Provides Graylog Dashboards for all Hypervisors, Storage performance, DVS Messages, Vmware version, Storage path failures, Host/Device Performance issues, Memory/CPU alerts, Last list of vmotions, MAC to DVS, VMware port group to hypervisor, Last login failures, Last successful logins, Last 2 hours guests attempting network sniffing, TOP LDAP users, and Vmware virtual machines recent changes by users all in a simple to use Dashboard competely customizable! To get the best benefit make sure your graylog instance is configured for syslog UDP, and make sure to use distributed switching within vmware! Have fun! Extractions using GROK, I've not had the time to change this to regex!
New: Cohesity Extractors and Dashboard for Backups
- Download content_pack.json and install it under System/Input Content Packs
- Download vmware_vcenter_extractors and import it under the System/Inputs/Manage extractors
- It is recommended to apply a dedicated bucket ports/syslog input for vmware to structure your data!
- Make sure you point your syslog for both hypervisors and vcenters, start receiving your data. View the Vmware Dashboard.
- Wait for your data to start coming in.
#Enable high port on graylog server iptables
TODO list migrate extractors to reg expression