Hello all, Texiwill, Roger Lund and Simon Shelston, and a few others, have shown great interest in helping the community get a proper grip of log management for VI3 (and of course, re-using the framework for vSphere).

Important note: anyone can use VIOPS to write their own view of how logging should be done - there is only one simple rule on VIOPS and that is all content must provide actionable guidance. Anyone can write a doc on VIOPS, there are no committees. There is a lightweight approval process that means when you write a doc on here and click "Submit for approval", then someone like me will get in touch and help you finish the doc. It's a friendly place, get stuck in!

The idea for how to document log management on VIOPS is to blend experience of our vExperts and VMware staff to produce a definitive guide to log management, as quoted on the front page of the Logging community. We want to help everyone using VI3 to be able to :

1) Understand what logs exist, where they are, their purpose - consider this a mapping exercise

2) How to manage the logs - like rotation, centralization, things like that

3) How to analyze the logs - what to watch for, what's safe to ignore, tools to use.

This will be a high quality effort if the VIOPS community pitches in... here's how you can help:

If you've ever had an issue associated with a logfile entry, and that had a resolution, then post it here

An example might be a SCSI bad code in /var/log/vmkernel - what was the code, what was the problem, how was it resolved? Is there a kb article for it?

The goal is to start at the top with the two documents below, then create a document for each log and build a red list (critical, watch for an action this!), orange list (warning, certainly capture and trend this), and black list (ignore this, developer diarrhea).

So from the doc ESX Server 3 Log Map, there are links to documents that form the red/orange/black lists for each component/log.

I'm kicking off efforts inside VMware to collate internal information, but the community input based on their experience will make this effort special and unique.

Thanks for reading, I hope you will contribute to this effort and help build the only VI3 community help index out there

Cheers - Steve

PS. Complementary to this effort is how to centralize and analyze the logs with tools like Splunk. If you have your own methods - please share. We don't need comprehensive installation details, just a high level approach for us to say "Oh THAT'S how you do it!"...