If you access SexiLog's web interface by simply typing its IP address into your web browser's address bar, you will see a SexiHome page.
However, you will not see any graphs or events at this time as no logs are currently sent to this SexiLog server.
To redirect logs from your VMware ESXi host to SexiLog, access the web interface of your VMware ESXi host and go to: Host -> Manage -> System -> Advanced settings.
Type "syslog" in the search box at the top right of the table and press Enter.
Next, select the advanced setting “Syslog.global.logHost” and click: Edit option.
In the "New value" box, specify: udp://[ip address of the SexiLog VM]:514.
Which gives in our case: udp://10.0.0.7:514
The Syslog.global.logHost advanced setting has been changed.
In the "Host -> Manage -> Services" menu, verify that the "vmsyslogd" service (Syslog Server) is running.
Now that VMware ESXi is configured to forward logs to a remote syslog server, you need to open the corresponding ports in your VMware ESXi server's firewall.
To do this, go to "Networking -> Firewall Rules", then select the "syslog" rule and click: Actions -> Enable.
The "syslog ruleset was successfuly enabled" message appears.
If you access the SexiLog web interface, you will see that data is now present.
At the top, you can select the period for which you wish to consult the logs.
On the home page, you will first see an "Events over time" graph showing the number of events that have occurred.
Below this graph, you will find the list of these events (All events).
By clicking on the icon representing a folder displayed at the top of the page, you can access different dashboards (SexiBoards):
For more information regarding SexiLog's dashboards (SexiBoards), refer to the "SexiBoards - SexiLog" page of the official website.
Here are some small examples below, but you will find more on the “SexiBoards” page mentioned above.
If you select the "SexiBoard.FailedTo" dashboard, you will see that SexiLog will display all "Failed to..." type events.
As explained previously, the “Kommandantur” dashboard allows you to see what is starting to no longer work.
In our case, we can therefore see that the firewall configuration has been changed several times. This could pose a security problem if this was not intended.
In our case, this is the activation of the "syslog" rule in the firewall of our VMware ESXi host which allows us to authorize the transfer of logs to a remote server (SexiLog in this case).
To redirect VMware vCenter Server (VCSA) logs to SexiLog, connect to port 5480 of your VCSA server as "administrator@vsphere.local" or "root".
Note that the login page is named "VMware Appliance Management" in this case.
Once logged in to the “Appliance Management” page, go to the “Syslog” section and click on the “Configure” link.
To transfer logs from your VCSA server to SexiLog, specify:
Then click Save.
The remote syslog host appears in the list and its connection status is "Accessible" if the remote SexiLog server is turned on and reachable.
Note that VCSA allows you to send a test message to your syslog servers to test whether SexiLog is receiving your logs.
Click Send.
The message "Successfully sent the test message to all syslog servers." appears.
Click "Cancel" to close this window.
VMware 9/23/2022
VMware 4/28/2023
VMware 9/20/2024
VMware 10/18/2024
Pinned content
Contact
® InformatiWeb-Pro.net - InformatiWeb.net 2008-2022 - © Lionel Eppe - All rights reserved.
Total or partial reproduction of this site is prohibited and constitutes an infringement punishable by articles L.335-2 and following of the intellectual property Code.
No comment