Configure the NSX Controllers and UDLR Control VM instances for the management cluster to forward log information to vRealize Log Insight in Region B. Use the NSX REST API to configure the NSX Controllers. You can use a REST client, such as the RESTClient add-on for Firefox, to enable log forwarding.

Prerequisites

On a Windows host that has access to your data center, install a REST client, such as the RESTClient add-on for Firefox.

Procedure

  1. Log in to the Windows host that has access to your data center.
  2. In a Firefox browser, go to chrome://restclient/content/restclient.html.
  3. Specify the request headers for requests to the NSX Manager.
    1. From the Authentication drop-down menu, select Basic Authentication.
    2. In the Basic Authorization dialog box, enter the following credentials, select Remember me and click Okay.

      Authentication Attribute

      Value

      Username

      admin

      Password

      mngnsx_admin_password

      The Authorization:Basic XXX header appears in the Headers pane.

    3. From the Headers drop-down menu, select Custom Header
    4. In the Request Header dialog box, enter the following header details and click Okay.

      Request Header Attribute

      Value

      Name

      Content-Type

      Value

      application/xml

      The Content-Type:application/xml header appears in the Headers pane.

  4. Contact the NSX Manager to retrieve the IDs of the associated NSX Controllers.
    1. In the Request pane, from the Method drop-down menu, select GET.
    2. In the URL text box, enter https://mgmt01nsxm51.lax01.rainpole.local/api/2.0/vdn/controller and click Send.

      The RESTClient sends a query to the NSX Manager about the installed NSX controllers.

    3. After the NSX Manager sends a response back, click  the Response Body (Preview) tab under Response.

      The response body contains a root <controllers> XML element, which groups the details about the three controllers that form the controller cluster.

    4. Within the <controllers> element, locate the <controller> element for each controller and write down the content of the <id> element. 

      Controller IDs have the controller-id format where id represents the sequence number of the controller in the cluster, for example, controller-2.





  5. For each NSX Controller, send a request to configure vRealize Log Insight as a remote syslog server.
    1. In the Request pane, from the Method drop-down menu, select POST, and in the URL text box, enter the following URL.

      NSX Manager

      NSX Controller in the Controller Cluster

      POST URL

      NSX Manager for the management cluster

      NSX Controller 1

      https://mgmt01nsxm51.lax01.rainpole.local/api/2.0/vdn/controller/<controller1-id>/syslog

      NSX Controller 2

      https://mgmt01nsxm51.lax01.rainpole.local/api/2.0/vdn/controller/<controller2-id>/syslog

      NSX Controller 3

      https://mgmt01nsxm51.lax01.rainpole.local/api/2.0/vdn/controller/<controller3-id>/syslog

    2. In the Request pane, paste the following request body in the Body text box and click Send.
      <controllerSyslogServer>
         <syslogServer>vrli-cluster-51.lax01.rainpole.local</syslogServer>
         <port>514</port>
         <protocol>UDP</protocol>
         <level>INFO</level>
      </controllerSyslogServer> 
      
    3. Repeat the steps for the next NSX Controller.




  6. Verify the syslog configuration on each NSX Controller. 
    1. In the Request pane, from the Method drop-down menu, select GET, and in the URL text box, enter the controller-specific syslog URL from Step 5, and click the SEND button.
    2. After the NSX Manager returns a response, click the Response Body (Preview)  tab under Response.

      The response body contains a root <controllerSyslogServer> element, which represents the settings for the remote syslog server on the NSX Controller.

    3. Verify that the value of the <syslogServer> element is vrli-cluster-51.lax01.rainpole.local.
    4. Repeat the steps for the next NSX Controller. 




  7. Log in to vCenter Server by using the vSphere Web Client.
    1. Open a Web browser and go to https://mgmt01vc51.lax01.rainpole.local/vsphere-client.
    2. Log in using the following credentials.

      Setting

      Value

      User name

      administrator@vsphere.local

      Password

      vsphere_admin_password

  8. Configure the newly deployed UDLR control VM to forward events to vRealize Log Insight in Region B.
    1. From the Home menu of the vSphere Web Client, click Networking & Security.
    2. In the Navigator, click NSX Edges.
    3. Select 172.17.11.65 from the NSX Manager drop-down menu.
    4. Double-click UDLR01.
    5. On the NSX Edge device page, click the Manage tab, click Settings, and click Configuration.
    6. In the Details pane, click Change next to Syslog servers.
    7. In the Edit Syslog Servers Configuration dialog box, in the Syslog Server 1 text box, enter 192.168.32.10 and from the Protocol drop-down menu, select udp.
    8. Click OK.