Monday, 6 December 2010

Setting up Syslogging with VMware vCenter, Free Kiwi Syslog Server, and ESXi

Part 1: Download, install Kiwi Syslog Server on the Virtual Center server


i: On the Virtual Center server, download and install Kiwi Syslog which is currently freely available from:  http://www.solarwinds.com/products/freetools/kiwi_syslog_server/
ii: Extract files from the zip and then run the setup.exe

iii: Agree to the End User License Agreement
iv: Choose to 'Install Kiwi Syslog Server as a Service' and click Next


v: Accept the default -> Install the Service using: The LocalSystem Account, and click Next
vi: Untick 'Install Kiwi Syslog Web Access' (feature not availble in free version,) and click Next
vii: Choose Components - can leave on type = Normal, and click Next
viii: Choose Install Location and click Install
ix: Run Kiwi Syslog Server when the install completes, and click Finish



Part 2: Configure Kiwi Syslog Server

It will work fine with default settings, one thing we might want to do:

From File -> Setup -> Rules -> Default -> Actions -> Log to file

Change the default log file path and file name
Would also be nice to 'Enable Log File Rotation' alas this feature requires the licensed version

Note i: default location is C:\Program Files (x86)\Syslogd\Logs\SyslogCatchAll.txt
Note ii: default UDP listen port of 514 is used
Note iii: The paid for version of Kiwi Syslog Server costs £215 and would be worth buying for the extra features


Part 3: Enable syslog on the ESXi hosts

i: Via the vSphere client - click on an ESXi host and select Configuration tab -> Advanced Settings (under Software)
ii: From Advanced Settings window - in Syslog -> Syslog.Remote.Hostname, enter the DNS name of your Virtual Center Server and click OK


iii: Verify messages are being received and if this is okay then enable for all your ESXi hosts

1 comment:

  1. Title Misleading - this is for logging esxi hosts, not vcenter itself.

    ReplyDelete