Hello
Does anyone know how to get syslog authentification? For the vCenter? For ESXi? vSphere client, webclient and ssh included? I need only the failed logons. I'm trying to find the right file.
Thank you
Hi all
I found the solution (regarding vSphere 5.5)
For ESXi servers:
Go to "Security Profile" in the "Software" area of the "Configuration" tab, check the checkbox "Syslog". The options in the Firewall menu depends on the configuration you wish to have.
Once configured, you will be able to see when false credentials have been used to connect with vSphere Client/web Client or SSH.
For Horizon View, go to the "View Configuration" menu, click on "Event Configuration", in the "Syslog" area, click the "Add" button, enter the IP address of your syslog server and (only) the "UDP Port" number (no TCP option seems to be available) This is almost the same with vShield.
You may configure as you wish the options to receive the logs on you syslog server.
Hope this will help.
Gary
I forgot to say that the concerned version is "5.5".
Hi all
I found the solution (regarding vSphere 5.5)
For ESXi servers:
Go to "Security Profile" in the "Software" area of the "Configuration" tab, check the checkbox "Syslog". The options in the Firewall menu depends on the configuration you wish to have.
Once configured, you will be able to see when false credentials have been used to connect with vSphere Client/web Client or SSH.
For Horizon View, go to the "View Configuration" menu, click on "Event Configuration", in the "Syslog" area, click the "Add" button, enter the IP address of your syslog server and (only) the "UDP Port" number (no TCP option seems to be available) This is almost the same with vShield.
You may configure as you wish the options to receive the logs on you syslog server.
Hope this will help.
Gary