You can enable logging for an edge gateway. In addition to enabling logging for the features for which you want to collect log data, to complete the configuration, you must have a Syslog server to receive the collected log data. When you configure a Syslog server on the Edge Settings screen, you are able to access the logged data from that Syslog server.

Prerequisites

  • Verify that you are an organization administrator or you are assigned a role that includes an equivalent set of rights.
  • Verify that your role includes the Configure System Logging right.

Procedure

  1. Open Edge Gateway Services.
    1. In the top navigation bar, click Networking and click Edge Gateways.
    2. Select the edge gateway that you want to edit and click Services.
  2. On the Edge Settings tab, click the Edit Syslog server button.

    You can customize the Syslog server for the networking-related logs of your edge gateway for those services that have logging enabled.

    If the VMware Cloud Director system administrator has already configured a Syslog server for the VMware Cloud Director environment, the system uses that Syslog server by default and its IP address is displayed on the Edge Settings screen.

  3. Enable logging per feature.
    • On the NAT tab, click the DNAT Rule button, and turn on the Enable logging toggle.

      Logs the address translation.

    • On the NAT tab, click the SNAT Rule button, and turn on the Enable logging toggle.

      Logs the address translation.

    • On the Routing tab, click Routing Configuration, and under Dynamic Routing Configuration, turn on the Enable logging toggle.

      Logs the dynamic routing activities. From the Log Level drop-down menu, you can select the lower bound of the message status level to log.

    • On the Load Balancer tab, click Global Configuration, and turn on the Enable logging toggle.

      Logs the traffic flow for the load balancer. From the Log Level drop-down menu, you can select the lower bound of the message status level to log.

    • On the VPN tab, navigate to IPSec VPN > Logging Settings, and turn on the Enable logging toggle.

      Logs the traffic flow between the local subnet and peer subnet. From the Log Level drop-down menu, you can select the lower bound of the message status level to log.

    • On the SSL VPN-Plus tab, click General Settings, and turn on the Enable logging toggle.

      Maintains a log of the traffic passing through the SSL VPN gateway.

    • On the SSL VPN-Plus tab, click Server Settings, and turn on the Enable logging toggle.

      Logs the activities that occur on the SSL VPN server, for Syslog. From the Log Level drop-down menu, you can select the lower bound of the message status level to log.