You configure the NSX Gateway Firewall to send logs to a central log server.

You perform these procedures on the NSX tier-0 and tier-1 gateway only if your environment uses NSX Edges.

Procedure

  1. In a Web browser, log in to vCenter Server by using the vSphere Client.​

    Setting

    Value

    URL

    https://management-domain-vcenter-server-fqdn/ui​​​

    User name​

    administrator@vsphere.local​

  2. In the VMs and templates inventory, navigate to the NSX Edge node, right-click the appliance, and select Open remote console.
  3. VMW-NSX-01430, VMW-NSX-01511 Configure the NSX Gateway Firewall on the tier-0 and tier-1 gateways to send logs to a central log server.

    You can configure the logging server with the LI-TLS or TLS protocols. You must store the server and client certificates in the /var/vmware/nsx/file-store/ on each NSX Edge appliance.

    1. If you want to configure a TCP syslog server, run the command.
      set logging-server <server-ip or server-name> proto tcp level info
    2. If you want to configure a TLS syslog server, run the command.
      set logging-server <server-ip_/_server-FQDN> proto tls level info serverca ca.pem clientca ca.pem certificate cert.pem key key.pem
    3. If you want to configure a LI-TLS syslog server, run the command.
      set logging-server <server-ip_/_server-FQDN> proto li-tls level info serverca root-ca.crt
    Note:

    Configure the syslog or SNMP server to send an alert if the events server is unable to receive events from the NSX Edge node and if DoS incidents are detected.