Configure the ESG or DLR Control VM to send log entries to a remote syslog server.

Syslog server configuration details shows server IP address as

  • The syslog server must be configured as an IP address, because the ESG/DLR Control VM does not get configured with a DNS resolver.
    • In the ESG’s case, it is possible to “Enable DNS Service” (DNS proxy) that ESG itself will be able to use to resolve DNS names, but generally specifying syslog server as an IP address in a more reliable method with fewer dependencies.
  • There is no way to specify a syslog port in the UI (it is always 514), but protocol (UDP/TCP) can be specified.
  • Syslog messages originate from the IP address of the Edge’s interface that is selected as egress for the syslog server’s IP by the Edge’s forwarding table.
    • For the DLR, the syslog server’s IP address cannot be on any subnets configured on any of the DLR’s “Internal” interfaces. This is because the egress interface for these subnets on the DLR Control VM points to the pseudo-interface “VDR,” which is not connected to the data plane.

By default, logging for the ESG/DLR routing engine is disabled. If required, enable it via UI by clicking “Edit” for the “Dynamic Routing Configuration.”

Dynamic Routing Configuration pane shows that Logging is not enabled on the DLR.

You must also configure the Router ID, which will typically be the IP address of the Uplink interface.