I am trying to enable Remote Logging from ESX 3.5 u4 Hosts and I am using a Fedora Core 11 VM as the Logging Server. Trying to go to the next level of security in my environment.
My initial feeling is modify ESX as little as possible. Thereby noting that syslog is installed and enabled out of the box for VMware. This is good.
Fedora Core 11 has switched to rsyslog as a default install but it is not enabled and running out of the box. I have checked "ps axfu | grep rsyslogd" with no services running.
Nowhere have I found what exact modifications that need to be made to the ESX Host (disable syslog and download and install rsyslogd?) to make the client work although I have seen some VMware community conversation about making rsyslog work on ESX Hosts. Again I would like to not touch ESX Host any more than I absolutely need to risking trashing a working Host even though my test host is not actually a production host.
And, although it is not the pervue of this community, I have been unable to find a conversatin on the net to enable rsyslogd on FC 11. I have at least been able to download the packages via the GUI.
I am new at syslog,rsyslog and relatively new at FC especially v11 so please be patient with my confusion.
Thanks ahead of time.
Hasta el próximo día 17-Ago no estaré en la oficina. Para cualquier consulta podéis dirigiros a firstname.lastname@example.org o a vuestro contacto en el departamento comercial.
Disculpad las molestias.
Syslog is also a protocol, so you do not have to change the package on ESX.
First be sure that your rsyslog on Fedora accect remote message (check in your configuration and be sure that UDP port is open).
Then open syslog protocol on ESX firewall and configure syslog to send messages to your rsyslog.
For more info see: