In the System Logging pane, you can configure system logging in TAS for VMs to forward log messages from TAS for VMs component VMs to an external service. VMware recommends forwarding logs to an external service for use in troubleshooting. If you do not fill these fields, platform logs are not forwarded but remain available on the component VMs and for download through Tanzu Operations Manager.

Note This procedure explains how to configure system logging for TAS for VMs component VMs. To forward logs from Operations Manager tiles to an external service, you must also configure system logging in each tile. For more information about configuring system logging, see the documentation for the given tiles.

To configure the System Logging pane:

  1. Select System Logging.

  2. For Syslog server address, enter the hostname or IP address of the syslog server.

  3. For Syslog server port, enter the port of the syslog server. The default port for a syslog server is 514.

    Important The host must be reachable from the TAS for VMs network and accept UDP or TCP connections. Ensure that the syslog server listens on external interfaces.

  4. For Transport protocol, select a transport protocol for log forwarding.

  5. (Optional) For Environment identifier, enter a custom label (e.g. the name of your foundation) to include in the structured data of forwarded syslog messages with the parameter name environment.

  6. For TLS encryption, select one of the following options:

    • Use: Configures TAS for VMs to use TLS encryption when forwarding logs to a remote server. If you select this option, configure the following fields:
    • For Permitted peer, enter either the name or SHA1 fingerprint of the remote peer.
    • For CA certificate, enter the CA certificate for the remote server.
    • Do not use: TAS for VMs does not use TLS encryption when forwarding logs to a remote server.
  7. (Optional) To include security events in the log stream, select the Log Cloud Controller security events check box. When this check box is selected, TAS for VMs logs all API requests in the Common Event Format (CEF), including the endpoint, user, source IP address, and request result.

  8. (Optional) To transmit logs over TCP, select the Use TCP for file forwarding local transport check box. This prevents log truncation, but might cause performance issues.

  9. The Do not forward debug logs check box is selected by default. To forward DEBUG syslog messages to an external service, deselect the check box.

    Note Some TAS for VMs components generate a high volume of DEBUG syslog messages. Selecting the Do not forward debug logs check box prevents TAS for VMs components from forwarding the DEBUG syslog messages to external services. However, TAS for VMs still writes the messages to the local disk.

  10. For Custom rsyslog configuration, enter a custom syslog rule. For more information about adding custom syslog rules, see Customizing platform log forwarding.

  11. Configure how TAS for VMs emits app logs and app metrics for ingestion in your deployment. The options include:

    • Use existing Firehose integrations for app metric and app log ingestion.
    • Preserve existing Firehose integrations for app metrics, but use an alternate method for app log ingestion.
    • Deactivate all Firehose integrations and use alternate methods for both app log and app metric ingestion.

      The following table provides the configuration procedures for each option. For more information about each field, see the Field Descriptions table.
    Option Configuration Procedure
    Use existing Firehose app log and metrics integrations
    1. Activate Enable V1 Firehose.
    2. Activate Enable V2 Firehose.
    3. Deactivate Do not forward app logs to the Firehose.
    4. (Optional) Configure Aggregate syslog drain destinations.
    Preserve existing Firehose integrations for app metrics, but use an alternate method for app log ingestion
    Caution Do not use this option if your deployment depends on partner log integrations.
    1. Activate Enable V1 Firehose.
    2. Activate Enable V2 Firehose.
    3. Activate Do not forward app logs to the Firehose.
    4. Configure Aggregate syslog drain destinations.

    Deactivate all Firehose integrations and use alternate methods for both app log and app metric ingestion
    Caution Do not use this option if your deployment depends on any of these:
    • Service tile metrics
    • Healthwatch or App Metrics
    • Metric Registrar
    • Partner log or metric integrations

    1. Deactivate Enable V1 Firehose.
    2. Deactivate Enable V2 Firehose.
    3. Deactivate Do not forward app logs to the Firehose.
    4. Configure Aggregate syslog drain destinations.
    5. Scale the Doppler Server and Loggregator Trafficcontroller instance groups to zero in the Resource Config pane. See Resources for more information.

     

    Field Descriptions:
    The following table provides more details on field values:

    Field Name Description
    Enable V1 Firehose Selected by default. When this check box is selected, logs and metrics flow to the Loggregator V1 Firehose.
    Enable V2 Firehose Selected by default. When this check box is selected, logs and metrics flow to the Loggregator V2 Firehose.
    Send default Loggregator drain metadata Selected by default. When this check box is selected, TAS for VMs sends all metadata in app and aggregate syslog drains. Deselect this check box can reduce logging to external databases by up to 50 percent.
    Do not forward app logs to the Firehose Deselected by default. When this check box is selected, TAS for VMs prevents the Firehose from emitting app logs, but still allows the Firehose to emit app metrics. Deactivating logs in Firehose helps reduce the load on TAS for VMs by allowing you to scale down Doppler and Traffic Controller VMs.
    Aggregate syslog drain destinations Specify zero or more aggregate syslog drains. Aggregate syslog drains forward all app logs on your foundation to the endpoints that you provide in this field:
    • Syslog Drain URL:: Enter the endpoint in the format: syslog://HOSTNAME:PORT. To use TLS for sending logs, specify syslog-tls://HOSTNAME:PORT.
    • Certificate Authority: (Optional) Enter the Certificate Authority (CA) certificate to trust for the endpoint.
    • Client Certificate: (Optional) Enter the client certificate and private key to be used for mTLS communication with the endpoint.

    CautionIn earlier versions of TAS for VMs multiple aggregate syslog drains were entered by using a comma-separated list. This is no longer supported and endpoints should be added individually.

  12. (Optional) For System metrics scrape interval, the default value is 1m, which configures TAS for VMs to send BOSH system metrics to your logging endpoint once per minute. To configure TAS for VMs to send metrics more or less frequently, modify the value in this field. For example, enter 2m to send metrics every two minutes, or 10s to send metrics every ten seconds. VMware recommends configuring a minimum interval of five seconds, or 5s.

  13. (Optional) For OpenTelemetry Collector Metric Exporters (beta), the default value is empty, which deactivates the beta OpenTelemetry Aggregate Metric Egress support. To configure TAS for VMs to send metrics over the OpenTelemetry protocol, enter valid OpenTelemetry Collector Exporter YAML configuration in this text box. See Configuring the OpenTelemetry Collector for examples of how to configure exporters. Currently TAS for VMs provides support for a limited number of OpenTelemetry Collector Exporters, including the OTLP exporter. Note that this feature is in beta and may still change in significant ways.

    Caution If you configure a metric exporter that listens on a port, ensure that the port is not claimed by a TAS for VMs component on any of the VMs in your deployment.

  14. Click Save.

To configure Tanzu Operations Manager for system logging, see Settings page in Using the Tanzu Operations Manager interface.

check-circle-line exclamation-circle-line close-line
Scroll to top icon