Log Insight provides log management, aggregation and visual representation of events within both the physical and virtual network. It has the ability to manage the logs of thousands of distributed devices and systems and allow administrators a simplified portal for log management.
Log Insight just got an upgrade to version 2.5. My current pseudo-production environment was running 2.0 GA and I wanted to take advantage of the new features in 2.5 – namely the cluster load balancer and events trend analyser.
At a high level Log Insight supports the continuous ingestion of logs from a number of different platforms. It can take logs in and provide the ability to perform complex visual lookups, provide integrated regex lookup through logs, and graph events based on these logs. The architecture is quite simple and very powerful.
When Log Insight is upgraded the master node is logged into and upgraded first. The worker nodes continue having logs ingested.
Under the administration tab of Log Insight select the Appliance tab. Select Upload PAK.
Select your PAK file you want to upgrade with.
If you are running a single master node and no workers in your Log Insight environment you will need to accept a period of missing logs due to the downtime of the upgrade. If you are running a Log Insight cluster, the Master is upgraded first, which will only stop queries being run against logs. Ingestion of logs will still continue by the workers. Select upgrade.
Upload of the PAK begins.
After a period of time the Master is upgraded and you will see the current release and build number. Happy days.
VMware Log Insight is now upgraded to 2.5 – vRealize Log Insight.
If you are running a Log Insight Cluster you will need to drop the individual LI workers into maintenance mode and upgrade them. If your LI worker pool is protected by an external Load Balancer you will need to drop them from the Server Pool as well.
First Pause the worker. This will drop them into maintenance mode.
The green Upgrade icon appears. The worker is ready to be updated. This status will change to an amber signal stating upgrading. After a period of time this will have upgraded.
The more astute reader would have noticed a 2.0.1 worker being upgraded to 2.0.2. At this stage I am offline from my lab and had to borrow from my powerpoint deck!
With that, I have successfully upgraded my worker. I will put him back into the load-balancer pool. Repeat the process for all workers in the LI cluster and you will be running version 2.5.
Remember – LOG ALL THE THINGS!