Using Foglight for Infrastructure
Host availability alerting
Virtual hosts and reported metrics
Exploring the Infrastructure Environment dashboard
Monitoring log files with Foglight Log Monitor
Accessing the Infrastructure dashboard
Selecting a service
Running a report for the Infrastructure Environment
Exploring the Monitoring tab
Exploring monitored hosts
Exploring the FAQ Question Viewer
Exploring the Administration tab
Using Foglight for Infrastructure agents
Using the PowerVM HMC agent
Using the UnixAgentPlus
Monitoring remote hosts
Deploying Foglight for Infrastructure agents
Creating agent instances
Defining credentials
Activating the agent
Monitoring the infrastructure
Adding a monitored host
Adding multiple monitored hosts
About the WindowsAgent
About the UnixAgentPlus
About the UnixAgent
About the MultiHostProcessMonitorAgent
Configuring monitoring agents
Investigating log records
Configuring agent properties
Monitoring IBM PowerVM environments
Configuring File Log Monitor agent properties
Configuring connections to remote Windows platforms
Monitored Hosts
Log Files
File Formats
Record Transformations
Data Collection Scheduler
FileLogMonitor configuration example
Configuring Windows Event Log Monitor agent properties
Before you begin
Managing PowerVM HMC agents
Advanced system configuration and troubleshooting
Reference
Configuring HMC user accounts
Configuring PowerVM HMC agent credentials
Creating PowerVM HMC agents
Reviewing and editing PowerVM HMC agent properties
Monitoring your PowerVM environment
Exploring the Infrastructure Environment dashboard
Investigating the collective use of all HMC resources
Viewing HMC details
Identifying top consumers of managed server resources
Viewing individual managed server details
Identifying top consumers of PowerVM partition resources
Viewing individual PowerVM partition details
Identifying top consumers of PowerVM virtual I/O server resources
Viewing individual PowerVM VIOS details
Investigating additional managed server, partition, and VIOS details
Exploring PowerVM partition and PowerVM VIOS overviews
Exploring managed server profiles
Investigating the use of PowerVM partition and VIOS processor resources
Investigating the use of PowerVM partition and VIOS memory resources
Exploring processor, memory, and storage breakdowns
Investigating volume-based storage pools
Exploring top resource analyzers
Exploring PowerVM VIOS network summaries
Drilling down on shared network adapters
Drilling down on physical and virtual network adapters
Investigating object dependencies
Reviewing frequently asked questions
Foglight for Infrastructure views
Foglight Log Monitor views
Rules
Metrics
Appendix: Building regular expressions in Foglight
AIX metrics
HP-UX metrics
Linux metrics
Solaris metrics
Windows metrics
AIXHostDetails topology object
AIXMemoryDetails topology object
AIXPhysicalCPUUsage topology object
AIXUsedMemoryDetails topology object
CPUCounts topology object
Host topology object
HostCPUs topology object
HostNetwork topology object
HostProcess topology object
HostProcessInstance topology object
HostService topology object
HostTopProcessEntry topology object
LPARNetworkInterfaceDetails topology object
LPARPhysicalDiskDetails topology object
LogicalDisk topology object
MSCluster topology object
MSClusterNode topology object
MSClusterResource topology object
MSClusterResourceGroup topology object
MSHostedResourceGroup topology object
Memory topology object
NetworkInterface topology object
NetworkInterfaceDetails topology object
NixHostProcessInstance topology object
OperatingSystem topology object
PhysicalDisk topology object
PowerVMVIOS topology object
PowerVMVIOSCPUs topology object
PowerVMVIOSMemory topology object
PowerVMVIOSNetwork topology object
PowerVMVIOSStorage topology object
Processor topology object
WinHostProcessInstance topology object
Event Logs
The Event Logs properties allow you to specify the Windows Event Logs and the type of records you want to monitor.
|
• |
Event Logs to Monitor: A list specifying the types of Windows Event Logs monitored by this agent. Each entry in the list includes the following column: |
|
• |
Event Log Name: The name of the Windows Event Log whose files you want to monitor with this agent. This value must be identical to the Full Name value, seen in the Log Properties dialog box. To find out an event log name, in the Event Viewer, right-click a Windows Log, choose Properties from the shortcut menu, and look for the Full Name property in the dialog box that appears. |
|
• |
Event Log Filters: A list specifying the types of Windows Event Log entries that you want to monitor with this agent. Using this list you can configure the agent to include and exclude specific entries from its collections using Include and Exclude commands, as required. By default, the agent does not collect any data unless configured to do so. For example, instructing the agent to exclude certain log types from its collections, without specifying which types of log items to include, prevents the agent from collecting any data from Windows Event Logs. |
|
NOTE: For log filters that signify “any” (that is, you do not want to filter on this property), the User, Source, Category, and Event Description properties should all have a value of “*”, and the EventID property should have a value of “0”. |
|
• |
Include/Exclude: Instructs the agent to include or exclude certain types of logs from its collections. |
|
• |
Type: The Windows severity level: *(All), Information, Warning, Error, Success Audit, or Failure Audit. For more information about these levels, see your Windows documentation. |
|
• |
User: The name of the user who initiated the Windows Event. |
|
• |
Source: The name of the Windows Event Log to which the event is published. |
|
• |
|
• |
EventID: The Windows Event ID. For more information about Windows Event IDs, see your Windows documentation. |
|
• |
Event Description: The description of the Windows event. |
|
• |
Tags: The tag associated with the record, as specified in the agent properties. |
|
• |
Event Throttle Count: When set, this ensures that one event in every count (the event log entry occurrence that the filter applies to) is submitted to the Management Server. If the count is one or less, then every event log entry occurrence is submitted and no throttling is done. The default is zero ‘0’. |
|
• |
Event Throttle Duration (seconds): This value represents the duration in seconds for the throttle count to be applied. When set, the throttle count is applied within a duration. After the duration expires, the throttling restarts from the beginning regardless of the current throttle state. If the count is one or less, then only one event log entry the filter matches is submitted within the specified duration. If the count is larger than one, then only one in every count (the event log entry occurrence that the filter matches) is submitted, and the agent starts counting pattern matches from zero after the duration. The default value is zero '0', which means the duration is not applied. |
|
NOTE: The Event Throttle Count and Event Throttle Duration (seconds) properties only apply to INCLUDE-type filters (and not EXCLUDE-type filters), since throttling is necessary only if a message is being included (and submitted). |
|
• |
Event Log Severity: A mapping that specifies how Windows Event Log severities relate to Foglight severity levels. A default agent installation includes a complete mapping. You can make changes to it when configuring Windows Event Log Monitor Agent instances, if required. |
Record Transformations
The Record Transformations properties allow you to transform any log message before it is sent to the Management Server. This could be used to add extra information or to remove sensitive information from a log record.
|
• |
Record Transformations: A list of record transformations that the agents must use in conjunction with the match patterns to convert any log messages. When no transformation is specified, the log record is transmitted to the Management Server without changes. |
|
• |
RegEx Record Transformation Pattern: A regular expression that the agent uses to look for specific text in the collected log record. |
|
• |
Record Transformation: The replacement text that the agent uses in the log record to be transmitted to the Management Server. |
Data Collection Scheduler
The Datacenter Collection Scheduler agent properties specify the data frequency settings the agent uses to read monitored log files.
|
• |
Collector Config: A list containing the data collectors the agent uses. Each entry in the list includes the following columns: |
|
• |
Collector Name: The name of the collector the agent uses to gather data. |
|
• |
Default Collection Interval: The number of milliseconds, seconds, minutes, hours, or days during which the agent collects data. |
|
• |
Time Unit: The time unit associated with the Default Collection Interval. |
|
• |
Fast-Mode Collection Interval: The number of milliseconds, seconds, minutes, hours, or days during which the agent collects data when working in the fast collection mode. |
|
• |
Fast-Mode Time Unit: The time unit associated with the Fast-Mode Collection Interval. |
|
• |
Fast-Mode Max Count: The maximum number of the times the agent can stay in fast collection mode. |
WindowsEventLogMonitor configuration example
This example provides the configuration settings for monitoring the “System” and “Application” Windows® event log files. Any records with a source value of Perflib are excluded from the monitoring, and only records that are of type Warning are included in the monitoring.