If you configure a syslog server for NSX controllers, NSX Manager sends all audit logs and system events to the syslog server. Syslog data is useful for troubleshooting and reviewing data logged during installation and configuration. The only supported method on configuring the syslog server on the NSX controllers is through the NSX API. VMware recommends using UDP as the protocol for syslog.

Procedure

  1. To enable syslog on NSX Controller, use the following NSX API. It adds controller syslog exporter and configures a syslog exporter on the specified controller node.

    Request
    POST https://<nsxmgr-ip>/api/2.0/vdn/controller/{controller-id}/syslog
    Request Body:
    <controllerSyslogServer>
    <syslogServer>10.135.14.236</syslogServer>
    <port>514</port>
    <protocol>UDP</protocol>
    <level>INFO</level>
    </controllerSyslogServer>

  2. You can query the controller syslog exporter and retrieve details about the configured syslog exporter on the specified controller node using the following NSX API.

    Request
    GET https://<nsxmgr-ip>/api/2.0/vdn/controller/{controller-id}/syslog
    Response Body:
    <?xml version="1.0" encoding="UTF-8"?>
    <controllerSyslogServer>
    <syslogServer>10.135.14.236</syslogServer>
    <port>514</port>
    <protocol>UDP</protocol>
    <level>INFO</level>
    </controllerSyslogServer>

  3. If not required, you can delete controller syslog exporter on the specified controller node using the following NSX API.

    Request
    DELETE https://<nsxmgr-ip>/api/2.0/vdn/controller/{controller-id}/syslog

What to do next

For more details on API, refer to NSX API Guide.