I had the chance recently to work with Tripwire and get a good look at their new product, vWire.
Here's Tripwire's description from the user manual:
vWire is a comprehensive management solution that gives virtualization professionals full control
over their virtual environments. To optimize the health and performance of your virtual
infrastructure (VI), vWire:
- Monitors your virtual inventory for critical events and configuration anomalies
- Correlates this data to provide informative insights and context about potential issues
- Acts to prevent and resolve problems.
Consequently, vWire:
- Illuminates and demystifies the state of your VI
- Reduces downtime and operational costs
- Simplifies the maintenance and management of your VI
- Inspires confidence in virtualization across your organization.
In other words, vWire is a tool for quickly locating unusual behavior or configuration issues and creating a process for dealing with those.
What is the vWire interface?
The vWire user interface runs as a web server or VIC plugin. Both instances look and behave identically in supported browsers as well as VIC 2.5 as a plugin. Here's a shot of the web interface right after login:
How's it work?
You can see the modern, clean interface with a well designed work flow. The dashboard screen shows you the alerts that need to be acknowledged or dealt with and the severity of those issues. It also provides a nice scrollable timeline view so you can see when those events triggered . The vWire Community pane provides the latest articles from the vWire forums, and finally a quick search pane to access the vms or hosts.
The next tab to work with is the Alerts tab. Here you can see the list of alerts that need to be dealt with.
I have issues
Storage is filling up. That's good to know, but I have a handle on that. Let's see what those Network Security issues are. We try pretty hard to harden our ESX systems, so I'm interested in what the problem is.
Correlating issues to root cause
After drilling into the issue I can see that the issue exists only on two hosts. One is a Lab Manager host and the issue pertains to the promiscuous mode of the Portgroups. Another is a recent default build of ESX 4.0 during our vSphere roll-out. All explainable events.
Let's see some other tabs. Here's the Search tab in action. I searched for the vm housing my vWire install. I knew I had some snapshots from the installation work. Here I'm using vWire to call PowerShell actions to get the snapshot size for this VM.
Configuring alerts
In the workbench you can configure and tweak the rules of the game. Here are just a portion of the Alert Rules that come preconfigured with vWire. Time for action Here are some of the default actions you can take on a vm, either manually or in association with a rule. The intent here is that you can use the canned actions and add your own to deal automatically with events as they happen. 
Assessment Overall I was pleased with the product's interface, stability, and good feature set. vWire quickly identified multiple, complex issues that would not have been exposed using vCenter alone. vWire let me view critical events, correlate those to the configuration of my environment, and then take actions to remediate the issues.
Tripwire has provided a valuable tool at a reasonable cost and I'd encourage everyone to get a trial copy and see how it works for you. http://www.vwire.com/download/
Be advised that the release version of vWire does not officially support vSphere 4. However, in my testing it did a good job coping with vCenter and ESX 4.0 and support is expected in an upcoming release.
or 
