How to Configure centralized logging for the NSX Manager 6.x.x, NSX Controllers and NSX Edge devices

In my previous article discussed about VMware NSX Manager 6.x.x Backup and Restore and in this article I am going to discuss how to Configure centralized logging for the NSX Manager 6.x.x, NSX Controllers and NSX Edge devices.

In the production environment it is always recommenced to have remote log collector server configured, so that NSX Manager 6.x.x, NSX Controllers and NSX Edge devices sends all audit logs and system events from  NSX Manager 6.x.x, NSX Controllers and NSX Edge devices to the syslog server. This will be handy to troubleshoot or to get the final RCA in the event of any issue.

Let’s start with configuring syslog server for NSX Manager:-

1. Login to the VMware NSX Manager Virtual Appliance with Admin account.b1
2. Go to Manage –> General –> Click Edit in the Syslog Server section.p13. Provide Syslog Server, Port and Protocol details in the syslog server window and Click OK to test and save the  settings.p2

4. Once it is saved. It will show the settings like below.p3This is how we can configure Syslog server for NSX Manager.


Next is how to Configure Syslog Server for VMware NSX controllers :-

For NSX Controllers only supported method to configure syslog Server is through the NSX API. And using Rest API we need to push Syslog Server details on all the NSX controllers one by one.

Before we go ahead and push the syslog server on NSX controllers through REST API, We need to enable/Add REST API client to the browser. You can search for Rest API Client for the browser for Chrome or Mozilla and Add to the Browser.

api1

api2

Once you are done with adding REST API plug-in to your browser. There are couple of thing that needs to be remember.

REST API requests requires Authentication  header and Content-Type as application/xml to send HTTP body.

api4

Now we are ready to send the request body to configure Syslog Server for NSX controllers.

Open the Rest Client to set the request body to configure Syslog for NSX for vSphere Controllers. Make sure you have selected the Method as POST and URL as https://<NSX Manager IP>/api/2.0/vdn/controller/{controller-id}/syslog where controller-id is the name of NSX controller and can be found on the NSX Installation page.

HTTP Request body has to be this:

<controllerSyslogServer>
<syslogServer>x.x.x.x</syslogServer>
<port>514</port>
<protocol>UDP</protocol>
<level>INFO</level>
</controllerSyslogServer>

api3

This is how we can configure Syslog Server on NSX Controllers. If you want to DELETE the Syslog exporter use below request:-

Method :- DELETE and URL:- https://<NSX-Manager-IP>/api/2.0/vdn/controller/{controller-ID}/syslog.


How to configure Syslog Server for Distributed Logical Router.

1.  Login to vCenter Server using vSphere Web Client and choose Networking and Security –> NSX Edges –> and Double click on Logical Router.lrs1

2. Under Manage –> Settings –> Configuration click on Change under Syslog Servers.LRs2

3. Enter the Syslog Server and Protocol details in the Edit Syslog Server Configuration page and Click OK.LRs3

4. Now we can see Syslog is configured and ready to send all the logs to Remote Server.LRs4


How to configure Syslog Server for NSX Edge.

1.  Login to vCenter Server using vSphere Web Client and choose Networking and Security –> NSX Edges –> and Double click on NSX Edge.DRS1

2. Under Manage –> Settings –> Configuration click on Change under Syslog Servers.DRS2

3. Enter the Syslog Server and Protocol details and Click OK.

DRS4

That’s All. This is how you can configure Syslog Server for NSX Manager, NSX Controllers and NSX Edges.

Thank you and Happy learning 🙂

 

Leave a Reply

Your email address will not be published. Required fields are marked *

*