Syslog server is a must in all environments. It doesn’t matter if you have 5 or 100 ESXi host or you use NSX or not. Today, we configure Syslog server for VMware NSX components. In my case it will be VMware vRealize Log Insight.

Configuring Syslog server for VMware NSX components

Unfortunately it is not possible to configure Syslog for all components in NSX GUI so in some cases API calls must be used.

API preparation

In my lab I use Google Chrome with application Postman to initiate API calls. Any API client can be used - in my case Postman simply works. I had one issue in Firefox with API calls where self signed certificate had to first added to exceptions and then API calls worked.

To fix issue with self-signed SSL Certificates in Google Chrome follow this excellent link: http://blog.getpostman.com/2014/01/28/using-self-signed-certificates-with-postman/.

NSX Manager

API

Request:

1

PUT https://<nsxmgr-ip</api/1.0/appliance-management/system/syslogserver

Request Body:

1
2
3
4
5

<syslogserver
  <syslogServer192.168.1.15<syslogServer</>
  <port>514</port>
  <protocol>UDP</protocol>
</syslogserver>

To check if Syslog is configured correctly initiate API call.

Request:

1

GET https://<nsxmgr-ip</api/1.0/appliance-management/system/syslogserver

GUI

1. In main GUI click Manage Appliance Settings.
   
2. Click Edit in section Syslog Server.
   
3. Enter Syslog server IP or DNS, port and protocol.
   

Syslog check

After few minutes logs are visible in Syslog server - in my case in vRealize Log Insight.

NSX Controller

NSX Controller Syslog server can be configured only using API call. To configure Syslog server for controllers you need controller IDs. You can find them in GUI.

API

Request:

1

POST https://<nsxmgr-ip</api/2.0/vdn/controller/{controller-id}/syslog

Request Body:

1
2
3
4
5
6

<controllerSyslogServer>
  <syslogServer>192.168.1.15</syslogServer>
  <port>514</port>
  <protocol>UDP</protocol>
  <level>INFO</level>
</controllerSyslogServer>

Once pushed you can check if settings are applied.

Request:

1

GET https://<nsxmgr-ip</api/2.0/vdn/controller/{controller-id}/syslog

Proceed with configuration on remaining controllers.

Syslog check

NSX EDGE

In order to configure NSX Edge Services Gateway it is required to know its ID. It can be found in NSX Edges page.

API

Request:

1

PUT https://<nsx-mgr-ip</api/4.0/edges/edgeId/syslog/config

Request Body:

1
2
3
4
5
6

<syslog>
   <protocol>udp</protocol>
   <serverAddresses>
      <ipAddress>192.168.1.15</ipAddress>
   </serverAddresses>
</syslog>

GUI

1. Click on NSX Edges and select EDGE to configure Syslog.
2. In Configuration section click Change to enable Syslog.
3. Enter Syslog IP address or FQND, protocol and click OK.
   

Syslog check

I had to manually initiate an event in my lab.

NSX DLR

Let’s finish configuring Syslog server for VMware NSX components with Distributed Logical Router.

API

NSX Distributed Logical Router

Request:

1

PUT https://<nsx-mgr-ip</api/4.0/edges/edgeId/syslog/config

Request Body:

1
2
3
4
5
6

<syslog>
   <protocol>udp</protocol>
   <serverAddresses>
      <ipAddress>192.168.1.15</ipAddress>
   </serverAddresses>
</syslog>

GUI

1. Choose desired DLR to configure and click Change.
2. Enter Syslog IP or FQDN and protocol.
   

Syslog check

Summary

Enabling logging on your critical infrastructure might save you time when you need to quickly troubleshoot issues. It is always good recommendation to use Syslog server.

For other NSX API call please view NSX 6.2 for vSphere API Guide.