Configure syslog on your ESXI 5.0 via command line

Syslog is a very useful way to centralize your esxi’s 5.0 server logs with one point of view.

vCenter 5.0 provide a syslog services and a simple way to configure the all mechanism but on this article I am going to use a free syslog service instead of using the vcenter syslog service.

First to know, syslog is using port 514 UDP, so u must be aware if you’re are using a firewall on the way.

Note: the configuration cannot be performed using the vicfg-syslog command any more.

On esxi 5.0 most system configuration is taking place with ESXCLI command which VMware expand on version 5.0.

1. From the esxi shell or using ssh through putty open prompt

2. Esxcli system syslog config get

a.

3. To set new configuration we use this command:

a. Esxcli system syslog config set –loghost=’tcp://192.168.0.100:514’ –default-rotate=10 –default-size=5

b. The –default-rotate option means how many logs to keep before overwrite the first log that are saved locally on your esxi ( FIFO ) and the –default-size configure each log file size.

c. You can also specify a directory for those logs by using the –logdir=/path/logs

4. After changing those option u can again verify using:

a. Esxcli system syslog config get

b.

5. Don’t forget to reload the service

a. Esxcli system syslog reload

6. The result on my syslog server ( whats up gold )

7.

If you cant see anything in the syslog, u may need to open the firewall port on your esxi 5.0 host:

esxcli network firewall ruleset set –ruleset-id=syslog –enabled=true
esxcli network firewall refresh

Regards,

Shay Hyams

Advertisements