1 Reply Latest reply on Jun 24, 2013 1:09 PM by lakey81

    Possible bug in Get / Set-VMHostSysLogServer when using SSL?

    jmedd Enthusiast
    vExpert

      Since ESXi 5.0 we have been able to specify different transport protocols to configure for a Syslog server: UDP (default), TCP and SSL. If I want to configure using SSL I need to populate the advanced configuration setting Syslog.global.logHost with something like ssl://192.168.0.100:1514 .

       

      Set-VMHostSysLogServer does not initially appear to support this since the syslog server parameter takes a NamedIPEndPoint type, or if using a string it must support a DNS name or IP format (although I can set the SysLogServerPort to 1514 and get part of the way there). Out of curiosity I tried the following tests in PowerCLI 5.1 U2.

       

      1)

       

      Set-VMHostSysLogServer -SysLogServer "ssl://192.168.0.100" -SysLogServerPort 1514 -VMHost $vmhost

       

      and received the error:

       

      Set-VMHostSysLogServer : 24/06/2013 13:23:23    Set-VMHostSysLogServer        Input string was not in a correct format.

      At line:1 char:1

      + Set-VMHostSysLogServer -SysLogServer "ssl://192.168.0.100" -SysLogServerPort 151 ...

      + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

          + CategoryInfo          : NotSpecified: (:) [Set-VMHostSysLogServer], VimException

          + FullyQualifiedErrorId : Core_BaseCmdlet_UnknownError,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.SetVMHostSysLogServer

       

      However, in the GUI it does actually appear to have worked and the syslog files are appearing on the syslog server:

       

      Syslog1.PNG

       

      If I run:

       

      Get-VMHostSysLogServer -VMHost $vmhost

       

      then I receive a similar error to the above:

       

      Get-VMHostSysLogServer -VMHost $vmhost

      Get-VMHostSysLogServer : 24/06/2013 13:46:21    Get-VMHostSysLogServer        Input string was not in a correct format.  

      At line:1 char:1

      + Get-VMHostSysLogServer -VMHost $vmhost

      + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

          + CategoryInfo          : NotSpecified: (:) [Get-VMHostSysLogServer], VimException

          + FullyQualifiedErrorId : Core_BaseCmdlet_UnknownError,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.GetVMHostSysLogServer

       

      2)

       

      If I try the same test, but use a DNS name for the syslog server instead of IP then I get a different error and the configuration change does not happen:

       

      Set-VMHostSysLogServer -SysLogServer "ssl://syslog01.domain.local" -SysLogServerPort 1514 -VMHost $vmhost

      Set-VMHostSysLogServer : 24/06/2013 13:42:23    Set-VMHostSysLogServer        Unable to configure syslog server information for host '192.168.0.50'. Check the inner

      exception for more details.  

      At line:1 char:1

      + Set-VMHostSysLogServer -SysLogServer "ssl://syslog01.domain.local" -SysLogServer ...

      + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

          + CategoryInfo          : InvalidArgument: (192.168.0.50:VMHostImpl) [Set-VMHostSysLogServer], VimException

          + FullyQualifiedErrorId : Client20_SystemManagementServiceImpl_SetVmHostSysLogServer_ViError,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.SetVMHostSysLogServer

       

      3)

       

      If I set the configuration through the GUI then query with Get-VMHostSysLogSever I receive the error:

       

      Get-VMHostSysLogServer -VMHost $vmhost

      Get-VMHostSysLogServer : 24/06/2013 13:54:38    Get-VMHostSysLogServer        Input string was not in a correct format.  

      At line:1 char:1

      + Get-VMHostSysLogServer -VMHost $vmhost

      + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

          + CategoryInfo          : NotSpecified: (:) [Get-VMHostSysLogServer], VimException

          + FullyQualifiedErrorId : Core_BaseCmdlet_UnknownError,VMware.VimAutomation.ViCore.Cmdlets.Commands.Host.GetVMHostSysLogServer

       

       

       

      Looks to me like some work is required on these cmdlets so they support the new protocol formats?