You configure the NSX Gateway Firewall to send logs to a central log server.
You perform these procedures on the NSX tier-0 and tier-1 gateway only if your environment uses NSX Edges.
Procedure
- In a Web browser, log in to vCenter Server by using the vSphere Client.
Setting
Value
URL
https://management-domain-vcenter-server-fqdn/ui
User name
administrator@vsphere.local
- In the VMs and templates inventory, navigate to the NSX Edge node, right-click the appliance, and select Open remote console.
VMW-NSX-01430
,VMW-NSX-01511
Configure the NSX Gateway Firewall on the tier-0 and tier-1 gateways to send logs to a central log server.You can configure the logging server with the LI-TLS or TLS protocols. You must store the server and client certificates in the /var/vmware/nsx/file-store/ on each NSX Edge appliance.
- If you want to configure a TCP syslog server, run the command.
set logging-server <server-ip or server-name> proto tcp level info
- If you want to configure a TLS syslog server, run the command.
set logging-server <server-ip_/_server-FQDN> proto tls level info serverca ca.pem clientca ca.pem certificate cert.pem key key.pem
- If you want to configure a LI-TLS syslog server, run the command.
set logging-server <server-ip_/_server-FQDN> proto li-tls level info serverca root-ca.crt
Note:Configure the syslog or SNMP server to send an alert if the events server is unable to receive events from the NSX Edge node and if DoS incidents are detected.
- If you want to configure a TCP syslog server, run the command.