about vm

dall · ‎09-15-2020

from logs how i ll get number of vms present in that server

ITWhisperer · ‎09-15-2020

Can you provide a sample of the logs you are talking about?

dall · ‎09-15-2020

<166>2020-09-15T07:35:03.809Z Hostd: info hostd[2100274] [Originator@6876 sub=Vmsvc.vm:/vmfs/volumes/5b33d479-61618708-d3cd-d094665b5e96/rptauto-w10-spc/rptauto-w10-spc.vmx] Send config update invoked

<164>2020-09-15T12:26:54.076Z Hostd: warning hostd[2099584] [Originator@6876 sub=Hostsvc.VFlashManager opID=1bcbeabf user=root] GetVFlashResourceRuntimeInfo: vFlash is not licensed, not supported

<164>2020-09-15T12:26:45.410Z Hostd: warning hostd[2100273] [Originator@6876 sub=VigorStatsProvider(000000848d91e700)] AddVirtualMachine: VM '62' already registered

<164>2020-09-15T12:26:45.409Z Hostd: warning hostd[2100273] [Originator@6876 sub=VigorStatsProvider(000000848d91e700)] AddVirtualMachine: VM '119' already registered

ITWhisperer · ‎09-15-2020

Hi @dall

Thanks. So what part of these log entries identifies the vm? Is it Originator@xxx, where xxx is different for each vm? What identifies the server? is it hostd:[yyy] where yyy is the server id? If so, you can extract these two from the logs and use stats to count them

| rex field=_raw "hostd\[(?<server>[^\]]*)\]\s\[Originator\@(?<vm>[^\s]*)"
| stats dc(vm) as vms by server

about vm

using Splunk Enterprise

Announcing Scheduled Export GA for Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!