In this post, quickly i’ll walk through how to Configure the NSX-T components to Forward Log Events to vRealize Log Insight using API.
Once you have VMware vRealize Log Insight (vRLI) designed and deployment, you can use API call to configure your NSX-T components to forward logs to log management servers. In this case i am going to push vRLI VIP FQDN through API call on NSX-T Managers and NSX-T Edges.
- Open POSTMAN and configure Authorization –> Select Basic Auth under TYPE and Provide NSX-T Manager username and Password to allow Postman to talk to NSX-T managers.
2. Next select Headers, set KEY as Content-Type and VALUE as application/json
3. Next Select Body –> raw –> and provide Syslog server, protocol, post and log level you want to sent from NSX-T managers to log insight.
4. Next select POST –> https://xx-m01-nsx01a.xxxxx.com/api/v1/node/services/syslog/exporters and Click Send.
In the lower Body section, it will display content which confirms that syslog settings has successfully pushed on NSX-T Manager.
5. Repeat this for another NSX-T Managers node nsx01b and nsx01c.
POST – https://xx-m01-nsx01b.xxxxx.com/api/v1/node/services/syslog/exporters
POST – https://xx-m01-nsx01c.xxxxx.com/api/v1/node/services/syslog/exporters
6. Now time to verify, Clear the text from Body section and send GET to retrieve configuration data from NSX-T Managers.
GET – https://xx-m01-nsx01a.xxxxx.com/api/v1/node/services/syslog/exporters
In the lower Body section, it retrieves the configured syslog settings from NSX-T Manager.
Configure the NSX-T Edges to Forward Log Events to vRealize Log Insight
Now will Configure the NSX-T Edge nodes to send audit logs and system events to vRealize Log Insight.
To configure on NSX-T Edge nodes first, you retrieve the ID of each edge transport node by using the NSX-T Manager user interface. Then, you use the Postman application to configure log forwarding for all edge transport nodes by sending a post request to each NSX-T Edge request URL.
- Login to NSX-T Manager to retrieve the ID of each edge nodes.
- nsxedge-01 — 16420ffa-d159-41a2-9f02-b4ac30d32636
- nsxedge-02 — 39fe9748-c6ae-4a32-9023-ad610ea87249
2. Here is syntax for edge node – POST – https://xx-m01-nsx01.xxxxx.com/api/v1/transport-nodes/16420ffa-d159-41a2-9f02-b4ac30d32636/node/services/syslog/exporters and Send
3. Now time to verify, Clear the text from Body section and send GET to same url to retrieve configuration data from NSX-T edge node.
Repeat this for rest of the NSX-T edge nodes.
That’s all. Hope you enjoyed reading this post. Feel free to share 🙂