VMware Cloud Providers offer a wide variety of different service offerings to their customers. This extensive list of potential offerings changes regularly in the fast moving cloud marketplace and the market will continually develop and evolve to meet the needs of a whole range of industries. For example, one service provider might specialize in providing services exclusively designed for the gaming industry or financial services, while another might target secure government customers for their service offerings. In addition, as well as targeting specific industries, VMware Cloud Providers are likely to offer a wide range of tier levels of cloud management services ranging from simply providing floor-space and power in a data center (perhaps in a dedicated cage), to a fully managed cloud service with a dedicated operational team for specific customers. The line of demarcation between provider and consumer will likely lay somewhere between these two examples.

That being the case, what if there is a design requirement for a specific service offering to provide access to host and other device syslog information directly to the service consumer for troubleshooting, security, or simply informational purposes? The specific design required to meet this architectural requirement would depend very much on the design factors for the explicit use case. For example, an architect or solution designer would need to consider:

Based on questions like these, it is possible to conceive of a number of different design scenarios. The remainder of this section details two possible scenarios for which a service provider delivers services.

Scenario A employs the built-in functionality provided by most devices, that is, ability to send syslog messages to two or more independent targets. In this example, ESXi hosts are configured to send syslog messages to two separate instances, consumer and provider, with the consumer instance possibly residing within the consumer’s organizational virtual data center. Note that some devices, such as VMware ESXi 4.x, support only a single syslog target.

Scenario B vRealize Log Insight Forwards are being employed to forward syslog event messages to the secondary consumer instance. This has the advantage of allowing the provider to filter messages before they are forwarded.

 

In addition to these two scenarios, vRealize Log Insight supports multi-tenant logging, in which you can control who sees what data. Through the built-in role-based access control (RBAC) mechanism, it is possible to control access to data sets, dashboards, interactive analytics, and administrative tasks. By configuring data sets, a static filter can be assigned to roles. Defining one or more static filters to restrict data helps provide the user interface restrictions that control what people can see and do in vRealize Log Insight.