Syslog on VMware ESXi explained

This article explains the ESXi 5 Syslog in simple terms and its configuration.
As all of you know, logs are critical in troubleshooting any issue and they should be persistent after the system reboot.  Syslog exactly does the same with a couple of options, either to store logs on the persistent scratch partition (local disk/ datastore) or on a remote Syslog server.
How to configure Syslog on ESXi 5.0 from vSphere Client
1.       Login to vsphere client, navigate to the respective ESXi host
2.       Then navigate to "Configuration- Advanced Settings"
3.       Then select “Syslog” and check Syslog.global.logDirUnique (This option places logs in a unique subdirectory of logdir, based on hostname)
4.       And enter your syslog server name in tcp://<Syslog server IP>:514
5.       If you are configuring the syslog to dump log files to local or VMFS datastore, enter datasore details at “Syslog.global.logDir” in “[DatastoreName] DirectoryName/Filename” format
ESXi Syslog configuration
VMware Syslog configuration
To configure Syslog from the command prompt
1.       Login to ESXi host via Putty/ SSH or tech support mode and enter following commands.
esxcli system syslog config set --loghost=udp://xxx.xxx.xxx.xxx:514
2.       To load the new Syslog configuration execute the following command
               
                      esxcli system syslog reload
Screenshot from VMware with the explanation on various syslog settings.

VMware ESXi syslog settings
syslog  Troubleshooting
Error: Call "OptionManager.UpdateValues" for object "EsxHostAdvSettings-1030" on vCenter Server "ESXhost1.local" failed
VMware ESXi Syslog Error
Resolution:
Reason for the above error can be Syslog host, datastore is not reachable or syntax error. First make sure that you are entering the correct details.
  •       Then check whether you can navigate/ connect to the syslog datastore or remote server and try again.
  •       If you still fail, try executing the command from the command prompt to get more understanding of what is happening.
  •       Or execute “esxcli system syslog reload” command and then try configuring the syslog.
  •       Sometimes you get “Failed to resolve remote host” error when you are configuring Syslog from the command prompt. Again it could be because of wrong syntax or there is a firewall between remote syslog server and ESXi host.

    Please share on social media if you found this post helpful. If you have a comment or question, please post and add your voice to the conversation.
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
loading..