I am trying to send my Esxi hosts logs to a Graylog server listening on port 8514 and while I can configure the host to send it on this port, I am having a tough time configuring the firewall to allow the outgoing traffic. By simply enabling the firewall required in the host only allows outgoing on 514. How do I change it to 8514 in my case?
Thanks!
The link you posted should be good as well.
VMware KB provided earlier still works. Try accessing this --> https://kb.vmware.com/s/article/2005304
Hi @junior466 ,
This can be configured by specifying the port number along with the syslog server address in ESXi host's syslog configuration. Syslog.global.logHost: tcp://hostname:514 or udp://hostname:514 or ssl://hostname:514
Please refer these articles --> Configuring syslog on ESXi & Adding a third-party firewall extension to ESXi
Hope that helps
@ashilkrishnan Sorry for the late reply. I configured Syslog.global.logHost as needed but need to create a custom rule for port 8514 but that link you posted is not working. I found this article but not sure if it's the correct way.
The link you posted should be good as well.
VMware KB provided earlier still works. Try accessing this --> https://kb.vmware.com/s/article/2005304
@ashilkrishnan Thanks! I got it working. I followed the KB and created a simple .XML file with the required port without having to edit the original. Is it default behavior for it not to persist after reboot? I noticed that my custom .XML file is deleted after restarting the host.
Glad to hear that. Save those article's and procedures for next time.
Please mark my comment as the Correct Answer/Kudos if this solution resolved your problem