12 Reasons Why You Should Use Log Insight

I have gone from agents to forwarders so next up is the Log Insight server! Why should you use Log Insight? Let me give you 12 reasons.

1. Return On Investment (ROI): How many logging products can you deploy, configure and find your first problem in as little as 15 minutes? I know of only one: Log Insight.
2. Ease of use: How many logging products can be used by any person in your organization regardless of technical expertise? I know of only one: Log Insight.
3. Minimal configuration required: Besides standard networking information and access to core services, Log Insight requires very little to operate even at scale. I recently blogged about the 12 reasons why you should use the ILB. If you read the post, you may remember that configuring the ILB required one IP address and two clicks — try to mimic that on an ELB (hint you can’t).
4. All the advanced features you expect and need: While Log Insight is easy to use and requires minimal configuration, it has all the features you would expect in an enterprise logging solution including: HA, forwarding, agents, machine learning, alerting and more.
5. Performance: For ingestion, Log Insight scales up and out as needed. For query, Log Insight is known for its first response time — how long it takes to see the first results from a query. Compared to other logging products, Log Insight has the fastest first response time hands down.
6. No CLI requirement: Many logging products require extensive use of and experience with a CLI. While many system administrators are comfortable with the CLI, it is unlikely that all members of an organization are. The result is a logging solution that cannot be fully leveraged throughout an organization and a need for personnel to handle requests on behalf of others to get the desired insight. With Log Insight, the GUI and APIs are the primary interfaces with the product so not only dedicated administrators, but also any user in your organization can harness the power of logs.
7. No proprietary query language requirement: Many logging products provide query capabilities, but require the use of a proprietary query language in order to leverage the query capabilities. Log Insight allows for natural-language querying with intuitive filtering, field extracting and dashboarding. No need to learn proprietary syntax, no need to read hundreds of pages of documentation.
8. Cost: No, Log Insight is not free, but compared to the competition Log Insight is the most cost-effective product on the market. In the case of Log Insight, you pay a one-time fee per OSI or Operating System Instance (think event originator) plus annual support. Log Insight does not care how much traffic each OSI generates. Remember, there is more to a product than just CapEx. Looking at OpEx, you can already see that Log Insight is easy to use, requires minimal configuration and does not depend on third-party applications (e.g. LB). In addition, Log Insight does not require use of a CLI, does not require the use of a proprietary query language and does not require a dedicated team to operate. The net result is an enterprise-level product at a consumer-level price point.
9. Best for VMware and great for everything else: Log Insight is the logging tool for VMware products. It offers integration with vSphere as well as vRealize Operations Manager, it comes with the free vSphere content pack that has deep knowledge about vSphere events, and the ability to do inventory mapping with you vSphere environment adding insight to events that would not otherwise exist. Not only is it best for your virtual environment, but also your infrastructure events, applications logs, security logs and more! Log Insight is capable of analyzing your entire SDDC environment!
10. Free content packs: Having a log collection and analysis tool is great, but having to dig through millions or even billions of events trying in many cases to find the needle in the haystack can be time-consuming and frustrating. Log Insight addresses this by providing free content packs, which are developed by subject matter experts, to highlight the events that you should pay attention to.
11. Frequent updates: While many enterprise products release new features once every 1-2 years, Log Insight releases a GA product every 6 months and a TP every 1-2 months. This means you get updates quicker and have the ability to test new features before they are available. To get access to the latest TP, register for a free account here.
12. You impact the product: Log Insight has an online community here where you can request new features and vote on existing features. Highly ranked features are prioritized for the next GA release.

© 2015, Steve Flanders. All rights reserved.