VMware Cloud Community
jessem
Enthusiast
Enthusiast
‎01-23-2012 06:46 AM

ESXi logging...

so obviously we all know ESXi out of the box has no persistent logging.  I've read a ton of info on using vma, free kiwi, splunk to mention a few.  My goal is to have a centralized syslog server for all my ESXi 4.1. hosts and really capture events for about 2 weeks or so, maybe a month but really nothing beyond that.  The whole purpose is to get logs prior to a host rebooting to troubleshoot.

In anyone's experience and using 'free' options, what's the best method (syslog server; which one?) to handle and execute this without too much manual work...

thx

0 Kudos
3 Replies
Troy_Clavell
Immortal
Immortal
‎01-23-2012 06:49 AM

Hello and Welcome to the Forums!

for our vSphere4 environment we use the vMA.  With that said, vSphere5 no longer supports the vMA as a syslog server.  We are looking to Splunk, going forward, but that is not free.  vSphere5 comes with a syslog collector so, you can install that on your vCenter Host OS, which is "free"

0 Kudos
jessem
Enthusiast
Enthusiast
‎01-23-2012 07:06 AM

the problem is we are not going to upgrade to 5.x for some time.  In the interim, everytime a host reboots, I'm not capturing events that lead up to it.  VMA seems to be pointless now so need something quick and dirty for free...

0 Kudos
Troy_Clavell
Immortal
Immortal
‎01-23-2012 07:09 AM

vMA works great for us... You may look at the guide below for a how to.

http://www.simonlong.co.uk/blog/2010/05/28/using-vma-as-your-esxi-syslog-server/

0 Kudos