Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Configuring ESXi 5.1u1 servers to forward the logs to SysLog server ?

Posted on 2014-10-27
8
Medium Priority
?
485 Views
Last Modified: 2014-11-04
Hi people,

Can anyone please suggest me what is the best way to configure all of my ESXi servers to forward all of the logs to a syslog server ?

Does VMware has their own SysLog server that can be utilized with no additional cost ?

The purpose is to capture all of the server logs before it gets rolled over for further diagnostic.
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
8 Comments
 
LVL 123

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 1332 total points
ID: 40405805
VMware does supply a Syslog server on the vCenter Server installation media.

You can also purchase Log Insight see here

http://www.vmware.com/products/vrealize-log-insight

this has a graphical interface similar to Splunk.

As for configuring for a Syslog Server, you just change the Advanced Settings.

see here

VMware KB: Configuring syslog on ESXi 5.x
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 40405864
So in this case the data will be send over to my Windows VCenter server which will be saved in separate VMDK disk.

Is that possible or is there a u better alternative deployment ?
0
 
LVL 5

Assisted Solution

by:GG VP
GG VP earned 668 total points
ID: 40405890
Yes, you can save it in separate drive (VMDK), please refer to below picture and change the Drive source,

http://www.flickr.com/photos/31838982@N08/5967429123/

http://blogs.vmware.com/vsphere/2011/07/setting-up-the-esxi-syslog-collector.html
0
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 40405891
can I repoint it into a NAS device so the drive is mapped using CIFS share inside the VCenter ?
0
 
LVL 5

Expert Comment

by:GG VP
ID: 40405898
Yes, you can!
0
 
LVL 123

Assisted Solution

by:Andrew Hancock (VMware vExpert / EE MVE^2)
Andrew Hancock (VMware vExpert / EE MVE^2) earned 1332 total points
ID: 40405907
You can use vCenter Server, and install the Syslog Server.

The syslog files just appear as very large text files.

If you require a GUI, I would recommend Log Insight, which is a separate appliance.

You can do different methods, you can use a Syslog Server, or you can change the location of the persistent logs to a datastore, either iSCSI or NFS.

You can then share this NFS export on your NAS, so you can inspect the logs.

This does not require a Syslog.
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 40406047
ok, most probably I'm gonna use the free Syslog buildin feature from the VMware for my purpose.
0
 
LVL 123
ID: 40406056
It's not really built in, it's a separate installation, and not very advanced application, when it comes to Syslogs.

You will see, when you look through your syslogs, you'll get a lot of noise!
0

Featured Post

Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines why you need to choose a backup solution that protects your entire environment – including your VMware ESXi and Microsoft Hyper-V virtualization hosts – not just your virtual machines.
A look at what happened in the Verizon cloud breach.
Teach the user how to configure vSphere clusters to support the VMware FT feature Open vSphere Web Client: Verify vSphere HA is enabled: Verify netowrking for vMotion and FT Logging is in place or create it: Turn On FT for a virtual machine: Verify …
Teach the user how to install log collectors and how to configure ESXi 5.5 for remote logging Open console session and mount vCenter Server installer: Install vSphere Core Dump Collector: Install vSphere Syslog Collector: Open vSphere Client: Config…

664 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question