Knowledge
- Identify content contained in technical support bundles
- Product specific diagnostic logs.
- Identify where to locate component/service specific log information
- All log information is sent to the configured syslog servers
- Explain usage of CLI for logging
- The CLI can be used to show log information
- NSX Manager
- Show manager log
- Show manager log last
- NSX Edge
- Show log
- Show log follow
- Show log last
- Show log reverse
- NSX Manager
- The CLI can be used to show log information
- Configure Syslog(s)
- NSX Manager
- Log in to the NSX Manager virtual appliance
- Under Appliance Management, click Manage Appliance Settings.
- From the Settings panel, click General.
- Click Edit next to Syslog Server.
- Type the IP address of the syslog server.
- Type the port and protocol for the syslog server.
If you do not specify a port, the default UDP port for the IP address/host name of the syslog server is used. - Click OK.
- NSX Edge
- Log in to the vSphere Web Client.
- Click Networking & Security and then click NSX Edges.
- Double-click a NSX Edge.
- Click the Manage tab and then click the Settings tab.
- In the Details panel, click Change next to Syslog servers.
- Type the IP address of both remote syslog servers and select the protocol.
- Click OK to save the configuration.
- NSX Controller
- The only way to configure syslog export on the NSX controllers is by the REST API
- Request:
POST https:///api/2.0/vdn/controller/{controller-id}/syslog - Request Body:
<ip address>
514
UDP
INFO
- Request:
- The only way to configure syslog export on the NSX controllers is by the REST API
- Firewall
- You must configure the remote syslog server for each cluster that has firewall enabled. The remote syslog server is specified in the Syslog.global.logHost attribute
- NSX Manager
- Configure logging for Dynamic Routing information
- Log in to the vSphere Web Client.
- Click Networking & Security and then click NSX Edges.
- Double-click a Distributed Router.
- Click the Manage tab and then click the Routing tab.
- Select Global Configuration and click Edit by Dynamic Routing Configuration
- Click Enable Logging to log Dynamic Routing Config traffic, and select the log level.
Generated logs are sent to the syslog server. - Click Ok.
- Log Distributed Firewall rule processing information
- Log in to the vSphere Web Client.
- Click Networking & Security and then click NSX Edges.
- Double-click a Distributed Router.
- Click the Manage tab and then click the Firewall tab.
- For each rule to log, click on the [+] by “Accept”
- In the Pop-up box click Log to log traffic matched by that rule.
Generated logs are sent to the syslog server. - Click Ok.
- Log Edge Firewall rule processing information
- Log in to the vSphere Web Client.
- Click Networking & Security and then click NSX Edges.
- Double-click a NSX Edge.
- Click the Manage tab and then click the Firewall tab.
- For each rule to log, click on the [+] by “Accept”
- In the Pop-up box click Log to log traffic matched by that rule.
Generated logs are sent to the syslog server. - Click Ok.
- Log address translation information
- Log in to the vSphere Web Client.Click Networking & Security and then click NSX Edges.
- Double-click a NSX Edge.
- Click the Manage tab and then click the NAT tab.
- For each rule to log, click on the rule to select it, then click the Edit (Pencil) icon
- In the Pop-up box click Enable logging to log traffic matched by that rule.
Generated logs are sent to the syslog server. - Click Ok.
- Log VPN traffic
- Log in to the vSphere Web Client.
- Click Networking & Security and then click NSX Edges.
- Double-click a NSX Edge.
- Click the Manage tab and then click the VPN tab.
- Expand the Logging Policy subsection
- Click Enable Logging to log VPN traffic and select the log level.
Generated logs are sent to the syslog server. - Click Ok.
- Configure basic/advanced Load Balancer logging
- Basic
- Log in to the vSphere Web Client.
- Click Networking & Security and then click NSX Edges.
- Double-click a NSX Edge.
- Click the Manage tab and then click the Load Balancer tab.
- Click Edit
- Scroll to the bottom and click Logging to log LB traffic and select the log level.
Generated logs are sent to the syslog server. - Click Ok.
- Advanced
By default, NSX load balancer supports basical logging. You can create an application rule as follows to view more detailed logging messages for troubleshooting.
# log the name of the virtual server
capture request header Host len 32# log the amount of data uploaded during a POST
capture request header Content-Length len 10# log the beginning of the referrer
capture request header Referer len 20# server name (useful for outgoing proxies only)
capture response header Server len 20# logging the content-length is useful with “option logasap”
capture response header Content-Length len 10# log the expected cache behaviour on the response
capture response header Cache-Control len 8# the Via header will report the next proxy’s name
capture response header Via len 20# log the URL location during a redirection
capture response header Location len 20After you associate the application rule to the virtual server, logs include detailed messages
- Basic
- Log DHCP assignments
- Log in to the vSphere Web Client.
- Click Networking & Security and then click NSX Edges.
- Double-click a NSX Edge.
- Click the Manage tab and then click the DHCP tab.
- Click Enable Logging to log DHCP traffic and select the log level.
Generated logs are sent to the syslog server. - Click Ok.
- Log DNS resolutions
- Log in to the vSphere Web Client.
- Click Networking & Security and then click NSX Edges.
- Double-click a NSX Edge.
- Click the Manage tab and then click the Settings tab.
- In the DNS Configuration panel, click Change.
- Click Enable Logging to log DNS traffic and select the log level.
Generated logs are sent to the syslog server. - Click Ok.
- Log security policy session information
- Log in to the vSphere Web Client.
- Click Networking & Security and then click Service Composer.
- Click the Security Policies tab.
- Select the Security Policy to which you wish to add logging.
- Click the Manage tab then Information Security
- Select Firewall Rules then click Edit
- Select the Rule to add logging to, and click the Edit (Pencil) icon
- Scroll down, and select Log, click OK
- Click OK
- Repeat for the Network Introspection Services
- Download NSX Edge tech support logs
- Log in to the vSphere Web Client.
- Click Networking & Security and then click NSX Edges.
- Select an NSX Edge instance.
- Click the “More Actions” icon and select Download Tech Support Logs.
- After the tech support logs are generated, click Download.
- In the Select location for download dialog box, browse to the directory where you want to save the log file.
- Click Save.
- Click Close.
- Generate NSX Manager tech support logs
- Log in to the NSX Manager virtual appliance.
- Under Appliance Management, click Manage Appliance Settings.
- Click and then click Download Tech Support Log.
- Click Download.
- After the log is ready, click the Save to download the log to your desktop.
The log is compressed and has the file extension .gz.
Tools
- NSX Administration Guide
- NSX Command Line Interface Reference Guide
- NSX Edge CLI
- vSphere Web Client
- Log Insight
- Syslog
Pingback: VMware VCP-NV NSX Study Resources | darrylcauldwell.com