0

Practical NSX: Centralised Logging

It is recommended to have a logging system of some sort (Log Insight or other) configured for your NSX components, NSX Manager, NSX Controllers and NSX Edge devices as this not only be handy when troubleshooting but will also give you a better view of what is happening on your environment.

As I don’t have Log Insight currently installed on my lab, I am going to be using a CentOS box as a syslog server. Let’s first go through installing syslog on my linux server, then we will move on to configuring the NSX manager, controllers and edge devices.

Configuring CentOS 7 as a syslog server

I am going to start by updating my box as it’s a fresh install

yum update -y

Then I am going to install rsyslog

sudo yum install rsyslog

Now let’s edit  the rsyslog config file:

Find and uncomment the following lines to make my server listen on port 514 udp and tcp.

I have added  the following lines to create a template for storing the logs forwarded by the clients.

I then created a folder for each device that will be sending the logs. ie nsx-manager and edge-01

Within each folder I created a messages file

Finally I restarted the rsyslog service

systemctl rsyslog restart

Configuring NSX Manager Logging

Login to your NSX manager

Click on Manage Appliance Setting then edit your syslog server details

Configuring DLR and Edge Logging

Networking & Security > NSX Edges > Double click on your edge device > Settings > Configuration > Enter your syslog server details

Configuring NSX Controllers Logging

Logging for NSX Controllers can only be configured via the REST API. I will be using Postman to make my changes. Below is the request body that I will be running against my NSX Manager. Controller-2 is my NSX controller id.

POST https://192.168.0.44/api/2.0/vdn/controller/controller-2/syslog

<controllerSyslogServer>
<syslogServer>192.168.0.9</syslogServer>
<port>514</port>
<protocol>TCP</protocol>
<level>INFO</level>
</controllerSyslogServer>

The response is a 200 so we are good!

Now let’s login to our syslog server and check if our logs are being recorded.

I hope this was post was helpful.

How useful was this post?

Click on a star to rate it!

Average rating / 5. Vote count:

Sharing is caring!

Leave a Reply

Your email address will not be published. Required fields are marked *