Search the VMware Knowledge Base (KB)
View by Article ID

Installation and Use of App Volumes Log Collection (2148180)

  • 0 Ratings

Purpose

This article describes how to install and use Log Collection with App Volumes.

 

Resolution

Introduction

Currently, no method exists to collect Agent and Manager logs to a central location.

With the log collector, every agent and manager will periodically push their log files to a fileshare.

To start collecting logs, depending on the bit version, every Agent and Manager will call a bat file located at either:

  • C:\Program Files (x86)\CloudVolumes\DctLogCollector\support.bat (32-bit)
  • C:\Program Files\CloudVolumes\DctLogCollector\support.bat (64-bit)

The Agent and Manager are configured to periodically push the log files to a fileshare. If you need to manually collect logs, running the .bat file alone would also push log files to the fileshare.

Configuration of the Log Fileshare

To make the Agent and Manager aware of the fileshare, configure the Log Fileshare in the following way:
 
  • To create a Log Fileshare, go to http://localhost/log_fileshares/new and input these fields: 

    Log Fileshare Host name

    This is host and folder name for your Log Fileshare.

    For example, //10.33.99.231/uem/logs (Ensure that your path ends with a logs folder) 

    Log Fileshare Username

    Username of the Log Fileshare

    Log Fileshare Password

    Password of the Log Fileshare

    Log Fileshare Domain

    Domain of the Log Fileshare

    Log Fileshare Agent Time

    The agent will periodically push log files to the fileshare. This parameter will help in setting how much time delay is required. Time is denoted in minutes.

    Is Active

    Use to activate and deactivate the collection of Log Fileshares. The default is that the Log Fileshare collection is activated.


  • To edit a Log Fileshare, go to http://localhost/log_fileshares/edit.
  • To view and delete current Log Fileshare, go to http://localhost/log_fileshares.

Note: Currently, every setup can have only one Log Fileshare.

Agent log collection

The Agent will request for the Log Fileshare credentials by sending a GET request to:

manager’s_ip_address/log_fileshares/active.

After the Agent gets these details, the Agent will run the log collector periodically based on the time configured.

Manager log collection

The Manager has a ruby job running called collect_logs which will periodically call the support.bat file with the required parameters.

To configure the time for the manager to collect logs, change the duration in the clock.yml file. Currently, the Manager logs are collected every 12 hours.
 

Switching off log collection

To deactivate log collection, uncheck the Is active checkbox in the Log Fileshare configuration page.

Running batch scripts on Agents and Managers

In Windows, no setup is required. The bat script is shipped with the Agent and Manager images. To collect Agent logs, ensure https is enabled; otherwise, this feature will be turned off in the Agent.

Note: The bat script needs administration privileges to run.

The bat script can be run from C:\Program Files (x86)\CloudVolumes\DctLogCollector\support.bat.

Parameters for support.bat

Description

-destination

Destination of the log files on the machine

-fhhost

Location of the folder on hostname of the fileshare

For example, \\xx.xx.xx.xx\logs (Ensure that the folder named logs exists)

-fhuname

Username of the fileshare owner

-fhdomain

Domain under which the fileshare is located

-fhpwd

Password of the username for the fileshare owner



Example of running the script:

support.bat -destination C:\Logs -fhhost \\10.33.99.231\uem\logs -fhdomain domain -fhuname username -fhpwd password

After log collection

After collecting logs to a central fileshare, these steps are carried out:

  1. Fluentd parses and filters these log files and routes them to ElasticSearch for real-time data analysis and Amazon S3 for archiving.
  2. ElasticSearch indexes real-time data, and Kibana is used to reveal insight from this data.
  3. The rule-based engine is a Key-Value pair engine. Key is the pattern to match, and Value is the action to take. The action can be a command line script, a python script, email or a slack message.
  4. https://github.com/Yelp/elastalert- The rule engine being used for rule-based engines.

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 0 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.

What can we do to improve this information? (4000 or fewer characters)




Please enter the Captcha code before clicking Submit.
  • 0 Ratings
Actions
KB: