VMware vSphere
This Elastic integration collects metrics and logs from vSphere/vCenter servers
Version | 1.16.1 (View all) |
Compatible Kibana version(s) | 8.15.2 or higher |
Supported Serverless project types | Security Observability |
Subscription level | Basic |
Level of support | Elastic |
Overview
vSphere is VMware's cloud computing virtualization platform, offering tools for managing virtualized data centers.
Use the vSphere integration to:
- Collect vSphere logs, along with datastore, host, and virtualmachine metrics for comprehensive monitoring and analysis.
- Create informative visualizations to track usage trends, measure key metrics, and derive actionable business insights.
- Set up alerts to minimize Mean Time to Detect (MTTD) and Mean Time to Resolve (MTTR) by quickly referencing relevant logs during troubleshooting.
Data streams
The vSphere integration collects logs and metrics.
Logs help you keep a record of events that happen on your machine. The Log data stream collected by vSphere as integration is log.
Metrics give you insight into the statistics of the vSphere. The Metric data stream collected by the vSphere integration are cluster, datastore, datastorecluster, host, network, resourcepool and virtualmachine so that the user can monitor and troubleshoot the performance of the vSphere instance.
Data Streams:
log: This data stream collects logs generated by VMware vSphere using a syslog daemon.cluster: This data stream collects metrics from VMware vSphere, such as lists of datastores, hosts and networks associated with cluster.datastore: This data stream gathers datastore metrics from VMware vSphere, including performance statistics such as capacity, usage, read/write operations, latency, and throughput.datastorecluster: This data stream gathers metrics for datastore clusters from VMware vSphere, including statistics like cluster capacity and available free space. Additionally, it provides information about the individual datastores that comprise the cluster.host: This data stream collects host metrics from VMware vSphere, including performance statistics such as CPU usage, memory usage, disk I/O, and network activity.resourcepool: This data stream collects metrics from VMware vSphere, such as CPU and memory usage, CPU and memory reservation, and CPU and memory limit.virtualmachine: This data stream gathers virtual machine metrics from VMware vSphere, including performance statistics such as status, uptime, CPU usage, memory usage, and network activity.network: This data stream gathers metrics and status information related to VMware vSphere networks, including network accessibility, connected hosts and virtual machines, configuration health, and network type.
Important Note
- Users can monitor and see the log inside the ingested documents for vSphere in the
logs-*index pattern fromDiscover, and for metrics, the index pattern ismetrics-*. - Supported Periods:
- Real-time data collection – An ESXi Server collects data for each performance counter every 20 seconds by default.
- The Datastore and Host datastreams support performance data collection using the vSphere performance API.
- Since the performance API has usage restrictions based on data collection intervals, users should ensure that the period is configured optimally to receive real-time data. Users can still collect summary metrics if performance metrics are not supported for the configured instance.
- Period configuration can be determined based on the Data Collection Intervals and Data Collection Levels.
Prerequisites
You can store and search your data using Elasticsearch and visualize and manage it with Kibana. We recommend using our hosted Elasticsearch Service on Elastic Cloud or self-managing the Elastic Stack on your own hardware.
Compatibility
This integration has been tested and verified against VMware ESXi and vCenter version 7.0.3.
Setup
For step-by-step instructions on how to set up an integration, see the Getting started guide.
Logs reference
Log
This is the log data stream. This data stream collects logs generated by VMware vSphere using a syslog daemon.
Note:
- To collect logs, a syslog daemon is used. First, you must configure the listening host/IP address (default: localhost) and host port (default: 9525) in the integration. Then, configure vSphere to send logs to a remote syslog host and provide the configured hostname/IP and port of the Elastic Agent host.
An example event for log looks as following:
{
"@timestamp": "2021-09-06T14:40:05.753Z",
"agent": {
"ephemeral_id": "c4a1df82-7a9c-4a3e-8546-6d7cc04538e6",
"id": "5096d7cc-1e4b-4959-abea-7355be2913a7",
"name": "docker-fleet-agent",
"type": "filebeat",
"version": "8.8.1"
},
"data_stream": {
"dataset": "vsphere.log",
"namespace": "ep",
"type": "logs"
},
"ecs": {
"version": "8.11.0"
},
"elastic_agent": {
"id": "5096d7cc-1e4b-4959-abea-7355be2913a7",
"snapshot": false,
"version": "8.8.1"
},
"event": {
"agent_id_status": "verified",
"dataset": "vsphere.log",
"ingested": "2023-06-29T08:05:57Z",
"original": "<14>1 2021-09-06T14:40:05.753710+00:00 vcenter applmgmt-audit - - - 2021-09-06T14:40:05.753: INFO AuthorizationResponse = { authorized=True, method=LOCAL }",
"timezone": "+00:00"
},
"host": {
"architecture": "aarch64",
"containerized": false,
"hostname": "docker-fleet-agent",
"id": "d08b346fbb8f49f5a2bb1a477f8ceb54",
"ip": [
"172.23.0.7"
],
"mac": [
"02-42-AC-17-00-07"
],
"name": "vcenter",
"os": {
"codename": "focal",
"family": "debian",
"kernel": "5.10.104-linuxkit",
"name": "Ubuntu",
"platform": "ubuntu",
"type": "linux",
"version": "20.04.6 LTS (Focal Fossa)"
}
},
"input": {
"type": "udp"
},
"log": {
"level": "INFO",
"source": {
"address": "172.23.0.4:59146"
},
"syslog": {
"priority": 14
}
},
"message": "AuthorizationResponse = { authorized=True, method=LOCAL }",
"process": {
"name": "applmgmt-audit"
},
"tags": [
"preserve_original_event",
"vmware-sphere"
]
}ECS Field Reference
Please refer to the following document for detailed information on ECS fields.
Exported fields
| Field | Description | Type |
|---|---|---|
@timestamp | Event timestamp. | date |
data_stream.dataset | Data stream dataset. | constant_keyword |
data_stream.namespace | Data stream namespace. | constant_keyword |
data_stream.type | Data stream type. | constant_keyword |
event.dataset | Event dataset | constant_keyword |
event.module | Event module | constant_keyword |
host.containerized | If the host is a container. | boolean |
host.os.build | OS build information. | keyword |
host.os.codename | OS codename, if any. | keyword |
hostname | Hostname from syslog header. | keyword |
input.type | Type of Filebeat input. | keyword |
log.source.address | Source address of the syslog message. | keyword |
process.program | Process from syslog header. | keyword |
vsphere.log.api.invocations | long | |
vsphere.log.datacenter | keyword | |
vsphere.log.file.path | keyword |
Metrics reference
Note:
- To access the metrics, provide the URL https://host:port/sdk in the "Add Integration" page of the vSphere package.
Cluster
Clusters in vSphere represent a group of ESXi hosts working together to optimize resource allocation, ensure high availability, and manage workloads efficiently.
An example event for cluster looks as following:
{
"@timestamp": "2024-09-19T05:44:00.800Z",
"agent": {
"ephemeral_id": "676a770b-a207-4fec-99d4-e82377578711",
"id": "6b430ae3-0bdb-4d5c-b60d-a02f54e770e5",
"name": "elastic-agent-47605",
"type": "metricbeat",
"version": "8.15.2"
},
"data_stream": {
"dataset": "vsphere.cluster",
"namespace": "93141",
"type": "metrics"
},
"ecs": {
"version": "8.11.0"
},
"elastic_agent": {
"id": "6b430ae3-0bdb-4d5c-b60d-a02f54e770e5",
"snapshot": true,
"version": "8.15.2"
},
"event": {
"agent_id_status": "verified",
"dataset": "vsphere.cluster",
"duration": 17059144,
"ingested": "2024-09-19T05:44:03Z",
"module": "vsphere"
},
"host": {
"architecture": "x86_64",
"containerized": true,
"hostname": "elastic-agent-47605",
"id": "57723763cd1b4ff48e54a505de4ebe6c",
"ip": [
"192.168.244.4",
"192.168.245.2"
],
"mac": [
"02-42-C0-A8-F4-04",
"02-42-C0-A8-F5-02"
],
"name": "elastic-agent-47605",
"os": {
"codename": "focal",
"family": "debian",
"kernel": "4.18.0-348.7.1.el8_5.x86_64",
"name": "Ubuntu",
"platform": "ubuntu",
"type": "linux",
"version": "20.04.6 LTS (Focal Fossa)"
}
},
"metricset": {
"name": "cluster",
"period": 20000
},
"service": {
"address": "https://svc-vsphere-metrics:8989/sdk",
"type": "vsphere"
},
"tags": [
"vsphere-cluster"
],
"vsphere": {
"cluster": {
"datastore": {
"count": 1,
"names": "LocalDS_0"
},
"host": {
"count": 3,
"names": [
"DC0_C0_H0",
"DC0_C0_H1",
"DC0_C0_H2"
]
},
"name": "DC0_C0",
"network": {
"count": 3,
"names": [
"DC0_DVPG0",
"DVS0-DVUplinks-9",
"VM Network"
]
}
}
}
}ECS Field Reference
Please refer to the following document for detailed information on ECS fields.
Exported fields
| Field | Description | Type | Metric Type |
|---|---|---|---|
@timestamp | Event timestamp. | date | |
agent.id | keyword | ||
cloud.account.id | The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. | keyword | |
cloud.availability_zone | Availability zone in which this host, resource, or service is located. | keyword | |
cloud.instance.id | Instance ID of the host machine. | keyword | |
cloud.provider | Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean. | keyword | |
cloud.region | Region in which this host, resource, or service is located. | keyword | |
container.id | Unique container id. | keyword | |
data_stream.dataset | Data stream dataset. | constant_keyword | |
data_stream.namespace | Data stream namespace. | constant_keyword | |
data_stream.type | Data stream type. | constant_keyword | |
host.name | Name of the host. It can contain what hostname returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | |
service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | |
vsphere.cluster.alert.names | List of all the alerts on this Cluster. | keyword | |
vsphere.cluster.das_config.admission.control.enabled | Indicates whether strict admission control is enabled. | boolean | |
vsphere.cluster.das_config.enabled | Indicates whether vSphere HA feature is enabled. | boolean | |
vsphere.cluster.datastore.count | Number of Datastores associated with the cluster. | long | gauge |
vsphere.cluster.datastore.names | List of all the Datastore names associated with the cluster. | keyword | |
vsphere.cluster.host.count | Number of Hosts associated with the cluster. | long | gauge |
vsphere.cluster.host.names | List of all the host names associated with the cluster. | keyword | |
vsphere.cluster.name | Cluster name. | keyword | |
vsphere.cluster.network.count | Number of Networks associated with the cluster. | long | gauge |
vsphere.cluster.network.names | List of all the Network names associated with the cluster. | keyword | |
vsphere.cluster.triggered_alarms.description | Description of the alarm. | keyword | |
vsphere.cluster.triggered_alarms.entity_name | Name of the entity associated with the alarm. | keyword | |
vsphere.cluster.triggered_alarms.id | Unique identifier for the alarm. | keyword | |
vsphere.cluster.triggered_alarms.name | Name of the alarm. | keyword | |
vsphere.cluster.triggered_alarms.status | Status of the alarm. | keyword | |
vsphere.cluster.triggered_alarms.triggered_time | Time when the alarm was triggered. | date | |
vsphere.cluster.warning.names | List of all the warnings on this Cluster. | keyword |
Datastore
This is datastore data stream. This data stream collects datastore metrics from VMware vSphere, including performance statistics such as capacity, usage, read/write operations, latency, and throughput.
An example event for datastore looks as following:
{
"@timestamp": "2024-09-02T10:04:25.122Z",
"agent": {
"ephemeral_id": "4da294a3-ad54-47f4-92c7-544e1356a0d8",
"id": "b01ab3cf-51ad-4c4d-87bd-fc2d4aa59d8a",
"name": "elastic-agent-76236",
"type": "metricbeat",
"version": "8.16.0"
},
"data_stream": {
"dataset": "vsphere.datastore",
"namespace": "86691",
"type": "metrics"
},
"ecs": {
"version": "8.11.0"
},
"elastic_agent": {
"id": "b01ab3cf-51ad-4c4d-87bd-fc2d4aa59d8a",
"snapshot": true,
"version": "8.16.0"
},
"event": {
"agent_id_status": "verified",
"dataset": "vsphere.datastore",
"duration": 190147614,
"ingested": "2024-09-02T10:04:27Z",
"module": "vsphere"
},
"host": {
"architecture": "x86_64",
"containerized": true,
"hostname": "elastic-agent-76236",
"id": "e744630f9d4f43dc818e497d221bd0b2",
"ip": [
"172.18.0.4",
"172.21.0.2"
],
"mac": [
"02-42-AC-12-00-04",
"02-42-AC-15-00-02"
],
"name": "elastic-agent-76236",
"os": {
"codename": "focal",
"family": "debian",
"kernel": "5.15.153.1-microsoft-standard-WSL2",
"name": "Ubuntu",
"platform": "ubuntu",
"type": "linux",
"version": "20.04.6 LTS (Focal Fossa)"
}
},
"metricset": {
"name": "datastore",
"period": 10000
},
"service": {
"address": "https://svc-vsphere-metrics:8989/sdk",
"type": "vsphere"
},
"vsphere": {
"datastore": {
"disk": {
"capacity": {
"usage": {
"bytes": 520505786368
},
"bytes": 1610344300544
},
"provisioned": {
"bytes": 520505786368
}
},
"capacity": {
"free": {
"bytes": 37120094208
},
"total": {
"bytes": 74686664704
},
"used": {
"bytes": 37566570496,
"pct": 0.502988996026061
}
},
"fstype": "OTHER",
"host": {
"count": 1,
"names": "DC0_H0"
},
"name": "LocalDS_0",
"read": {
"bytes": 1024
},
"status": "green",
"vm": {
"count": 4,
"names": [
"DC0_C0_RP0_VM0",
"DC0_C0_RP0_VM1",
"DC0_H0_VM0",
"DC0_H0_VM1"
]
},
"write": {
"bytes": 450560
}
}
}
}ECS Field Reference
Please refer to the following document for detailed information on ECS fields.
Exported fields
| Field | Description | Type | Unit | Metric Type |
|---|---|---|---|---|
@timestamp | Event timestamp. | date | ||
agent.id | keyword | |||
cloud.account.id | The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. | keyword | ||
cloud.availability_zone | Availability zone in which this host, resource, or service is located. | keyword | ||
cloud.instance.id | Instance ID of the host machine. | keyword | ||
cloud.provider | Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean. | keyword | ||
cloud.region | Region in which this host, resource, or service is located. | keyword | ||
container.id | Unique container id. | keyword | ||
data_stream.dataset | Data stream dataset. | constant_keyword | ||
data_stream.namespace | Data stream namespace. | constant_keyword | ||
data_stream.type | Data stream type. | constant_keyword | ||
event.dataset | Event dataset | constant_keyword | ||
event.module | Event module | constant_keyword | ||
host.containerized | If the host is a container. | boolean | ||
host.name | Name of the host. It can contain what hostname returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | ||
host.os.build | OS build information. | keyword | ||
host.os.codename | OS codename, if any. | keyword | ||
service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | ||
vsphere.datastore.alert.names | List of all the alerts on this Datastore. | keyword | ||
vsphere.datastore.capacity.free.bytes | Free bytes of the datastore. | long | byte | gauge |
vsphere.datastore.capacity.total.bytes | Total bytes of the datastore. | long | byte | gauge |
vsphere.datastore.capacity.used.bytes | Used bytes of the datastore. | long | byte | gauge |
vsphere.datastore.capacity.used.pct | Percentage of datastore capacity used. | scaled_float | percent | gauge |
vsphere.datastore.disk.capacity.bytes | Configured size of the datastore. | long | gauge | |
vsphere.datastore.disk.capacity.usage.bytes | The amount of storage capacity currently being consumed by datastore. | long | gauge | |
vsphere.datastore.disk.provisioned.bytes | Amount of storage set aside for use by a datastore. | long | gauge | |
vsphere.datastore.fstype | Filesystem type. | keyword | ||
vsphere.datastore.host.count | Number of hosts associated with the datastore. | long | gauge | |
vsphere.datastore.host.names | List of all the host names associated with the datastore. | keyword | ||
vsphere.datastore.name | Datastore name. | keyword | ||
vsphere.datastore.read.bytes | Rate of reading data from the datastore. | long | byte | gauge |
vsphere.datastore.status | Status of the datastore. | keyword | ||
vsphere.datastore.triggered_alarms.description | Description of the alarm. | keyword | ||
vsphere.datastore.triggered_alarms.entity_name | Name of the entity associated with the alarm. | keyword | ||
vsphere.datastore.triggered_alarms.id | Unique identifier for the alarm. | keyword | ||
vsphere.datastore.triggered_alarms.name | Name of the alarm. | keyword | ||
vsphere.datastore.triggered_alarms.status | Status of the alarm. | keyword | ||
vsphere.datastore.triggered_alarms.triggered_time | Time when the alarm was triggered. | date | ||
vsphere.datastore.vm.count | Number of VMs associated with the datastore. | long | gauge | |
vsphere.datastore.vm.names | List of all the VM names associated with the datastore. | keyword | ||
vsphere.datastore.warning.names | List of all the warnings on this Datastore. | keyword | ||
vsphere.datastore.write.bytes | Rate of writing data to the datastore. | long | byte | gauge |
Datastore Cluster
Datastore clusters in vSphere group multiple datastores for optimized management and automated load balancing, ensuring efficient storage utilization and simplified administration.
An example event for datastorecluster looks as following:
{
"@timestamp": "2024-09-22T05:28:46.315Z",
"agent": {
"ephemeral_id": "8b7e9ea4-0517-4e98-a795-b6fe529f4a2f",
"id": "7737279e-51e9-4d90-a0d0-2c12dc4446bf",
"name": "elastic-agent-23128",
"type": "metricbeat",
"version": "8.15.2"
},
"data_stream": {
"dataset": "vsphere.datastorecluster",
"namespace": "65218",
"type": "metrics"
},
"ecs": {
"version": "8.11.0"
},
"elastic_agent": {
"id": "7737279e-51e9-4d90-a0d0-2c12dc4446bf",
"snapshot": true,
"version": "8.15.2"
},
"event": {
"agent_id_status": "verified",
"dataset": "vsphere.datastorecluster",
"duration": 10772332,
"ingested": "2024-09-22T05:28:49Z",
"module": "vsphere"
},
"host": {
"architecture": "x86_64",
"containerized": true,
"hostname": "elastic-agent-23128",
"id": "57723763cd1b4ff48e54a505de4ebe6c",
"ip": [
"192.168.240.2",
"192.168.255.5"
],
"mac": [
"02-42-C0-A8-F0-02",
"02-42-C0-A8-FF-05"
],
"name": "elastic-agent-23128",
"os": {
"codename": "focal",
"family": "debian",
"kernel": "3.10.0-1160.118.1.el7.x86_64",
"name": "Ubuntu",
"platform": "ubuntu",
"type": "linux",
"version": "20.04.6 LTS (Focal Fossa)"
}
},
"metricset": {
"name": "datastorecluster",
"period": 20000
},
"service": {
"address": "https://svc-vsphere-metrics:8989/sdk",
"type": "vsphere"
},
"tags": [
"vsphere-datastorecluster"
],
"vsphere": {
"datastorecluster": {
"capacity": {
"bytes": 0
},
"datastore": {
"count": 0
},
"free_space": {
"bytes": 0
},
"name": "DC0_POD0"
}
}
}ECS Field Reference
Please refer to the following document for detailed information on ECS fields.
Exported fields
| Field | Description | Type | Unit | Metric Type |
|---|---|---|---|---|
@timestamp | Event timestamp. | date | ||
agent.id | keyword | |||
cloud.account.id | The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. | keyword | ||
cloud.availability_zone | Availability zone in which this host, resource, or service is located. | keyword | ||
cloud.instance.id | Instance ID of the host machine. | keyword | ||
cloud.provider | Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean. | keyword | ||
cloud.region | Region in which this host, resource, or service is located. | keyword | ||
container.id | Unique container id. | keyword | ||
data_stream.dataset | Data stream dataset. | constant_keyword | ||
data_stream.namespace | Data stream namespace. | constant_keyword | ||
data_stream.type | Data stream type. | constant_keyword | ||
event.dataset | Event dataset | constant_keyword | ||
event.module | Event module | constant_keyword | ||
host.name | Name of the host. It can contain what hostname returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | ||
service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | ||
vsphere.datastorecluster.alert.names | List of all the alerts on this Datastore Cluster. | keyword | ||
vsphere.datastorecluster.capacity.bytes | Total capacity of this storage pod, in bytes. | long | byte | gauge |
vsphere.datastorecluster.datastore.count | Number of datastores in the Datastore Cluster. | long | gauge | |
vsphere.datastorecluster.datastore.names | List of all the Datastore names associated with the Datastore Cluster. | keyword | ||
vsphere.datastorecluster.free_space.bytes | Total free space on this storage pod, in bytes. | long | byte | gauge |
vsphere.datastorecluster.name | The Datastore Cluster name. | keyword | ||
vsphere.datastorecluster.triggered_alarms.description | Description of the alarm. | keyword | ||
vsphere.datastorecluster.triggered_alarms.entity_name | Name of the entity associated with the alarm. | keyword | ||
vsphere.datastorecluster.triggered_alarms.id | Unique identifier for the alarm. | keyword | ||
vsphere.datastorecluster.triggered_alarms.name | Name of the alarm. | keyword | ||
vsphere.datastorecluster.triggered_alarms.status | Status of the alarm. | keyword | ||
vsphere.datastorecluster.triggered_alarms.triggered_time | Time when the alarm was triggered. | date | ||
vsphere.datastorecluster.warning.names | List of all the warnings on this Datastore Cluster. | keyword |
Host
This is the host data stream. This data stream collects host metrics from VMware vSphere, including performance statistics such as CPU usage, memory usage, disk I/O, and network activity.
An example event for host looks as following:
{
"@timestamp": "2024-10-03T04:09:10.462Z",
"agent": {
"ephemeral_id": "c13fd262-b655-4a62-a5f7-dda2f497332f",
"id": "036bbeff-9b4f-497d-846d-d5562d328109",
"name": "docker-fleet-agent",
"type": "metricbeat",
"version": "8.15.2"
},
"data_stream": {
"dataset": "vsphere.host",
"namespace": "default",
"type": "metrics"
},
"ecs": {
"version": "8.11.0"
},
"elastic_agent": {
"id": "036bbeff-9b4f-497d-846d-d5562d328109",
"snapshot": true,
"version": "8.15.2"
},
"event": {
"agent_id_status": "verified",
"dataset": "vsphere.host",
"duration": 83416967,
"ingested": "2024-10-03T04:09:20Z",
"module": "vsphere"
},
"host": {
"architecture": "x86_64",
"containerized": true,
"hostname": "docker-fleet-agent",
"id": "57723763cd1b4ff48e54a505de4ebe6c",
"ip": [
"172.18.0.7"
],
"mac": [
"02-42-AC-12-00-07"
],
"name": "docker-fleet-agent",
"os": {
"codename": "focal",
"family": "debian",
"kernel": "5.15.153.1-microsoft-standard",
"name": "Ubuntu",
"platform": "ubuntu",
"type": "linux",
"version": "20.04.6 LTS (Focal Fossa)"
}
},
"metricset": {
"name": "host",
"period": 20000
},
"service": {
"address": "https://172.18.0.4:8989/sdk",
"type": "vsphere"
},
"tags": [
"vsphere-host"
],
"vsphere": {
"host": {
"cpu": {
"free": {
"mhz": 4521
},
"total": {
"mhz": 4588
},
"used": {
"mhz": 67,
"pct": 0.015
}
},
"datastore": {
"count": 4,
"names": [
"LocalDS_0",
"LocalDS_1",
"LocalDS_2",
"LocalDS_3"
]
},
"disk": {
"read": {
"bytes": 142336
},
"total": {
"bytes": 1492992
},
"write": {
"bytes": 1895424
}
},
"memory": {
"free": {
"bytes": 2822230016
},
"total": {
"bytes": 4294430720
},
"used": {
"bytes": 1472200704,
"pct": 0.343
}
},
"name": "DC0_H0",
"network": {
"bandwidth": {
"received": {
"bytes": 702464
},
"total": {
"bytes": 1538048
},
"transmitted": {
"bytes": 564224
}
},
"count": 3,
"names": [
"DC0_DVPG0",
"DVS0-DVUplinks-10",
"VM Network"
],
"packets": {
"multicast": {
"received": {
"count": 97
}
},
"received": {
"count": 11933
},
"transmitted": {
"count": 8801
}
}
},
"network_names": [
"DC0_DVPG0",
"DVS0-DVUplinks-10",
"VM Network"
],
"status": "gray",
"uptime": 77229,
"vm": {
"count": 2,
"names": [
"DC0_H0_VM0",
"DC0_H0_VM1"
]
}
}
}
}ECS Field Reference
Please refer to the following document for detailed information on ECS fields.
Exported fields
| Field | Description | Type | Unit | Metric Type |
|---|---|---|---|---|
@timestamp | Event timestamp. | date | ||
agent.id | keyword | |||
cloud.account.id | The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. | keyword | ||
cloud.availability_zone | Availability zone in which this host, resource, or service is located. | keyword | ||
cloud.instance.id | Instance ID of the host machine. | keyword | ||
cloud.provider | Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean. | keyword | ||
cloud.region | Region in which this host, resource, or service is located. | keyword | ||
container.id | Unique container id. | keyword | ||
data_stream.dataset | Data stream dataset. | constant_keyword | ||
data_stream.namespace | Data stream namespace. | constant_keyword | ||
data_stream.type | Data stream type. | constant_keyword | ||
event.dataset | Event dataset | constant_keyword | ||
event.module | Event module | constant_keyword | ||
host.name | Name of the host. It can contain what hostname returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | ||
service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | ||
vsphere.host.alert.names | List of all the alerts on this Host. | keyword | ||
vsphere.host.cpu.free.mhz | Free CPU in MHz. | long | gauge | |
vsphere.host.cpu.total.mhz | Total CPU in MHz. | long | counter | |
vsphere.host.cpu.used.mhz | Used CPU in MHz. | long | gauge | |
vsphere.host.cpu.used.pct | CPU Utilization % of the host | scaled_float | percent | gauge |
vsphere.host.datastore.count | Number of datastores on the host. | long | gauge | |
vsphere.host.datastore.names | List of all the datastore names. | keyword | ||
vsphere.host.disk.capacity.usage.bytes | The amount of storage capacity currently being consumed by or on the entity. | long | byte | gauge |
vsphere.host.disk.devicelatency.average.ms | Average amount of time it takes to complete an SCSI command from physical device in milliseconds. | long | ms | gauge |
vsphere.host.disk.latency.total.ms | Highest latency value across all disks used by the host in milliseconds. | long | ms | gauge |
vsphere.host.disk.read.bytes | Average number of bytes read from the disk each second. | long | byte | gauge |
vsphere.host.disk.total.bytes | Sum of disk read and write rates each second in bytes. | long | byte | gauge |
vsphere.host.disk.write.bytes | Average number of bytes written to the disk each second. | long | byte | gauge |
vsphere.host.memory.free.bytes | Free Memory in bytes. | long | byte | gauge |
vsphere.host.memory.total.bytes | Total Memory in bytes. | long | byte | gauge |
vsphere.host.memory.used.bytes | Used Memory in bytes. | long | byte | gauge |
vsphere.host.memory.used.pct | Memory utilization % of the host | scaled_float | percent | gauge |
vsphere.host.name | Host name. | keyword | ||
vsphere.host.network.bandwidth.received.bytes | Average rate at which data was received during the interval. This represents the bandwidth of the network. | long | byte | gauge |
vsphere.host.network.bandwidth.total.bytes | Sum of network transmitted and received rates in bytes during the interval. | long | byte | gauge |
vsphere.host.network.bandwidth.transmitted.bytes | Average rate at which data was transmitted during the interval. This represents the bandwidth of the network. | long | byte | gauge |
vsphere.host.network.count | Number of networks on the host. | long | gauge | |
vsphere.host.network.names | List of all the network names. | keyword | ||
vsphere.host.network.packets.dropped.received.count | Number of received packets dropped. | long | gauge | |
vsphere.host.network.packets.dropped.total.count | Total number of packets dropped. | long | gauge | |
vsphere.host.network.packets.dropped.transmitted.count | Number of transmitted packets dropped. | long | gauge | |
vsphere.host.network.packets.errors.received.count | Number of packets with errors received. | long | gauge | |
vsphere.host.network.packets.errors.total.count | Total number of packets with errors. | long | gauge | |
vsphere.host.network.packets.errors.transmitted.count | Number of packets with errors transmitted. | long | gauge | |
vsphere.host.network.packets.multicast.received.count | Number of multicast packets received. | long | gauge | |
vsphere.host.network.packets.multicast.total.count | Total number of multicast packets. | long | gauge | |
vsphere.host.network.packets.multicast.transmitted.count | Number of multicast packets transmitted. | long | gauge | |
vsphere.host.network.packets.received.count | Number of packets received. | long | gauge | |
vsphere.host.network.packets.transmitted.count | Number of packets transmitted. | long | gauge | |
vsphere.host.network_names | Network names. | keyword | ||
vsphere.host.status | The overall health status of a host in the vSphere environment. | keyword | ||
vsphere.host.triggered_alarms.description | Description of the alarm. | keyword | ||
vsphere.host.triggered_alarms.entity_name | Name of the entity associated with the alarm. | keyword | ||
vsphere.host.triggered_alarms.id | Unique identifier for the alarm. | keyword | ||
vsphere.host.triggered_alarms.name | Name of the alarm. | keyword | ||
vsphere.host.triggered_alarms.status | Status of the alarm. | keyword | ||
vsphere.host.triggered_alarms.triggered_time | Time when the alarm was triggered. | date | ||
vsphere.host.uptime | The total uptime of a host in seconds within the vSphere environment. | long | gauge | |
vsphere.host.vm.count | Number of virtual machines on the host. | long | gauge | |
vsphere.host.vm.names | List of all the VM names. | keyword | ||
vsphere.host.warning.names | List of all the warnings on this Host. | keyword |
Network
This is the network data stream. This data stream gathers metrics and status information related to VMware vSphere networks, including network accessibility, connected hosts and virtual machines, configuration health, and network type.
An example event for network looks as following:
{
"@timestamp": "2024-09-22T21:01:42.635Z",
"agent": {
"ephemeral_id": "b4116483-d4c6-4860-b93d-f0d8091cc838",
"id": "ff0ab35a-1abe-47a1-aee7-6d70362e4335",
"name": "docker-fleet-agent",
"type": "metricbeat",
"version": "8.15.2"
},
"data_stream": {
"dataset": "vsphere.network",
"namespace": "default",
"type": "metrics"
},
"ecs": {
"version": "8.11.0"
},
"elastic_agent": {
"id": "ff0ab35a-1abe-47a1-aee7-6d70362e4335",
"snapshot": true,
"version": "8.15.2"
},
"event": {
"agent_id_status": "verified",
"dataset": "vsphere.network",
"duration": 10826519,
"ingested": "2024-09-22T21:01:43Z",
"module": "vsphere"
},
"host": {
"architecture": "x86_64",
"containerized": true,
"hostname": "elastic-agent-23128",
"id": "57723763cd1b4ff48e54a505de4ebe6c",
"ip": [
"192.168.240.2",
"192.168.255.5"
],
"mac": [
"02-42-C0-A8-F0-02",
"02-42-C0-A8-FF-05"
],
"name": "elastic-agent-23128",
"os": {
"codename": "focal",
"family": "debian",
"kernel": "3.10.0-1160.118.1.el7.x86_64",
"name": "Ubuntu",
"platform": "ubuntu",
"type": "linux",
"version": "20.04.6 LTS (Focal Fossa)"
}
},
"metricset": {
"name": "network",
"period": 20000
},
"service": {
"address": "https://172.18.0.4:8989/sdk",
"type": "vsphere"
},
"tags": [
"vsphere-network"
],
"vsphere": {
"network": {
"accessible": true,
"config": {
"status": "green"
},
"name": "VM Network",
"status": "green",
"type": "Network"
}
}
}ECS Field Reference
Please refer to the following document for detailed information on ECS fields.
Exported fields
| Field | Description | Type | Metric Type |
|---|---|---|---|
@timestamp | Event timestamp. | date | |
agent.id | keyword | ||
cloud.account.id | The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. | keyword | |
cloud.availability_zone | Availability zone in which this host, resource, or service is located. | keyword | |
cloud.instance.id | Instance ID of the host machine. | keyword | |
cloud.provider | Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean. | keyword | |
cloud.region | Region in which this host, resource, or service is located. | keyword | |
container.id | Unique container id. | keyword | |
data_stream.dataset | Data stream dataset. | constant_keyword | |
data_stream.namespace | Data stream namespace. | constant_keyword | |
data_stream.type | Data stream type. | constant_keyword | |
event.dataset | Event dataset | constant_keyword | |
event.module | Event module | constant_keyword | |
host.containerized | If the host is a container. | boolean | |
host.name | Name of the host. It can contain what hostname returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | |
service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | |
vsphere.network.accessible | Indicates whether at least one host is configured to provide this network. | boolean | |
vsphere.network.alert.names | List of all the alerts on this network. | keyword | |
vsphere.network.config.status | Indicates whether the system has detected a configuration issue. | keyword | |
vsphere.network.host.count | Number of hosts connected to this network. | long | gauge |
vsphere.network.host.names | List of all the hosts connected to this network. | keyword | |
vsphere.network.name | Name of the network. | keyword | |
vsphere.network.status | General health of the network. | keyword | |
vsphere.network.triggered_alarms.description | Description of the alarm. | keyword | |
vsphere.network.triggered_alarms.entity_name | Name of the entity associated with the alarm. | keyword | |
vsphere.network.triggered_alarms.id | Unique identifier for the alarm. | keyword | |
vsphere.network.triggered_alarms.name | Name of the alarm. | keyword | |
vsphere.network.triggered_alarms.status | Status of the alarm. | keyword | |
vsphere.network.triggered_alarms.triggered_time | Time when the alarm was triggered. | date | |
vsphere.network.type | Type of the network (e.g., Network(Standard), DistributedVirtualport). | keyword | |
vsphere.network.vm.count | Number of virtual machines connected to this network. | long | gauge |
vsphere.network.vm.names | List of all the virtual machines connected to this network. | keyword | |
vsphere.network.warning.names | List of all the warnings on this network. | keyword |
Resourcepool
Resource pools in vSphere allow for the allocation and management of CPU and memory resources across groups of virtual machines.
An example event for resourcepool looks as following:
{
"@timestamp": "2024-09-12T05:55:54.148Z",
"agent": {
"ephemeral_id": "54ea1b28-d61c-4277-b98b-e33e38c7f1b5",
"id": "36c6eb08-679d-4a9f-b436-fe550cb77ad2",
"name": "elastic-agent-85448",
"type": "metricbeat",
"version": "8.16.0"
},
"data_stream": {
"dataset": "vsphere.resourcepool",
"namespace": "63631",
"type": "metrics"
},
"ecs": {
"version": "8.11.0"
},
"elastic_agent": {
"id": "36c6eb08-679d-4a9f-b436-fe550cb77ad2",
"snapshot": true,
"version": "8.16.0"
},
"event": {
"agent_id_status": "verified",
"dataset": "vsphere.resourcepool",
"duration": 21732347,
"ingested": "2024-09-12T05:55:57Z",
"module": "vsphere"
},
"host": {
"architecture": "x86_64",
"containerized": true,
"hostname": "elastic-agent-85448",
"ip": [
"192.168.249.6",
"192.168.251.2"
],
"mac": [
"02-42-C0-A8-F9-06",
"02-42-C0-A8-FB-02"
],
"name": "elastic-agent-85448",
"os": {
"family": "",
"kernel": "4.18.0-348.7.1.el8_5.x86_64",
"name": "Wolfi",
"platform": "wolfi",
"type": "linux",
"version": "20230201"
}
},
"metricset": {
"name": "resourcepool",
"period": 10000
},
"service": {
"address": "https://svc-vsphere-metrics:8989/sdk",
"type": "vsphere"
},
"tags": [
"vsphere-resourcepool"
],
"vsphere": {
"resourcepool": {
"fingerprint": "IqGup33ooQgbWIgSs7+sAcX4MDo=",
"name": "Resources",
"status": "green"
}
}
}ECS Field Reference
Please refer to the following document for detailed information on ECS fields.
Exported fields
| Field | Description | Type | Unit | Metric Type |
|---|---|---|---|---|
@timestamp | Event timestamp. | date | ||
agent.id | keyword | |||
cloud.account.id | The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. | keyword | ||
cloud.availability_zone | Availability zone in which this host, resource, or service is located. | keyword | ||
cloud.instance.id | Instance ID of the host machine. | keyword | ||
cloud.provider | Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean. | keyword | ||
cloud.region | Region in which this host, resource, or service is located. | keyword | ||
container.id | Unique container id. | keyword | ||
data_stream.dataset | Data stream dataset. | constant_keyword | ||
data_stream.namespace | Data stream namespace. | constant_keyword | ||
data_stream.type | Data stream type. | constant_keyword | ||
host.name | Name of the host. It can contain what hostname returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | ||
service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | ||
vsphere.resourcepool.alert.names | List of all the alerts on this resourcepool. | keyword | ||
vsphere.resourcepool.cpu.demand.mhz | Basic CPU performance statistics, in MHz. | long | gauge | |
vsphere.resourcepool.cpu.entitlement.mhz | The amount of CPU resource, in MHz, that this VM is entitled to, as calculated by DRS. | long | gauge | |
vsphere.resourcepool.cpu.entitlement.static.mhz | The static CPU resource entitlement for a virtual machine. | long | gauge | |
vsphere.resourcepool.cpu.usage.mhz | Basic CPU performance statistics, in MHz. | long | gauge | |
vsphere.resourcepool.fingerprint | Unique ID to avoid duplications and to identify the unique resourcepool. | keyword | ||
vsphere.resourcepool.memory.ballooned.bytes | The size of the balloon driver in a virtual machine, in bytes. | long | byte | gauge |
vsphere.resourcepool.memory.compressed.bytes | The amount of compressed memory currently consumed by VM, in bytes. | long | byte | gauge |
vsphere.resourcepool.memory.entitlement.bytes | The amount of memory, in bytes, that this VM is entitled to, as calculated by DRS. | long | byte | gauge |
vsphere.resourcepool.memory.entitlement.static.bytes | The static memory resource entitlement for a virtual machine, in bytes. | long | byte | gauge |
vsphere.resourcepool.memory.overhead.bytes | The amount of memory resource (in bytes) that will be used by a virtual machine above its guest memory requirements. | long | byte | gauge |
vsphere.resourcepool.memory.overhead.consumed.bytes | The amount of overhead memory, in bytes, currently being consumed to run a VM. | long | byte | gauge |
vsphere.resourcepool.memory.private.bytes | The portion of memory, in bytes, that is granted to a virtual machine from non-shared host memory. | long | byte | gauge |
vsphere.resourcepool.memory.shared.bytes | The portion of memory, in bytes, that is granted to a virtual machine from host memory that is shared between VMs. | long | byte | gauge |
vsphere.resourcepool.memory.swapped.bytes | The portion of memory, in bytes, that is granted to a virtual machine from the host's swap space. | long | byte | gauge |
vsphere.resourcepool.memory.usage.guest.bytes | Guest memory utilization statistics, in bytes. | long | byte | gauge |
vsphere.resourcepool.memory.usage.host.bytes | Host memory utilization statistics, in bytes. | long | byte | gauge |
vsphere.resourcepool.name | The name of the resourcepool. | keyword | ||
vsphere.resourcepool.status | The overall health status of a host in the vSphere environment. | keyword | ||
vsphere.resourcepool.triggered_alarms.description | Description of the alarm. | keyword | ||
vsphere.resourcepool.triggered_alarms.entity_name | Name of the entity associated with the alarm. | keyword | ||
vsphere.resourcepool.triggered_alarms.id | Unique identifier for the alarm. | keyword | ||
vsphere.resourcepool.triggered_alarms.name | Name of the alarm. | keyword | ||
vsphere.resourcepool.triggered_alarms.status | Status of the alarm. | keyword | ||
vsphere.resourcepool.triggered_alarms.triggered_time | Time when the alarm was triggered. | date | ||
vsphere.resourcepool.vm.count | Number of virtual machines on the resourcepool. | long | gauge | |
vsphere.resourcepool.vm.names | Names of virtual machines on the resourcepool. | keyword | ||
vsphere.resourcepool.warning.names | List of all the warnings on this resourcepool. | keyword |
Virtual Machine
This is the virtualmachine data stream. This data stream collects virtual machine metrics from VMware vSphere, including performance statistics such as status, uptime, CPU usage, memory usage, and network activity.
An example event for virtualmachine looks as following:
{
"@timestamp": "2024-09-02T09:44:14.128Z",
"agent": {
"ephemeral_id": "2d60906e-b972-4981-a356-c57ccb79108b",
"id": "8ea73fb3-a0a0-4270-aad6-e88edb8b385a",
"name": "elastic-agent-55444",
"type": "metricbeat",
"version": "8.16.0"
},
"data_stream": {
"dataset": "vsphere.virtualmachine",
"namespace": "64133",
"type": "metrics"
},
"ecs": {
"version": "8.11.0"
},
"elastic_agent": {
"id": "8ea73fb3-a0a0-4270-aad6-e88edb8b385a",
"snapshot": true,
"version": "8.16.0"
},
"event": {
"agent_id_status": "verified",
"dataset": "vsphere.virtualmachine",
"duration": 52726937,
"ingested": "2024-09-02T09:44:17Z",
"module": "vsphere"
},
"host": {
"architecture": "x86_64",
"containerized": true,
"hostname": "elastic-agent-55444",
"id": "e744630f9d4f43dc818e497d221bd0b2",
"ip": [
"127.28.12.4",
"127.28.12.2"
],
"mac": [
"02-42-AC-12-00-04",
"02-42-AC-14-00-02"
],
"name": "elastic-agent-55444",
"os": {
"codename": "focal",
"family": "debian",
"kernel": "127.15.128.1-microsoft-standard-WSL2",
"name": "Ubuntu",
"platform": "ubuntu",
"type": "linux",
"version": "20.04.6 LTS (Focal Fossa)"
}
},
"metricset": {
"name": "virtualmachine",
"period": 10000
},
"service": {
"address": "https://localhost:8989/sdk",
"type": "vsphere"
},
"vsphere": {
"virtualmachine": {
"name": "xt0nmfpv9",
"uptime": 5348978,
"status": "green",
"host": {
"id": "host-32",
"hostname": "localhost.com"
},
"cpu": {
"free": {
"mhz": 0
},
"used": {
"mhz": 161
},
"total": {
"mhz": 0
}
},
"network": {
"names": [
"PROD_VCF_VMS"
],
"count": 1
},
"memory": {
"used": {
"guest": {
"bytes": 686817280
},
"host": {
"bytes": 29027729408
}
},
"total": {
"guest": {
"bytes": 68719476736
}
},
"free": {
"guest": {
"bytes": 68032659456
}
}
},
"network_names": [
"PROD_VCF_VMS"
],
"datastore": {
"count": 1,
"names": [
"VxRailtoup-Virtual-Datastore-bc1d-5aa310fb"
]
},
"os": "CentOS 4/5/6/7 (64-bit)",
"snapshot": {
"info": [
{
"id": 1,
"name": "VM Snapshot 7%2f3%2f2024, 4:01:21 PM",
"description": "Created to demo",
"createtime": "2024-07-03T20:01:34.329Z",
"state": "poweredOn"
},
{
"createtime": "2024-07-05T23:35:40.859Z",
"state": "poweredOn",
"id": 2,
"name": "VM Snapshot 7%2f5%2f2024, 7:35:37 PM",
"description": "backup"
}
],
"count": 2
}
}
}
}ECS Field Reference
Please refer to the following document for detailed information on ECS fields.
Exported fields
| Field | Description | Type | Unit | Metric Type |
|---|---|---|---|---|
@timestamp | Event timestamp. | date | ||
agent.id | keyword | |||
cloud.account.id | The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. | keyword | ||
cloud.availability_zone | Availability zone in which this host, resource, or service is located. | keyword | ||
cloud.instance.id | Instance ID of the host machine. | keyword | ||
cloud.provider | Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean. | keyword | ||
cloud.region | Region in which this host, resource, or service is located. | keyword | ||
container.id | Unique container id. | keyword | ||
data_stream.dataset | Data stream dataset. | constant_keyword | ||
data_stream.namespace | Data stream namespace. | constant_keyword | ||
data_stream.type | Data stream type. | constant_keyword | ||
event.dataset | Event dataset | constant_keyword | ||
event.module | Event module | constant_keyword | ||
host.containerized | If the host is a container. | boolean | ||
host.name | Name of the host. It can contain what hostname returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | ||
host.os.build | OS build information. | keyword | ||
host.os.codename | OS codename, if any. | keyword | ||
service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | ||
vsphere.virtualmachine.alert.names | List of all the alerts on this virtualmachine. | keyword | ||
vsphere.virtualmachine.cpu.free.mhz | Available CPU in Mhz. | long | gauge | |
vsphere.virtualmachine.cpu.total.mhz | Total Reserved CPU in Mhz. | long | counter | |
vsphere.virtualmachine.cpu.used.mhz | Used CPU in Mhz. | long | gauge | |
vsphere.virtualmachine.custom_fields | Custom fields. | object | ||
vsphere.virtualmachine.datastore.count | Number of datastores associated to this virtualmachine. | long | gauge | |
vsphere.virtualmachine.datastore.names | Names of the datastore associated to this virtualmachine. | keyword | ||
vsphere.virtualmachine.host.hostname | Hostname of the host. | keyword | ||
vsphere.virtualmachine.host.id | Host id. | keyword | ||
vsphere.virtualmachine.memory.free.guest.bytes | Free Memory of Guest in bytes. | long | byte | gauge |
vsphere.virtualmachine.memory.total.guest.bytes | Total Memory of Guest in bytes. | long | byte | gauge |
vsphere.virtualmachine.memory.used.guest.bytes | Used Memory of Guest in bytes. | long | byte | gauge |
vsphere.virtualmachine.memory.used.host.bytes | Used Memory of Host in bytes. | long | byte | gauge |
vsphere.virtualmachine.name | Virtual Machine name. | keyword | ||
vsphere.virtualmachine.network.count | Number of networks associated to this virtualmachine. | long | gauge | |
vsphere.virtualmachine.network.names | Names of the networks associated to this virtualmachine. | keyword | ||
vsphere.virtualmachine.network_names | Network names. | keyword | ||
vsphere.virtualmachine.os | Virtual Machine Operating System name. | keyword | ||
vsphere.virtualmachine.snapshot.count | The number of snapshots of this virtualmachine. | long | gauge | |
vsphere.virtualmachine.snapshot.info.createtime | Snapshot creation time. | date | ||
vsphere.virtualmachine.snapshot.info.description | Snapshot description. | keyword | ||
vsphere.virtualmachine.snapshot.info.id | Snapshot ID. | long | ||
vsphere.virtualmachine.snapshot.info.name | Snapshot name. | keyword | ||
vsphere.virtualmachine.snapshot.info.state | Snapshot state (e.g., poweredOn). | keyword | ||
vsphere.virtualmachine.status | Overall health and status of a virtual machine. | keyword | ||
vsphere.virtualmachine.triggered_alarms.description | Description of the alarm. | keyword | ||
vsphere.virtualmachine.triggered_alarms.entity_name | Name of the entity associated with the alarm. | keyword | ||
vsphere.virtualmachine.triggered_alarms.id | Unique identifier for the alarm. | keyword | ||
vsphere.virtualmachine.triggered_alarms.name | Name of the alarm. | keyword | ||
vsphere.virtualmachine.triggered_alarms.status | Status of the alarm. | keyword | ||
vsphere.virtualmachine.triggered_alarms.triggered_time | Time when the alarm was triggered. | date | ||
vsphere.virtualmachine.uptime | The uptime of the VM in seconds. | long | counter | |
vsphere.virtualmachine.warning.names | List of all the warnings on this virtualmachine. | keyword |
Troubleshoot
If you encounter any issues during the setup or usage of the VMware vSphere integration, particularly with regards to Data Collection Intervals, with agent error messages such as Failed to query performance metrics: ServerFaultCode: A specified parameter was not correct: querySpec.interval, please refer to the mentioned Important Notes/Supported Periods for guidance and resolution.
Changelog
| Version | Details | Kibana version(s) |
|---|---|---|
1.16.1 | Enhancement View pull request | 8.15.2 or higher |
1.16.0 | Enhancement View pull request | 8.15.2 or higher |
1.15.0 | Enhancement View pull request | 8.15.2 or higher |
1.14.0 | Enhancement View pull request | 8.13.0 or higher |
1.13.0 | Enhancement View pull request | 8.13.0 or higher |
1.12.0 | Enhancement View pull request | 8.12.0 or higher |
1.11.1 | Enhancement View pull request | 8.12.0 or higher |
1.11.0 | Enhancement View pull request | 8.12.0 or higher |
1.10.1 | Enhancement View pull request | 8.10.2 or higher |
1.10.0 | Enhancement View pull request | 8.10.2 or higher |
1.9.2 | Bug fix View pull request | 8.8.0 or higher |
1.9.1 | Bug fix View pull request | 8.8.0 or higher |
1.9.0 | Enhancement View pull request | 8.8.0 or higher |
1.8.0 | Enhancement View pull request | 8.8.0 or higher |
1.7.2 | Enhancement View pull request | 8.7.0 or higher |
1.7.1 | Enhancement View pull request | 8.7.0 or higher |
1.7.0 | Enhancement View pull request | 8.7.0 or higher |
1.6.0 | Enhancement View pull request | 8.7.0 or higher |
1.5.0 | Enhancement View pull request | 8.7.0 or higher |
1.4.0 | Enhancement View pull request | 8.7.0 or higher |
1.3.2 | Enhancement View pull request | 7.15.0 or higher |
1.3.1 | Bug fix View pull request | 7.15.0 or higher |
1.3.0 | Enhancement View pull request | 7.15.0 or higher |
1.2.1 | Bug fix View pull request | 7.15.0 or higher |
1.2.0 | Enhancement View pull request | 7.15.0 or higher |
1.0.1 | Bug fix View pull request | 7.15.0 or higher |
1.0.0 | Enhancement View pull request | 7.15.0 or higher |
0.1.2 | Enhancement View pull request | — |
0.1.1 | Enhancement View pull request | — |
0.1.0 | Enhancement View pull request | — |
0.0.2 | Bug fix View pull request | — |
0.0.1 | Enhancement View pull request | — |