Can VMware out Splunk, Splunk?
As server virtualization has been
shrinking the hardware footprint of the modern data center via consolidation
efforts, it's had the opposite effect on the amount of data being created and
analyzed on a regular basis coming from the various devices: servers, desktops,
virtual machines, operating systems, and applications that live behind the data
center walls. Over the last few years, that data has grown exponentially
-- and the need to analyze that data has grown with it. But at the same time, because of the data volume
and distribution, it's become overly complicated to make any sense of it.
Getting visibility into what's going on
inside this virtual environment is no easy task. And that's where VMware vCenter Log
Insight 2.0 comes into play.
aren't familiar with vSphere Log Insight, it is VMware's solution for log
management and analytics of dynamic hybrid cloud environments. The product
analyzes large amounts of unstructured machine generated log data, and provides
deep, enterprise-wide visibility. It also provides interactive, real-time
search and analytics of that data in a meaningful way so that IT users can
identify and analyze the data, then use that intelligence to proactively enable
service levels and operational efficiencies across dynamic hybrid cloud
product debuted back in June 2013, as a result of VMware's August 2012
acquisition of a company called Pattern Insight. But with a quick
development push, VMware has been able to iterate on the product in a
non-typical fashion... coming out with new versions and new features on what
seems like a fairly rapid pace.
virtualization giant is also coming up against some stiff competition, in a
crowded market space with competitors who have been around for a much longer
period of time... companies like Loggly, LogRhythm, SolarWinds, Splunk, and
Sumo Logic come to mind.
But VMware has a couple of things going
for it -- chief among them, they are analyzing their own product's log files,
so there should be some corporate insight here. And secondly, they
already have a ready-made consumer and community base from which to draw from,
so they simply need to get the word out to these people that this type of
product exists and is available to them.
According to Bill Roth, group product
line marketing manager at VMware, the new version is also faster than its
predecessors at ingesting and analyzing the log data. He added, the data from across an organization
can now be ingested 30 percent faster than with the original 1.0 release.
Some of the other interesting new
features in version 2.0 that will help VMware make the splash they
- Intelligent Grouping - A new
machine learning-based technology that automatically groups related data to
help administrators spot problems more rapidly and reduce time-to-resolution;
- Query Performance - 6x
faster query performance than the market leading solution will improve productivity
levels of administrators and IT operations teams;
Data Ingestion - 8x
faster data collection over VMware vCenter Log Insight 1.5 can speed insight
into more of customers' physical, virtual and cloud environments;
Data Visualization - New
data visualization capabilities in the form of tables and chart types will
provide administrators with increased options for analyzing unstructured log
Extensibility - A new
native Microsoft Windows agent will collect logs from Windows-based desktops
and servers, enabling customers to now capture and analyze log data across all
VMware is continuing to push what I
believe is one of the more interesting features around the Log Insight product
- Content Packs, which are delivered by third-party
companies, partners, consumers and community members.
The one drawback that I've identified
thus far is that the community uptake seems to be a bit on the slow side. With the Log Insight 1.5 release
, VMware launched out of
the gate with 12 publicly available Content Packs. But with the 2.0 release, they have announced
only four new packs -- One for Brocade Fibre Channel storage area networks
(SANs) and three others focused on Microsoft technologies: Microsoft Active
Directory, Microsoft Exchange and Microsoft Windows.
The new Microsoft Windows agent is
another welcomed addition to Log Insight 2.0, making it easier for VMware users
to collect and analyze log file information from Windows machines. The agent is lightweight, a small MSI file
that can be widely deployed and it gives VMware an end-to-end log visibility
capability without the need for third-party support.
VMware vCenter Log Insight 2.0 is available for download here via a public beta program today. It is
expected to be available in Q2 2014. To be notified when VMware vCenter Log
Insight 2.0 is available, sign up at: http://eepurl.com/T_nen
VMware vCenter Log Insight 2.0 is priced $200 per operating system
instance with no log data size limits offering customers a predictable pricing
model and no price penalty for storing more log data. It is also now available
for $1,500 per CPU.
Go to VMware vCenter Log Insight