Browsed by
Category: VMware

When does “a little code” become “a lot of trouble”

When does “a little code” become “a lot of trouble”

During my career I’ve come from a technical background to a more strategic position and picked up several memorable lessons along the way.  One of those is especially relevant to me in my current role where I have to decide on pursuing a short-term fix (while pursuing the long-term solution) or have the disciple to go the long-term route without a workaround.  I’m personally biased towards the short-term fix, so it’s been a good lesson that has saved me trouble…

Read More Read More

Playing with Wavefront – Network Packet Loss

Playing with Wavefront – Network Packet Loss

Now that we know when an agent goes offline, let’s create a query to detect when our devices experience an increased rate of dropped packets. To do that we’ll create 2 queries, the first is our data on all dropped packets per source. [code language=”bash”] sum(mavg(5m,ts("net.drop.*", source="FQDN,sub.domain.com" )),sources) [/code] This value is represented with the blue line in the below chart. That’s great, but we want to detect a change in trends, not just alert on a static threshold. To…

Read More Read More

Playing with Wavefront – Missing Agents

Playing with Wavefront – Missing Agents

One of the first things that we need to detect when using Wavefront is if one of our endpoints goes silent. To do that, anyone can use the Query Wizard to create a basic alerting query. In this example I’m going to use the “system.uptime” metric as my base in the Alert Wizard’s magic sauce with a 1 minute time window. The Query Wizard shows me quite nicely that I’ve had a couple outages in the past.  But, if you…

Read More Read More

Getting Started – Wavefront by VMware – Queries

Getting Started – Wavefront by VMware – Queries

Ok, let’s chat about Wavefront’s UI and getting value from our data! This is the most user-friendly product that I’ve used for time series data! Let’s explore a quick example using disk space to showcase some of that functionality. Telegraf only sends raw values for: Total Space Free Space Used Space This is seen below where I have intentionally limited the results to a single host and single disk object. We have ~55 GB Total and ~30 GB Free. What…

Read More Read More

Getting Started – Wavefront by VMware – Telegraf Agents

Getting Started – Wavefront by VMware – Telegraf Agents

Wavefront, as a TSDB utilizes a wide range of Collectors to gather time series data from various devices. Most of these collectors utilize a, currently forked, version of the popular Telegraf Agent. A preview of this out-of-box functionality is shown below. This forked agent includes and Output Plugin for the Wavefront Protocol and the changes can be seen in the Github Pull Request which is currently in version 1.5 RC1 of the native Telegraf Agent! Once Telegraf 1.5 releases, there…

Read More Read More

Deploying vRealize Log Insight (vRLI) via API

Deploying vRealize Log Insight (vRLI) via API

I’ve finally gotten around to upgrading the vRLI Configuration Management and Audit Tool to handle the full deployment process as well as clustering! Let’s take it for a spin to see what the new features allow us to do! 1. First we need to deploy the vRLI VMs from OVA that can be downloaded from my.vmware.com. Once they have been fully booted and you see them serving the following webpage we can start. You can close your browser at this…

Read More Read More

Getting Fancy with Log Insight Alerting (aka. Monitoring DHCP pools via logs)

Getting Fancy with Log Insight Alerting (aka. Monitoring DHCP pools via logs)

Recently, I was asked about monitoring Microsoft DHCP IP Address Pools using Log Insight to alert when the pool was exhausted and DHCP requests were failing. There are a couple ways to do this, but I’d like to cover two as a demonstration of getting a bit fancy with your alert queries and it paying off big time! First off, Microsoft DHCP Servers write their events to a log file – at the end of the day…. so we can…

Read More Read More

vCloud Director Logging

vCloud Director Logging

I was recently asked how to go about configuring the Log Insight Agent with VMware vCloud Director and thought that I would take the time to document it here for anyone else who is interested. Logging in vCD is normally handled by log4j and configured by $VCLOUD_HOME/etc/log4j.properties.with the official KB located here. You should either use log4j OR the Log Insight Agent, but not both or you will have event duplication. Log4j ConfigurationFirst a quick overview of the log4j configuration.1….

Read More Read More

Early Boot Windows Debugging – Part 2 – Kernel Debugging over Serial

Early Boot Windows Debugging – Part 2 – Kernel Debugging over Serial

This post is a continuation of Part 1; I think I shall call it “Help, my ntbtlog.txt isn’t being written to disk and I’m flying blind” Ok, now I need more data because I’m not getting anywhere. Fortunately Windows still has the option to log kernel debugging over serial. A feature I wasn’t aware existed util today. That brings up the big question: how do I make that work on a VM and a physical device without a serial port?…

Read More Read More

Early Boot Windows Debugging – Part 1 – Basics

Early Boot Windows Debugging – Part 1 – Basics

I have a Windows Server 2012 VM that will not boot past the Windows splash screen but throws a BSOD with the error “SYSTEM_THREAD_EXCEPTION_NOT_HANDLED (NETIO.SYS). It’s been a long while since working on troubleshooting Windows (I primarily use CentOS) but here’s what I’ve found. I don’t have the solution yet but I’m recording some tidbits that I found so I will have them later. First a bit of preamble: 1. Advanced Boot Options – When you select “Enable Boot Logging”…

Read More Read More