HP OneView for VMWare vCenter Log Insight User Guide (1.0)

1 Introduction

HP OneView for VMware vCenter Log Insight (also known as HP OneView for vCenter Log Insight)

provides log aggregation and indexing with search and analytics capabilities.

HP OneView for vCenter Log Insight collects, imports, and analyzes logs to provide information

related to systems, services, and applications.

Aggregation

Fields that are extracted from log data can be used for aggregation. This is similar to the functionality

that GROUP-BY queries provide in a relational database or pivot-tables in Microsoft Excel. The

difference is that there is no need for extract, transform, and load (ETL) processes and HP OneView

for vCenter Log Insight scales to any size of data.

You can generate aggregate views of the data and identify specific events or errors without having

to access multiple systems or applications. For example, while viewing an important system metric,

the number of errors per minute, you can drill down to a specific time-range of events and examine

the errors that occurred in the environment.

Runtime field extraction

Raw log data is not always easy to understand, and you might need to process some data to

identify the fields that are important for searching and aggregation. HP OneView for vCenter Log

Insight provides runtime field extraction to address this problem. You can dynamically extract any

field from the data by providing a regular expression. The extracted fields can be used for selection,

projection, and aggregation, similar to how the fields that are extracted at parse time are used.

Dashboards

You can create dashboards of useful metrics that you want to monitor closely. Any query can be

turned into a dashboard widget and summarized for any range in time. You can check the

performance of your system for the last five minutes, hour, or day. You can view a breakdown of

errors by hour and observe the trends in log events.

4 Introduction