VMware Cloud Community
Gene_H
Enthusiast
Enthusiast
‎03-25-2009 08:40 AM

Does anyone have any experience with using LogRhythm to consolidate and manage ESX logs?

We have the LogRhythm product for consolidation and management of Windows logs and I know that it can receive syslogs from ESX, however I don't know how to filter the ESX syslogs once it is in LogRhythm.

Does anyone have any experience with this product? I really don't want to re-invent the wheel if someone already has an ESX specific template.

Gene

0 Kudos
2 Replies
vspherercp
Contributor
Contributor
‎01-12-2011 07:20 AM

Gene,

We are looking to do the same thing. Have you gotten any feedback on this?

Mike

0 Kudos
Texiwill
Leadership
Leadership
‎01-13-2011 08:23 AM

Hello,

LogRythm works great with the service console as it is looked at as Linux device. It should do the same for ESXi log files. There will be quite a bit of creation of rules for LogRythm for vSphere if you want vSphere specific log analysis.... If you do, do this, perhaps you could post to the forum a document to cover this to help others?

Best regards,

Edward L. Haletky

Communities Moderator, VMware vExpert,

Author: VMware vSphere and Virtual Infrastructure Security,VMware ESX and ESXi in the Enterprise 2nd Edition

Podcast: The Virtualization Security Podcast Resources: The Virtualization Bookshelf

--
Edward L. Haletky
vExpert XIV: 2009-2023,
VMTN Community Moderator
vSphere Upgrade Saga: https://www.astroarch.com/blogs
GitHub Repo: https://github.com/Texiwill
0 Kudos