Anyone know how or have any experience configuring NSX to foward logs to Log Insight over SSL/TLS?
Log insight is listening on port 6514 for examples so I assume it is waiting for connection over TLS however if I set NSX to use 1514 or 6514 instead of 514 (un-encrypted) the syslog engine on NSX shuts down until I revert back to port 514 and it starts up again:
syslog-ng shutting down / syslog-ng starting up
Is there some extra configuration required with API possibly or certificate requirements? NSX documentation says to use 514 - is TLS/SSL not supported?
Anyone know how or have any experience configuring NSX to foward logs to Log Insight over SSL/TLS?
Configure a Syslog Server for NSX Manager
Thanks in advance
Chris
VMware Support have following response:
"...engineering explicitly states that forwarding logs from NSX Manager over SSL/TLS isn't supported..."
"That particular PR was open because the Required Ports documentation use to have the TLS column for port 514 set to "Yes" which obviously implied it was supported."
"Based on that PR, the documentation was updated to set to the TLS column to "No"."
"...documentation doesn't list port 1514 or 6514 and explicitly states that TLS isn't supported on port 514..."
https://docs.vmware.com/en/VMware-NSX-Data-Center-for-vSphere/6.4/com.vmware.nsx.upgrade.doc/GUID-E7...
Hi Raymundo
Thank you for your help
I'm trying to configure NSX to forward logs to Log Insight over SSL/TLS (port 1514 or 6514) but seems NSX will only forward the logs on port 514
Just looking for some clarity around NSX support for sending logs to Log Insight over SSL/TLS (port 1514 or 6514). Is it supported? and if so.. is there extra configuration required since just setting the port doesn't seem to do it?
Chris
VMware Support have following response:
"...engineering explicitly states that forwarding logs from NSX Manager over SSL/TLS isn't supported..."
"That particular PR was open because the Required Ports documentation use to have the TLS column for port 514 set to "Yes" which obviously implied it was supported."
"Based on that PR, the documentation was updated to set to the TLS column to "No"."
"...documentation doesn't list port 1514 or 6514 and explicitly states that TLS isn't supported on port 514..."
https://docs.vmware.com/en/VMware-NSX-Data-Center-for-vSphere/6.4/com.vmware.nsx.upgrade.doc/GUID-E7...