I have deployment where some hosts (DMZ hosts) are on different VLANs than the vRLI appliance, and all we need to do is open the appropriate ports on firewall to allow hosts forward logs to vRLI, see: vRealize Log Insight Firewall Recommendations
Adding another vNIC to the LI appliances is not supported today. ACL/NAT/network changes outside the VA are the recommended way to achieve this today. You could also vote for this feature request: Add multiple NICs to Log Insight. I hope this helps.