Step 24, after deployment can choose to import data log.
Step 25 configure Log Insight integrated with vSphere.
Step 26, the configuration and integration Log Insight vROPS.
Step 27, the configuration permits, pay attention to the evaluation version can not be converted to 25 free version.
Step 28, add the license.
Step 29, and then deploy a virtual machine Log Insight join an existing deployment.
Step 30, the system prompts new Log Insight joins the cluster allowed to join.
The first step 31, suggesting a new Log Insight virtual machine after adding, NTP and DNS configuration, while warning Log Insight does not support dual node, still need to add another Log Insight.
Step 32, confirmed Log Insight NTP virtual machine configuration.
Step 33, NTP, DNS problem is solved.
Step 34, and then deploy a virtual machine Log Insight joins the cluster, solve all the problems.
35th step, view system monitoring information, you can see three Log Insight virtual machine.
Step 36, Log Insight recommend the use of virtual cluster _IP visit.
Step 37, to complete the Log Insight _IP virtual configuration.
38th step, using a virtual IP corresponding FQDN access Log Insight.