You can configure NSX-T appliances and hypervisors to send log messages to a remote logging server.

About this task

Remote logging is supported on NSX Manager, NSX Controller, NSX Edge appliances. and hypervisors.

You can filter which log messages are sent to the logging server, based on these criteria:

  • level: emerg, alert, crit, err, warning, notice, info, debug

  • facility: codes are defined in RFC 5424. Facility local7 is used for audit messages, and local6 is used for non-audit messages.

  • message ID or category: categories and examples are listed here: Log Message Categories

See the NSX-T Command-Line Reference and NSX-T API Guide for information about related commands and requests.

Prerequisites

  • Configure a remote logging server to receive the logs from NSX-T appliances.

  • Determine what log messages you want to send to the logging server.

Procedure

  1. Log into the NSX-T appliance you want to configure with remote logging.
  2. Configure a logging server with the set logging-server command using the following syntax. Multiple facilities or message IDs can be specified as a comma delimited list, without spaces.
    set logging-server <hostname-or-ip-address[:port]> proto <proto> level <level> [facility <facility>] [messageid <messageid>] [certificate <filename>]

    You can run the command multiple times to add multiple logging server configurations.

    nsx> set logging-server 192.168.110.60 proto udp level info facility syslog messageid SYSTEM,FABRIC
    nsx> set logging-server 192.168.110.60 proto udp level info facility auth,user
  3. (Optional) : View the logging configuration with the get logging-server command.
    nsx> get logging-servers
    192.168.110.60 proto udp level info facility syslog messageid SYSTEM,FABRIC
    192.168.110.60 proto udp level info facility auth,user