Monitoring VMWare ESXi with the ELK Stack

Monitor anything; this is what fills your head after playing with Elasticsearch, Logstash and Kibana.

ELK Stack, meet VMWare Server.  Since VMWare’s ESXi runs on some Linux kernel, it shares the logging facilities we’re familiar with on Linux systems.  Going about forwarding syslog messages to a remote box is a bit different thou.  Luckily, VMWare’s Knowledge Base is very thorough if you know where to look.

Monitoring With Collectd And Kibana


In this post, I am will be go over using the Collectd input on Logstash for gathering hardware metrics. For Logstash output, I am going to be using Elastcisearch. Logstash will allow us to centralize metrics from multiple computers into Elasticsearch. On top of Elasticsearch, I am using going to be using Kibana to display these metrics.

To this Kibana dashboard, we could add additional metrics for the processes taxing the system being monitored. This would effectively show a cause and effect story in one integrated dashboard.

Up And Running With Logstash


I want to talk about Logstash, a new-ish tool (to me) for managing computer logs. Logstash can easily collect logs from multiple computers or instances, transfer them to a central computer for aggregation and can even be used to parse and search these logs for analysis as they are handled. A mouthful indeed. Logstash is open-source software and is written in JRuby so it runs in the JVM. Running on the JVM has various advantages such as easy of deployment and wealth of tuning expertise available.

