VMware vSphere Integration
editVMware vSphere Integration
editVersion |
1.16.2 (View all) |
Compatible Kibana version(s) |
8.15.2 or higher |
Supported Serverless project types |
Security |
Subscription level |
Basic |
Level of support |
Elastic |
Overview
editvSphere is VMware’s cloud computing virtualization platform, offering tools for managing virtualized data centers.
Use the vSphere integration to:
- Collect vSphere logs, along with datastore, host, and virtualmachine metrics for comprehensive monitoring and analysis.
- Create informative visualizations to track usage trends, measure key metrics, and derive actionable business insights.
- Set up alerts to minimize Mean Time to Detect (MTTD) and Mean Time to Resolve (MTTR) by quickly referencing relevant logs during troubleshooting.
Data streams
editThe vSphere integration collects logs and metrics.
Logs help you keep a record of events that happen on your machine. The Log data stream collected by vSphere as integration is log.
Metrics give you insight into the statistics of the vSphere. The Metric data streams collected by the vSphere integration are cluster, datastore, datastorecluster, host, network, resourcepool and virtualmachine so that the user can monitor and troubleshoot the performance of the vSphere instance.
Data streams:
-
log: Collects logs generated by VMware vSphere using a syslog daemon. -
cluster: Collects metrics from VMware vSphere, such as lists of datastores, hosts and networks associated with cluster. -
datastore: Gathers datastore metrics from VMware vSphere, including performance statistics such as capacity, usage, read/write operations, latency, and throughput. -
datastorecluster: Gathers metrics for datastore clusters from VMware vSphere, including statistics like cluster capacity and available free space. Additionally, it provides information about the individual datastores that comprise the cluster. -
host: Collects host metrics from VMware vSphere, including performance statistics such as CPU usage, memory usage, disk I/O, and network activity. -
resourcepool: Collects metrics from VMware vSphere, such as CPU and memory usage, CPU and memory reservation, and CPU and memory limit. -
virtualmachine: Gathers virtual machine metrics from VMware vSphere, including performance statistics such as status, uptime, CPU usage, memory usage, and network activity. -
network: Gathers metrics and status information related to VMware vSphere networks, including network accessibility, connected hosts and virtual machines, configuration health, and network type.
Note:
Users can monitor and check the log inside the ingested documents for vSphere in the logs-* index pattern from Discover, and for metrics, the index pattern is metrics-*.
Supported periods
edit- Real-time data collection: An ESXi Server collects data for each performance counter every 20 seconds by default.
-
The
datastoreandhostdata streams support performance data collection using the vSphere performance API. - Since the performance API has usage restrictions based on data collection intervals, make sure that the period is configured optimally to receive real-time data. You can still collect summary metrics if performance metrics are not supported for the configured instance.
- Period configuration can be determined based on the Data Collection Intervals and Data Collection Levels.
Compatibility
editThis integration has been tested and verified against VMware ESXi and vCenter version 7.0.3.
Prerequisites
editYou can store and search your data using Elasticsearch and visualize and manage it with Kibana. We recommend using our hosted Elasticsearch Service on Elastic Cloud or self-managing the Elastic Stack on your own hardware.
Setup
editFor step-by-step instructions on how to set up an integration, check the Getting started guide.
Logs
editThe log data stream collects logs generated by VMware vSphere using a syslog daemon.
To collect logs, follow these steps:
- Configure the listening host/IP address (default: localhost) and host port (default: 9525) in the integration.
- Configure vSphere to send logs to a remote syslog host and provide the configured hostname/IP and port of the Elastic Agent host.
Example
An example event for log looks as following:
{
"@timestamp": "2021-09-06T14:40:05.753Z",
"agent": {
"ephemeral_id": "c4a1df82-7a9c-4a3e-8546-6d7cc04538e6",
"id": "5096d7cc-1e4b-4959-abea-7355be2913a7",
"name": "docker-fleet-agent",
"type": "filebeat",
"version": "8.8.1"
},
"data_stream": {
"dataset": "vsphere.log",
"namespace": "ep",
"type": "logs"
},
"ecs": {
"version": "8.11.0"
},
"elastic_agent": {
"id": "5096d7cc-1e4b-4959-abea-7355be2913a7",
"snapshot": false,
"version": "8.8.1"
},
"event": {
"agent_id_status": "verified",
"dataset": "vsphere.log",
"ingested": "2023-06-29T08:05:57Z",
"original": "<14>1 2021-09-06T14:40:05.753710+00:00 vcenter applmgmt-audit - - - 2021-09-06T14:40:05.753: INFO AuthorizationResponse = { authorized=True, method=LOCAL }",
"timezone": "+00:00"
},
"host": {
"architecture": "aarch64",
"containerized": false,
"hostname": "docker-fleet-agent",
"id": "d08b346fbb8f49f5a2bb1a477f8ceb54",
"ip": [
"172.23.0.7"
],
"mac": [
"02-42-AC-17-00-07"
],
"name": "vcenter",
"os": {
"codename": "focal",
"family": "debian",
"kernel": "5.10.104-linuxkit",
"name": "Ubuntu",
"platform": "ubuntu",
"type": "linux",
"version": "20.04.6 LTS (Focal Fossa)"
}
},
"input": {
"type": "udp"
},
"log": {
"level": "INFO",
"source": {
"address": "172.23.0.4:59146"
},
"syslog": {
"priority": 14
}
},
"message": "AuthorizationResponse = { authorized=True, method=LOCAL }",
"process": {
"name": "applmgmt-audit"
},
"tags": [
"preserve_original_event",
"vmware-sphere"
]
}
ECS Field Reference
Refer to the ECS Field Reference for detailed information on ECS fields.
Exported fields
| Field | Description | Type |
|---|---|---|
@timestamp |
Event timestamp. |
date |
data_stream.dataset |
Data stream dataset. |
constant_keyword |
data_stream.namespace |
Data stream namespace. |
constant_keyword |
data_stream.type |
Data stream type. |
constant_keyword |
event.dataset |
Event dataset |
constant_keyword |
event.module |
Event module |
constant_keyword |
host.containerized |
If the host is a container. |
boolean |
host.os.build |
OS build information. |
keyword |
host.os.codename |
OS codename, if any. |
keyword |
hostname |
Hostname from syslog header. |
keyword |
input.type |
Type of Filebeat input. |
keyword |
log.source.address |
Source address of the syslog message. |
keyword |
process.program |
Process from syslog header. |
keyword |
vsphere.log.api.invocations |
long |
|
vsphere.log.datacenter |
keyword |
|
vsphere.log.file.path |
keyword |
Metrics
editTo access the metrics, provide the URL https://host:port/sdk in the Add Integration page of the vSphere package.
Cluster
editClusters in vSphere represent a group of ESXi hosts working together to optimize resource allocation, ensure high availability, and manage workloads efficiently.
Example
An example event for cluster looks as following:
{
"@timestamp": "2024-09-19T05:44:00.800Z",
"agent": {
"ephemeral_id": "676a770b-a207-4fec-99d4-e82377578711",
"id": "6b430ae3-0bdb-4d5c-b60d-a02f54e770e5",
"name": "elastic-agent-47605",
"type": "metricbeat",
"version": "8.15.2"
},
"data_stream": {
"dataset": "vsphere.cluster",
"namespace": "93141",
"type": "metrics"
},
"ecs": {
"version": "8.11.0"
},
"elastic_agent": {
"id": "6b430ae3-0bdb-4d5c-b60d-a02f54e770e5",
"snapshot": true,
"version": "8.15.2"
},
"event": {
"agent_id_status": "verified",
"dataset": "vsphere.cluster",
"duration": 17059144,
"ingested": "2024-09-19T05:44:03Z",
"module": "vsphere"
},
"host": {
"architecture": "x86_64",
"containerized": true,
"hostname": "elastic-agent-47605",
"id": "57723763cd1b4ff48e54a505de4ebe6c",
"ip": [
"192.168.244.4",
"192.168.245.2"
],
"mac": [
"02-42-C0-A8-F4-04",
"02-42-C0-A8-F5-02"
],
"name": "elastic-agent-47605",
"os": {
"codename": "focal",
"family": "debian",
"kernel": "4.18.0-348.7.1.el8_5.x86_64",
"name": "Ubuntu",
"platform": "ubuntu",
"type": "linux",
"version": "20.04.6 LTS (Focal Fossa)"
}
},
"metricset": {
"name": "cluster",
"period": 20000
},
"service": {
"address": "https://svc-vsphere-metrics:8989/sdk",
"type": "vsphere"
},
"tags": [
"vsphere-cluster"
],
"vsphere": {
"cluster": {
"datastore": {
"count": 1,
"names": "LocalDS_0"
},
"host": {
"count": 3,
"names": [
"DC0_C0_H0",
"DC0_C0_H1",
"DC0_C0_H2"
]
},
"name": "DC0_C0",
"network": {
"count": 3,
"names": [
"DC0_DVPG0",
"DVS0-DVUplinks-9",
"VM Network"
]
}
}
}
}
ECS Field Reference
Refer to the ECS Field Reference for detailed information on ECS fields.
Exported fields
| Field | Description | Type | Metric Type |
|---|---|---|---|
@timestamp |
Event timestamp. |
date |
|
agent.id |
keyword |
||
cloud.account.id |
The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. |
keyword |
|
cloud.availability_zone |
Availability zone in which this host, resource, or service is located. |
keyword |
|
cloud.instance.id |
Instance ID of the host machine. |
keyword |
|
cloud.provider |
Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean. |
keyword |
|
cloud.region |
Region in which this host, resource, or service is located. |
keyword |
|
container.id |
Unique container id. |
keyword |
|
data_stream.dataset |
Data stream dataset. |
constant_keyword |
|
data_stream.namespace |
Data stream namespace. |
constant_keyword |
|
data_stream.type |
Data stream type. |
constant_keyword |
|
host.name |
Name of the host. It can contain what |
keyword |
|
service.address |
Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). |
keyword |
|
vsphere.cluster.alert.names |
List of all the alerts on this Cluster. |
keyword |
|
vsphere.cluster.das_config.admission.control.enabled |
Indicates whether strict admission control is enabled. |
boolean |
|
vsphere.cluster.das_config.enabled |
Indicates whether vSphere HA feature is enabled. |
boolean |
|
vsphere.cluster.datastore.count |
Number of Datastores associated with the cluster. |
long |
gauge |
vsphere.cluster.datastore.names |
List of all the Datastore names associated with the cluster. |
keyword |
|
vsphere.cluster.host.count |
Number of Hosts associated with the cluster. |
long |
gauge |
vsphere.cluster.host.names |
List of all the host names associated with the cluster. |
keyword |
|
vsphere.cluster.name |
Cluster name. |
keyword |
|
vsphere.cluster.network.count |
Number of Networks associated with the cluster. |
long |
gauge |
vsphere.cluster.network.names |
List of all the Network names associated with the cluster. |
keyword |
|
vsphere.cluster.triggered_alarms.description |
Description of the alarm. |
keyword |
|
vsphere.cluster.triggered_alarms.entity_name |
Name of the entity associated with the alarm. |
keyword |
|
vsphere.cluster.triggered_alarms.id |
Unique identifier for the alarm. |
keyword |
|
vsphere.cluster.triggered_alarms.name |
Name of the alarm. |
keyword |
|
vsphere.cluster.triggered_alarms.status |
Status of the alarm. |
keyword |
|
vsphere.cluster.triggered_alarms.triggered_time |
Time when the alarm was triggered. |
date |
|
vsphere.cluster.warning.names |
List of all the warnings on this Cluster. |
keyword |
Datastore
editThis data stream collects datastore metrics from VMware vSphere, including performance statistics such as capacity, usage, read/write operations, latency, and throughput.
Example
An example event for datastore looks as following:
{
"@timestamp": "2024-09-02T10:04:25.122Z",
"agent": {
"ephemeral_id": "4da294a3-ad54-47f4-92c7-544e1356a0d8",
"id": "b01ab3cf-51ad-4c4d-87bd-fc2d4aa59d8a",
"name": "elastic-agent-76236",
"type": "metricbeat",
"version": "8.16.0"
},
"data_stream": {
"dataset": "vsphere.datastore",
"namespace": "86691",
"type": "metrics"
},
"ecs": {
"version": "8.11.0"
},
"elastic_agent": {
"id": "b01ab3cf-51ad-4c4d-87bd-fc2d4aa59d8a",
"snapshot": true,
"version": "8.16.0"
},
"event": {
"agent_id_status": "verified",
"dataset": "vsphere.datastore",
"duration": 190147614,
"ingested": "2024-09-02T10:04:27Z",
"module": "vsphere"
},
"host": {
"architecture": "x86_64",
"containerized": true,
"hostname": "elastic-agent-76236",
"id": "e744630f9d4f43dc818e497d221bd0b2",
"ip": [
"172.18.0.4",
"172.21.0.2"
],
"mac": [
"02-42-AC-12-00-04",
"02-42-AC-15-00-02"
],
"name": "elastic-agent-76236",
"os": {
"codename": "focal",
"family": "debian",
"kernel": "5.15.153.1-microsoft-standard-WSL2",
"name": "Ubuntu",
"platform": "ubuntu",
"type": "linux",
"version": "20.04.6 LTS (Focal Fossa)"
}
},
"metricset": {
"name": "datastore",
"period": 10000
},
"service": {
"address": "https://svc-vsphere-metrics:8989/sdk",
"type": "vsphere"
},
"vsphere": {
"datastore": {
"disk": {
"capacity": {
"usage": {
"bytes": 520505786368
},
"bytes": 1610344300544
},
"provisioned": {
"bytes": 520505786368
}
},
"capacity": {
"free": {
"bytes": 37120094208
},
"total": {
"bytes": 74686664704
},
"used": {
"bytes": 37566570496,
"pct": 0.502988996026061
}
},
"fstype": "OTHER",
"host": {
"count": 1,
"names": "DC0_H0"
},
"name": "LocalDS_0",
"read": {
"bytes": 1024
},
"status": "green",
"vm": {
"count": 4,
"names": [
"DC0_C0_RP0_VM0",
"DC0_C0_RP0_VM1",
"DC0_H0_VM0",
"DC0_H0_VM1"
]
},
"write": {
"bytes": 450560
}
}
}
}
ECS Field Reference
Refer to the ECS Field Reference for detailed information on ECS fields.
Exported fields
| Field | Description | Type | Unit | Metric Type |
|---|---|---|---|---|
@timestamp |
Event timestamp. |
date |
||
agent.id |
keyword |
|||
cloud.account.id |
The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. |
keyword |
||
cloud.availability_zone |
Availability zone in which this host, resource, or service is located. |
keyword |
||
cloud.instance.id |
Instance ID of the host machine. |
keyword |
||
cloud.provider |
Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean. |
keyword |
||
cloud.region |
Region in which this host, resource, or service is located. |
keyword |
||
container.id |
Unique container id. |
keyword |
||
data_stream.dataset |
Data stream dataset. |
constant_keyword |
||
data_stream.namespace |
Data stream namespace. |
constant_keyword |
||
data_stream.type |
Data stream type. |
constant_keyword |
||
event.dataset |
Event dataset |
constant_keyword |
||
event.module |
Event module |
constant_keyword |
||
host.containerized |
If the host is a container. |
boolean |
||
host.name |
Name of the host. It can contain what |
keyword |
||
host.os.build |
OS build information. |
keyword |
||
host.os.codename |
OS codename, if any. |
keyword |
||
service.address |
Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). |
keyword |
||
vsphere.datastore.alert.names |
List of all the alerts on this Datastore. |
keyword |
||
vsphere.datastore.capacity.free.bytes |
Free bytes of the datastore. |
long |
byte |
gauge |
vsphere.datastore.capacity.total.bytes |
Total bytes of the datastore. |
long |
byte |
gauge |
vsphere.datastore.capacity.used.bytes |
Used bytes of the datastore. |
long |
byte |
gauge |
vsphere.datastore.capacity.used.pct |
Percentage of datastore capacity used. |
scaled_float |
percent |
gauge |
vsphere.datastore.disk.capacity.bytes |
Configured size of the datastore. |
long |
gauge |
|
vsphere.datastore.disk.capacity.usage.bytes |
The amount of storage capacity currently being consumed by datastore. |
long |
gauge |
|
vsphere.datastore.disk.provisioned.bytes |
Amount of storage set aside for use by a datastore. |
long |
gauge |
|
vsphere.datastore.fstype |
Filesystem type. |
keyword |
||
vsphere.datastore.host.count |
Number of hosts associated with the datastore. |
long |
gauge |
|
vsphere.datastore.host.names |
List of all the host names associated with the datastore. |
keyword |
||
vsphere.datastore.name |
Datastore name. |
keyword |
||
vsphere.datastore.read.bytes |
Rate of reading data from the datastore. |
long |
byte |
gauge |
vsphere.datastore.status |
Status of the datastore. |
keyword |
||
vsphere.datastore.triggered_alarms.description |
Description of the alarm. |
keyword |
||
vsphere.datastore.triggered_alarms.entity_name |
Name of the entity associated with the alarm. |
keyword |
||
vsphere.datastore.triggered_alarms.id |
Unique identifier for the alarm. |
keyword |
||
vsphere.datastore.triggered_alarms.name |
Name of the alarm. |
keyword |
||
vsphere.datastore.triggered_alarms.status |
Status of the alarm. |
keyword |
||
vsphere.datastore.triggered_alarms.triggered_time |
Time when the alarm was triggered. |
date |
||
vsphere.datastore.vm.count |
Number of VMs associated with the datastore. |
long |
gauge |
|
vsphere.datastore.vm.names |
List of all the VM names associated with the datastore. |
keyword |
||
vsphere.datastore.warning.names |
List of all the warnings on this Datastore. |
keyword |
||
vsphere.datastore.write.bytes |
Rate of writing data to the datastore. |
long |
byte |
gauge |
Datastore cluster
editDatastore clusters in vSphere group multiple datastores for optimized management and automated load balancing, ensuring efficient storage utilization and simplified administration.
Example
An example event for datastorecluster looks as following:
{
"@timestamp": "2024-09-22T05:28:46.315Z",
"agent": {
"ephemeral_id": "8b7e9ea4-0517-4e98-a795-b6fe529f4a2f",
"id": "7737279e-51e9-4d90-a0d0-2c12dc4446bf",
"name": "elastic-agent-23128",
"type": "metricbeat",
"version": "8.15.2"
},
"data_stream": {
"dataset": "vsphere.datastorecluster",
"namespace": "65218",
"type": "metrics"
},
"ecs": {
"version": "8.11.0"
},
"elastic_agent": {
"id": "7737279e-51e9-4d90-a0d0-2c12dc4446bf",
"snapshot": true,
"version": "8.15.2"
},
"event": {
"agent_id_status": "verified",
"dataset": "vsphere.datastorecluster",
"duration": 10772332,
"ingested": "2024-09-22T05:28:49Z",
"module": "vsphere"
},
"host": {
"architecture": "x86_64",
"containerized": true,
"hostname": "elastic-agent-23128",
"id": "57723763cd1b4ff48e54a505de4ebe6c",
"ip": [
"192.168.240.2",
"192.168.255.5"
],
"mac": [
"02-42-C0-A8-F0-02",
"02-42-C0-A8-FF-05"
],
"name": "elastic-agent-23128",
"os": {
"codename": "focal",
"family": "debian",
"kernel": "3.10.0-1160.118.1.el7.x86_64",
"name": "Ubuntu",
"platform": "ubuntu",
"type": "linux",
"version": "20.04.6 LTS (Focal Fossa)"
}
},
"metricset": {
"name": "datastorecluster",
"period": 20000
},
"service": {
"address": "https://svc-vsphere-metrics:8989/sdk",
"type": "vsphere"
},
"tags": [
"vsphere-datastorecluster"
],
"vsphere": {
"datastorecluster": {
"capacity": {
"bytes": 0
},
"datastore": {
"count": 0
},
"free_space": {
"bytes": 0
},
"name": "DC0_POD0"
}
}
}
ECS Field Reference
Refer to the ECS Field Reference for detailed information on ECS fields.
Exported fields
| Field | Description | Type | Unit | Metric Type |
|---|---|---|---|---|
@timestamp |
Event timestamp. |
date |
||
agent.id |
keyword |
|||
cloud.account.id |
The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. |
keyword |
||
cloud.availability_zone |
Availability zone in which this host, resource, or service is located. |
keyword |
||
cloud.instance.id |
Instance ID of the host machine. |
keyword |
||
cloud.provider |
Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean. |
keyword |
||
cloud.region |
Region in which this host, resource, or service is located. |
keyword |
||
container.id |
Unique container id. |
keyword |
||
data_stream.dataset |
Data stream dataset. |
constant_keyword |
||
data_stream.namespace |
Data stream namespace. |
constant_keyword |
||
data_stream.type |
Data stream type. |
constant_keyword |
||
event.dataset |
Event dataset |
constant_keyword |
||
event.module |
Event module |
constant_keyword |
||
host.name |
Name of the host. It can contain what |
keyword |
||
service.address |
Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). |
keyword |
||
vsphere.datastorecluster.alert.names |
List of all the alerts on this Datastore Cluster. |
keyword |
||
vsphere.datastorecluster.capacity.bytes |
Total capacity of this storage pod, in bytes. |
long |
byte |
gauge |
vsphere.datastorecluster.datastore.count |
Number of datastores in the Datastore Cluster. |
long |
gauge |
|
vsphere.datastorecluster.datastore.names |
List of all the Datastore names associated with the Datastore Cluster. |
keyword |
||
vsphere.datastorecluster.free_space.bytes |
Total free space on this storage pod, in bytes. |
long |
byte |
gauge |
vsphere.datastorecluster.name |
The Datastore Cluster name. |
keyword |
||
vsphere.datastorecluster.triggered_alarms.description |
Description of the alarm. |
keyword |
||
vsphere.datastorecluster.triggered_alarms.entity_name |
Name of the entity associated with the alarm. |
keyword |
||
vsphere.datastorecluster.triggered_alarms.id |
Unique identifier for the alarm. |
keyword |
||
vsphere.datastorecluster.triggered_alarms.name |
Name of the alarm. |
keyword |
||
vsphere.datastorecluster.triggered_alarms.status |
Status of the alarm. |
keyword |
||
vsphere.datastorecluster.triggered_alarms.triggered_time |
Time when the alarm was triggered. |
date |
||
vsphere.datastorecluster.warning.names |
List of all the warnings on this Datastore Cluster. |
keyword |
Host
editThis data stream collects host metrics from VMware vSphere, including performance statistics such as CPU usage, memory usage, disk I/O, and network activity.
Example
An example event for host looks as following:
{
"@timestamp": "2024-10-03T04:09:10.462Z",
"agent": {
"ephemeral_id": "c13fd262-b655-4a62-a5f7-dda2f497332f",
"id": "036bbeff-9b4f-497d-846d-d5562d328109",
"name": "docker-fleet-agent",
"type": "metricbeat",
"version": "8.15.2"
},
"data_stream": {
"dataset": "vsphere.host",
"namespace": "default",
"type": "metrics"
},
"ecs": {
"version": "8.11.0"
},
"elastic_agent": {
"id": "036bbeff-9b4f-497d-846d-d5562d328109",
"snapshot": true,
"version": "8.15.2"
},
"event": {
"agent_id_status": "verified",
"dataset": "vsphere.host",
"duration": 83416967,
"ingested": "2024-10-03T04:09:20Z",
"module": "vsphere"
},
"host": {
"architecture": "x86_64",
"containerized": true,
"hostname": "docker-fleet-agent",
"id": "57723763cd1b4ff48e54a505de4ebe6c",
"ip": [
"172.18.0.7"
],
"mac": [
"02-42-AC-12-00-07"
],
"name": "docker-fleet-agent",
"os": {
"codename": "focal",
"family": "debian",
"kernel": "5.15.153.1-microsoft-standard",
"name": "Ubuntu",
"platform": "ubuntu",
"type": "linux",
"version": "20.04.6 LTS (Focal Fossa)"
}
},
"metricset": {
"name": "host",
"period": 20000
},
"service": {
"address": "https://172.18.0.4:8989/sdk",
"type": "vsphere"
},
"tags": [
"vsphere-host"
],
"vsphere": {
"host": {
"cpu": {
"free": {
"mhz": 4521
},
"total": {
"mhz": 4588
},
"used": {
"mhz": 67,
"pct": 0.015
}
},
"datastore": {
"count": 4,
"names": [
"LocalDS_0",
"LocalDS_1",
"LocalDS_2",
"LocalDS_3"
]
},
"disk": {
"read": {
"bytes": 142336
},
"total": {
"bytes": 1492992
},
"write": {
"bytes": 1895424
}
},
"memory": {
"free": {
"bytes": 2822230016
},
"total": {
"bytes": 4294430720
},
"used": {
"bytes": 1472200704,
"pct": 0.343
}
},
"name": "DC0_H0",
"network": {
"bandwidth": {
"received": {
"bytes": 702464
},
"total": {
"bytes": 1538048
},
"transmitted": {
"bytes": 564224
}
},
"count": 3,
"names": [
"DC0_DVPG0",
"DVS0-DVUplinks-10",
"VM Network"
],
"packets": {
"multicast": {
"received": {
"count": 97
}
},
"received": {
"count": 11933
},
"transmitted": {
"count": 8801
}
}
},
"network_names": [
"DC0_DVPG0",
"DVS0-DVUplinks-10",
"VM Network"
],
"status": "gray",
"uptime": 77229,
"vm": {
"count": 2,
"names": [
"DC0_H0_VM0",
"DC0_H0_VM1"
]
}
}
}
}
ECS Field Reference
Refer to the ECS Field Reference for detailed information on ECS fields.
Exported fields
| Field | Description | Type | Unit | Metric Type |
|---|---|---|---|---|
@timestamp |
Event timestamp. |
date |
||
agent.id |
keyword |
|||
cloud.account.id |
The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. |
keyword |
||
cloud.availability_zone |
Availability zone in which this host, resource, or service is located. |
keyword |
||
cloud.instance.id |
Instance ID of the host machine. |
keyword |
||
cloud.provider |
Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean. |
keyword |
||
cloud.region |
Region in which this host, resource, or service is located. |
keyword |
||
container.id |
Unique container id. |
keyword |
||
data_stream.dataset |
Data stream dataset. |
constant_keyword |
||
data_stream.namespace |
Data stream namespace. |
constant_keyword |
||
data_stream.type |
Data stream type. |
constant_keyword |
||
event.dataset |
Event dataset |
constant_keyword |
||
event.module |
Event module |
constant_keyword |
||
host.name |
Name of the host. It can contain what |
keyword |
||
service.address |
Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). |
keyword |
||
vsphere.host.alert.names |
List of all the alerts on this Host. |
keyword |
||
vsphere.host.cpu.free.mhz |
Free CPU in MHz. |
long |
gauge |
|
vsphere.host.cpu.total.mhz |
Total CPU in MHz. |
long |
counter |
|
vsphere.host.cpu.used.mhz |
Used CPU in MHz. |
long |
gauge |
|
vsphere.host.cpu.used.pct |
CPU Utilization % of the host |
scaled_float |
percent |
gauge |
vsphere.host.datastore.count |
Number of datastores on the host. |
long |
gauge |
|
vsphere.host.datastore.names |
List of all the datastore names. |
keyword |
||
vsphere.host.disk.capacity.usage.bytes |
The amount of storage capacity currently being consumed by or on the entity. |
long |
byte |
gauge |
vsphere.host.disk.devicelatency.average.ms |
Average amount of time it takes to complete an SCSI command from physical device in milliseconds. |
long |
ms |
gauge |
vsphere.host.disk.latency.total.ms |
Highest latency value across all disks used by the host in milliseconds. |
long |
ms |
gauge |
vsphere.host.disk.read.bytes |
Average number of bytes read from the disk each second. |
long |
byte |
gauge |
vsphere.host.disk.total.bytes |
Sum of disk read and write rates each second in bytes. |
long |
byte |
gauge |
vsphere.host.disk.write.bytes |
Average number of bytes written to the disk each second. |
long |
byte |
gauge |
vsphere.host.memory.free.bytes |
Free Memory in bytes. |
long |
byte |
gauge |
vsphere.host.memory.total.bytes |
Total Memory in bytes. |
long |
byte |
gauge |
vsphere.host.memory.used.bytes |
Used Memory in bytes. |
long |
byte |
gauge |
vsphere.host.memory.used.pct |
Memory utilization % of the host |
scaled_float |
percent |
gauge |
vsphere.host.name |
Host name. |
keyword |
||
vsphere.host.network.bandwidth.received.bytes |
Average rate at which data was received during the interval. This represents the bandwidth of the network. |
long |
byte |
gauge |
vsphere.host.network.bandwidth.total.bytes |
Sum of network transmitted and received rates in bytes during the interval. |
long |
byte |
gauge |
vsphere.host.network.bandwidth.transmitted.bytes |
Average rate at which data was transmitted during the interval. This represents the bandwidth of the network. |
long |
byte |
gauge |
vsphere.host.network.count |
Number of networks on the host. |
long |
gauge |
|
vsphere.host.network.names |
List of all the network names. |
keyword |
||
vsphere.host.network.packets.dropped.received.count |
Number of received packets dropped. |
long |
gauge |
|
vsphere.host.network.packets.dropped.total.count |
Total number of packets dropped. |
long |
gauge |
|
vsphere.host.network.packets.dropped.transmitted.count |
Number of transmitted packets dropped. |
long |
gauge |
|
vsphere.host.network.packets.errors.received.count |
Number of packets with errors received. |
long |
gauge |
|
vsphere.host.network.packets.errors.total.count |
Total number of packets with errors. |
long |
gauge |
|
vsphere.host.network.packets.errors.transmitted.count |
Number of packets with errors transmitted. |
long |
gauge |
|
vsphere.host.network.packets.multicast.received.count |
Number of multicast packets received. |
long |
gauge |
|
vsphere.host.network.packets.multicast.total.count |
Total number of multicast packets. |
long |
gauge |
|
vsphere.host.network.packets.multicast.transmitted.count |
Number of multicast packets transmitted. |
long |
gauge |
|
vsphere.host.network.packets.received.count |
Number of packets received. |
long |
gauge |
|
vsphere.host.network.packets.transmitted.count |
Number of packets transmitted. |
long |
gauge |
|
vsphere.host.network_names |
Network names. |
keyword |
||
vsphere.host.status |
The overall health status of a host in the vSphere environment. |
keyword |
||
vsphere.host.triggered_alarms.description |
Description of the alarm. |
keyword |
||
vsphere.host.triggered_alarms.entity_name |
Name of the entity associated with the alarm. |
keyword |
||
vsphere.host.triggered_alarms.id |
Unique identifier for the alarm. |
keyword |
||
vsphere.host.triggered_alarms.name |
Name of the alarm. |
keyword |
||
vsphere.host.triggered_alarms.status |
Status of the alarm. |
keyword |
||
vsphere.host.triggered_alarms.triggered_time |
Time when the alarm was triggered. |
date |
||
vsphere.host.uptime |
The total uptime of a host in seconds within the vSphere environment. |
long |
gauge |
|
vsphere.host.vm.count |
Number of virtual machines on the host. |
long |
gauge |
|
vsphere.host.vm.names |
List of all the VM names. |
keyword |
||
vsphere.host.warning.names |
List of all the warnings on this Host. |
keyword |
Network
editThis data stream gathers metrics and status information related to VMware vSphere networks, including network accessibility, connected hosts and virtual machines, configuration health, and network type.
Example
An example event for network looks as following:
{
"@timestamp": "2024-09-22T21:01:42.635Z",
"agent": {
"ephemeral_id": "b4116483-d4c6-4860-b93d-f0d8091cc838",
"id": "ff0ab35a-1abe-47a1-aee7-6d70362e4335",
"name": "docker-fleet-agent",
"type": "metricbeat",
"version": "8.15.2"
},
"data_stream": {
"dataset": "vsphere.network",
"namespace": "default",
"type": "metrics"
},
"ecs": {
"version": "8.11.0"
},
"elastic_agent": {
"id": "ff0ab35a-1abe-47a1-aee7-6d70362e4335",
"snapshot": true,
"version": "8.15.2"
},
"event": {
"agent_id_status": "verified",
"dataset": "vsphere.network",
"duration": 10826519,
"ingested": "2024-09-22T21:01:43Z",
"module": "vsphere"
},
"host": {
"architecture": "x86_64",
"containerized": true,
"hostname": "elastic-agent-23128",
"id": "57723763cd1b4ff48e54a505de4ebe6c",
"ip": [
"192.168.240.2",
"192.168.255.5"
],
"mac": [
"02-42-C0-A8-F0-02",
"02-42-C0-A8-FF-05"
],
"name": "elastic-agent-23128",
"os": {
"codename": "focal",
"family": "debian",
"kernel": "3.10.0-1160.118.1.el7.x86_64",
"name": "Ubuntu",
"platform": "ubuntu",
"type": "linux",
"version": "20.04.6 LTS (Focal Fossa)"
}
},
"metricset": {
"name": "network",
"period": 20000
},
"service": {
"address": "https://172.18.0.4:8989/sdk",
"type": "vsphere"
},
"tags": [
"vsphere-network"
],
"vsphere": {
"network": {
"accessible": true,
"config": {
"status": "green"
},
"name": "VM Network",
"status": "green",
"type": "Network"
}
}
}
ECS Field Reference
Refer to the ECS Field Reference for detailed information on ECS fields.
Exported fields
| Field | Description | Type | Metric Type |
|---|---|---|---|
@timestamp |
Event timestamp. |
date |
|
agent.id |
keyword |
||
cloud.account.id |
The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. |
keyword |
|
cloud.availability_zone |
Availability zone in which this host, resource, or service is located. |
keyword |
|
cloud.instance.id |
Instance ID of the host machine. |
keyword |
|
cloud.provider |
Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean. |
keyword |
|
cloud.region |
Region in which this host, resource, or service is located. |
keyword |
|
container.id |
Unique container id. |
keyword |
|
data_stream.dataset |
Data stream dataset. |
constant_keyword |
|
data_stream.namespace |
Data stream namespace. |
constant_keyword |
|
data_stream.type |
Data stream type. |
constant_keyword |
|
event.dataset |
Event dataset |
constant_keyword |
|
event.module |
Event module |
constant_keyword |
|
host.containerized |
If the host is a container. |
boolean |
|
host.name |
Name of the host. It can contain what |
keyword |
|
service.address |
Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). |
keyword |
|
vsphere.network.accessible |
Indicates whether at least one host is configured to provide this network. |
boolean |
|
vsphere.network.alert.names |
List of all the alerts on this network. |
keyword |
|
vsphere.network.config.status |
Indicates whether the system has detected a configuration issue. |
keyword |
|
vsphere.network.host.count |
Number of hosts connected to this network. |
long |
gauge |
vsphere.network.host.names |
List of all the hosts connected to this network. |
keyword |
|
vsphere.network.name |
Name of the network. |
keyword |
|
vsphere.network.status |
General health of the network. |
keyword |
|
vsphere.network.triggered_alarms.description |
Description of the alarm. |
keyword |
|
vsphere.network.triggered_alarms.entity_name |
Name of the entity associated with the alarm. |
keyword |
|
vsphere.network.triggered_alarms.id |
Unique identifier for the alarm. |
keyword |
|
vsphere.network.triggered_alarms.name |
Name of the alarm. |
keyword |
|
vsphere.network.triggered_alarms.status |
Status of the alarm. |
keyword |
|
vsphere.network.triggered_alarms.triggered_time |
Time when the alarm was triggered. |
date |
|
vsphere.network.type |
Type of the network (e.g., Network(Standard), DistributedVirtualport). |
keyword |
|
vsphere.network.vm.count |
Number of virtual machines connected to this network. |
long |
gauge |
vsphere.network.vm.names |
List of all the virtual machines connected to this network. |
keyword |
|
vsphere.network.warning.names |
List of all the warnings on this network. |
keyword |
Resourcepool
editResource pools in vSphere enable the allocation and management of CPU and memory resources across groups of virtual machines.
Example
An example event for resourcepool looks as following:
{
"@timestamp": "2024-09-12T05:55:54.148Z",
"agent": {
"ephemeral_id": "54ea1b28-d61c-4277-b98b-e33e38c7f1b5",
"id": "36c6eb08-679d-4a9f-b436-fe550cb77ad2",
"name": "elastic-agent-85448",
"type": "metricbeat",
"version": "8.16.0"
},
"data_stream": {
"dataset": "vsphere.resourcepool",
"namespace": "63631",
"type": "metrics"
},
"ecs": {
"version": "8.11.0"
},
"elastic_agent": {
"id": "36c6eb08-679d-4a9f-b436-fe550cb77ad2",
"snapshot": true,
"version": "8.16.0"
},
"event": {
"agent_id_status": "verified",
"dataset": "vsphere.resourcepool",
"duration": 21732347,
"ingested": "2024-09-12T05:55:57Z",
"module": "vsphere"
},
"host": {
"architecture": "x86_64",
"containerized": true,
"hostname": "elastic-agent-85448",
"ip": [
"192.168.249.6",
"192.168.251.2"
],
"mac": [
"02-42-C0-A8-F9-06",
"02-42-C0-A8-FB-02"
],
"name": "elastic-agent-85448",
"os": {
"family": "",
"kernel": "4.18.0-348.7.1.el8_5.x86_64",
"name": "Wolfi",
"platform": "wolfi",
"type": "linux",
"version": "20230201"
}
},
"metricset": {
"name": "resourcepool",
"period": 10000
},
"service": {
"address": "https://svc-vsphere-metrics:8989/sdk",
"type": "vsphere"
},
"tags": [
"vsphere-resourcepool"
],
"vsphere": {
"resourcepool": {
"fingerprint": "IqGup33ooQgbWIgSs7+sAcX4MDo=",
"name": "Resources",
"status": "green"
}
}
}
ECS Field Reference
Refer to the ECS Field Reference for detailed information on ECS fields.
Exported fields
| Field | Description | Type | Unit | Metric Type |
|---|---|---|---|---|
@timestamp |
Event timestamp. |
date |
||
agent.id |
keyword |
|||
cloud.account.id |
The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. |
keyword |
||
cloud.availability_zone |
Availability zone in which this host, resource, or service is located. |
keyword |
||
cloud.instance.id |
Instance ID of the host machine. |
keyword |
||
cloud.provider |
Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean. |
keyword |
||
cloud.region |
Region in which this host, resource, or service is located. |
keyword |
||
container.id |
Unique container id. |
keyword |
||
data_stream.dataset |
Data stream dataset. |
constant_keyword |
||
data_stream.namespace |
Data stream namespace. |
constant_keyword |
||
data_stream.type |
Data stream type. |
constant_keyword |
||
host.name |
Name of the host. It can contain what |
keyword |
||
service.address |
Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). |
keyword |
||
vsphere.resourcepool.alert.names |
List of all the alerts on this resourcepool. |
keyword |
||
vsphere.resourcepool.cpu.demand.mhz |
Basic CPU performance statistics, in MHz. |
long |
gauge |
|
vsphere.resourcepool.cpu.entitlement.mhz |
The amount of CPU resource, in MHz, that this VM is entitled to, as calculated by DRS. |
long |
gauge |
|
vsphere.resourcepool.cpu.entitlement.static.mhz |
The static CPU resource entitlement for a virtual machine. |
long |
gauge |
|
vsphere.resourcepool.cpu.usage.mhz |
Basic CPU performance statistics, in MHz. |
long |
gauge |
|
vsphere.resourcepool.fingerprint |
Unique ID to avoid duplications and to identify the unique resourcepool. |
keyword |
||
vsphere.resourcepool.memory.ballooned.bytes |
The size of the balloon driver in a virtual machine, in bytes. |
long |
byte |
gauge |
vsphere.resourcepool.memory.compressed.bytes |
The amount of compressed memory currently consumed by VM, in bytes. |
long |
byte |
gauge |
vsphere.resourcepool.memory.entitlement.bytes |
The amount of memory, in bytes, that this VM is entitled to, as calculated by DRS. |
long |
byte |
gauge |
vsphere.resourcepool.memory.entitlement.static.bytes |
The static memory resource entitlement for a virtual machine, in bytes. |
long |
byte |
gauge |
vsphere.resourcepool.memory.overhead.bytes |
The amount of memory resource (in bytes) that will be used by a virtual machine above its guest memory requirements. |
long |
byte |
gauge |
vsphere.resourcepool.memory.overhead.consumed.bytes |
The amount of overhead memory, in bytes, currently being consumed to run a VM. |
long |
byte |
gauge |
vsphere.resourcepool.memory.private.bytes |
The portion of memory, in bytes, that is granted to a virtual machine from non-shared host memory. |
long |
byte |
gauge |
vsphere.resourcepool.memory.shared.bytes |
The portion of memory, in bytes, that is granted to a virtual machine from host memory that is shared between VMs. |
long |
byte |
gauge |
vsphere.resourcepool.memory.swapped.bytes |
The portion of memory, in bytes, that is granted to a virtual machine from the host’s swap space. |
long |
byte |
gauge |
vsphere.resourcepool.memory.usage.guest.bytes |
Guest memory utilization statistics, in bytes. |
long |
byte |
gauge |
vsphere.resourcepool.memory.usage.host.bytes |
Host memory utilization statistics, in bytes. |
long |
byte |
gauge |
vsphere.resourcepool.name |
The name of the resourcepool. |
keyword |
||
vsphere.resourcepool.status |
The overall health status of a host in the vSphere environment. |
keyword |
||
vsphere.resourcepool.triggered_alarms.description |
Description of the alarm. |
keyword |
||
vsphere.resourcepool.triggered_alarms.entity_name |
Name of the entity associated with the alarm. |
keyword |
||
vsphere.resourcepool.triggered_alarms.id |
Unique identifier for the alarm. |
keyword |
||
vsphere.resourcepool.triggered_alarms.name |
Name of the alarm. |
keyword |
||
vsphere.resourcepool.triggered_alarms.status |
Status of the alarm. |
keyword |
||
vsphere.resourcepool.triggered_alarms.triggered_time |
Time when the alarm was triggered. |
date |
||
vsphere.resourcepool.vm.count |
Number of virtual machines on the resourcepool. |
long |
gauge |
|
vsphere.resourcepool.vm.names |
Names of virtual machines on the resourcepool. |
keyword |
||
vsphere.resourcepool.warning.names |
List of all the warnings on this resourcepool. |
keyword |
Virtual Machine
editThis data stream collects virtual machine metrics from VMware vSphere, including performance statistics such as status, uptime, CPU usage, memory usage, and network activity.
Example
An example event for virtualmachine looks as following:
{
"@timestamp": "2024-09-02T09:44:14.128Z",
"agent": {
"ephemeral_id": "2d60906e-b972-4981-a356-c57ccb79108b",
"id": "8ea73fb3-a0a0-4270-aad6-e88edb8b385a",
"name": "elastic-agent-55444",
"type": "metricbeat",
"version": "8.16.0"
},
"data_stream": {
"dataset": "vsphere.virtualmachine",
"namespace": "64133",
"type": "metrics"
},
"ecs": {
"version": "8.11.0"
},
"elastic_agent": {
"id": "8ea73fb3-a0a0-4270-aad6-e88edb8b385a",
"snapshot": true,
"version": "8.16.0"
},
"event": {
"agent_id_status": "verified",
"dataset": "vsphere.virtualmachine",
"duration": 52726937,
"ingested": "2024-09-02T09:44:17Z",
"module": "vsphere"
},
"host": {
"architecture": "x86_64",
"containerized": true,
"hostname": "elastic-agent-55444",
"id": "e744630f9d4f43dc818e497d221bd0b2",
"ip": [
"127.28.12.4",
"127.28.12.2"
],
"mac": [
"02-42-AC-12-00-04",
"02-42-AC-14-00-02"
],
"name": "elastic-agent-55444",
"os": {
"codename": "focal",
"family": "debian",
"kernel": "127.15.128.1-microsoft-standard-WSL2",
"name": "Ubuntu",
"platform": "ubuntu",
"type": "linux",
"version": "20.04.6 LTS (Focal Fossa)"
}
},
"metricset": {
"name": "virtualmachine",
"period": 10000
},
"service": {
"address": "https://localhost:8989/sdk",
"type": "vsphere"
},
"vsphere": {
"virtualmachine": {
"name": "xt0nmfpv9",
"uptime": 5348978,
"status": "green",
"host": {
"id": "host-32",
"hostname": "localhost.com"
},
"cpu": {
"free": {
"mhz": 0
},
"used": {
"mhz": 161
},
"total": {
"mhz": 0
}
},
"network": {
"names": [
"PROD_VCF_VMS"
],
"count": 1
},
"memory": {
"used": {
"guest": {
"bytes": 686817280
},
"host": {
"bytes": 29027729408
}
},
"total": {
"guest": {
"bytes": 68719476736
}
},
"free": {
"guest": {
"bytes": 68032659456
}
}
},
"network_names": [
"PROD_VCF_VMS"
],
"datastore": {
"count": 1,
"names": [
"VxRailtoup-Virtual-Datastore-bc1d-5aa310fb"
]
},
"os": "CentOS 4/5/6/7 (64-bit)",
"snapshot": {
"info": [
{
"id": 1,
"name": "VM Snapshot 7%2f3%2f2024, 4:01:21 PM",
"description": "Created to demo",
"createtime": "2024-07-03T20:01:34.329Z",
"state": "poweredOn"
},
{
"createtime": "2024-07-05T23:35:40.859Z",
"state": "poweredOn",
"id": 2,
"name": "VM Snapshot 7%2f5%2f2024, 7:35:37 PM",
"description": "backup"
}
],
"count": 2
}
}
}
}
ECS Field Reference
Refer to the ECS Field Reference for detailed information on ECS fields.
Exported fields
| Field | Description | Type | Unit | Metric Type |
|---|---|---|---|---|
@timestamp |
Event timestamp. |
date |
||
agent.id |
keyword |
|||
cloud.account.id |
The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. |
keyword |
||
cloud.availability_zone |
Availability zone in which this host, resource, or service is located. |
keyword |
||
cloud.instance.id |
Instance ID of the host machine. |
keyword |
||
cloud.provider |
Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean. |
keyword |
||
cloud.region |
Region in which this host, resource, or service is located. |
keyword |
||
container.id |
Unique container id. |
keyword |
||
data_stream.dataset |
Data stream dataset. |
constant_keyword |
||
data_stream.namespace |
Data stream namespace. |
constant_keyword |
||
data_stream.type |
Data stream type. |
constant_keyword |
||
event.dataset |
Event dataset |
constant_keyword |
||
event.module |
Event module |
constant_keyword |
||
host.containerized |
If the host is a container. |
boolean |
||
host.name |
Name of the host. It can contain what |
keyword |
||
host.os.build |
OS build information. |
keyword |
||
host.os.codename |
OS codename, if any. |
keyword |
||
service.address |
Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). |
keyword |
||
vsphere.virtualmachine.alert.names |
List of all the alerts on this virtualmachine. |
keyword |
||
vsphere.virtualmachine.cpu.free.mhz |
Available CPU in Mhz. |
long |
gauge |
|
vsphere.virtualmachine.cpu.total.mhz |
Total Reserved CPU in Mhz. |
long |
counter |
|
vsphere.virtualmachine.cpu.used.mhz |
Used CPU in Mhz. |
long |
gauge |
|
vsphere.virtualmachine.custom_fields |
Custom fields. |
object |
||
vsphere.virtualmachine.datastore.count |
Number of datastores associated to this virtualmachine. |
long |
gauge |
|
vsphere.virtualmachine.datastore.names |
Names of the datastore associated to this virtualmachine. |
keyword |
||
vsphere.virtualmachine.host.hostname |
Hostname of the host. |
keyword |
||
vsphere.virtualmachine.host.id |
Host id. |
keyword |
||
vsphere.virtualmachine.memory.free.guest.bytes |
Free Memory of Guest in bytes. |
long |
byte |
gauge |
vsphere.virtualmachine.memory.total.guest.bytes |
Total Memory of Guest in bytes. |
long |
byte |
gauge |
vsphere.virtualmachine.memory.used.guest.bytes |
Used Memory of Guest in bytes. |
long |
byte |
gauge |
vsphere.virtualmachine.memory.used.host.bytes |
Used Memory of Host in bytes. |
long |
byte |
gauge |
vsphere.virtualmachine.name |
Virtual Machine name. |
keyword |
||
vsphere.virtualmachine.network.count |
Number of networks associated to this virtualmachine. |
long |
gauge |
|
vsphere.virtualmachine.network.names |
Names of the networks associated to this virtualmachine. |
keyword |
||
vsphere.virtualmachine.network_names |
Network names. |
keyword |
||
vsphere.virtualmachine.os |
Virtual Machine Operating System name. |
keyword |
||
vsphere.virtualmachine.snapshot.count |
The number of snapshots of this virtualmachine. |
long |
gauge |
|
vsphere.virtualmachine.snapshot.info.createtime |
Snapshot creation time. |
date |
||
vsphere.virtualmachine.snapshot.info.description |
Snapshot description. |
keyword |
||
vsphere.virtualmachine.snapshot.info.id |
Snapshot ID. |
long |
||
vsphere.virtualmachine.snapshot.info.name |
Snapshot name. |
keyword |
||
vsphere.virtualmachine.snapshot.info.state |
Snapshot state (e.g., poweredOn). |
keyword |
||
vsphere.virtualmachine.status |
Overall health and status of a virtual machine. |
keyword |
||
vsphere.virtualmachine.triggered_alarms.description |
Description of the alarm. |
keyword |
||
vsphere.virtualmachine.triggered_alarms.entity_name |
Name of the entity associated with the alarm. |
keyword |
||
vsphere.virtualmachine.triggered_alarms.id |
Unique identifier for the alarm. |
keyword |
||
vsphere.virtualmachine.triggered_alarms.name |
Name of the alarm. |
keyword |
||
vsphere.virtualmachine.triggered_alarms.status |
Status of the alarm. |
keyword |
||
vsphere.virtualmachine.triggered_alarms.triggered_time |
Time when the alarm was triggered. |
date |
||
vsphere.virtualmachine.uptime |
The uptime of the VM in seconds. |
long |
counter |
|
vsphere.virtualmachine.warning.names |
List of all the warnings on this virtualmachine. |
keyword |
Troubleshoot
editIf you encounter issues during the setup or usage of the VMware vSphere integration, in particular with Data Collection Intervals, with agent error messages such as Failed to query performance metrics: ServerFaultCode: A specified parameter was not correct: querySpec.interval, refer to
Supported periods for guidance and resolution.
Changelog
editChangelog
| Version | Details | Kibana version(s) |
|---|---|---|
1.16.2 |
Enhancement (View pull request) |
8.15.2 or higher |
1.16.1 |
Enhancement (View pull request) |
8.15.2 or higher |
1.16.0 |
Enhancement (View pull request) |
8.15.2 or higher |
1.15.0 |
Enhancement (View pull request) Enhancement (View pull request) Enhancement (View pull request) Bug fix (View pull request) Enhancement (View pull request) Enhancement (View pull request) Enhancement (View pull request) Enhancement (View pull request) Enhancement (View pull request) Enhancement (View pull request) Enhancement (View pull request) |
8.15.2 or higher |
1.14.0 |
Enhancement (View pull request) |
8.13.0 or higher |
1.13.0 |
Enhancement (View pull request) |
8.13.0 or higher |
1.12.0 |
Enhancement (View pull request) |
8.12.0 or higher |
1.11.1 |
Enhancement (View pull request) |
8.12.0 or higher |
1.11.0 |
Enhancement (View pull request) |
8.12.0 or higher |
1.10.1 |
Enhancement (View pull request) |
8.10.2 or higher |
1.10.0 |
Enhancement (View pull request) |
8.10.2 or higher |
1.9.2 |
Bug fix (View pull request) |
8.8.0 or higher |
1.9.1 |
Bug fix (View pull request) |
8.8.0 or higher |
1.9.0 |
Enhancement (View pull request) |
8.8.0 or higher |
1.8.0 |
Enhancement (View pull request) |
8.8.0 or higher |
1.7.2 |
Enhancement (View pull request) |
8.7.0 or higher |
1.7.1 |
Enhancement (View pull request) |
8.7.0 or higher |
1.7.0 |
Enhancement (View pull request) |
8.7.0 or higher |
1.6.0 |
Enhancement (View pull request) |
8.7.0 or higher |
1.5.0 |
Enhancement (View pull request) |
8.7.0 or higher |
1.4.0 |
Enhancement (View pull request) |
8.7.0 or higher |
1.3.2 |
Enhancement (View pull request) |
7.15.0 or higher |
1.3.1 |
Bug fix (View pull request) |
7.15.0 or higher |
1.3.0 |
Enhancement (View pull request) |
7.15.0 or higher |
1.2.1 |
Bug fix (View pull request) |
7.15.0 or higher |
1.2.0 |
Enhancement (View pull request) |
7.15.0 or higher |
1.0.1 |
Bug fix (View pull request) |
7.15.0 or higher |
1.0.0 |
Enhancement (View pull request) |
7.15.0 or higher |
0.1.2 |
Enhancement (View pull request) |
— |
0.1.1 |
Enhancement (View pull request) |
— |
0.1.0 |
Enhancement (View pull request) |
— |
0.0.2 |
Bug fix (View pull request) |
— |
0.0.1 |
Enhancement (View pull request) |
— |