0 Replies Latest reply on Aug 9, 2019 5:17 AM by TSprouse94

    Log Insight - Blank NSX Edge Dashboard

    TSprouse94 Lurker

      NSX Version: 6.4.5

      Log Insight Version: 4.8

      NSX Management Pack: 3.9

       

      When I go to the NSX-vSphere Edge – Firewall dashboards all of them are blank.  If I go to the interactive analysis section that drives each of these individual dashboards, the filters are looking for “vmw_nsx_edge_firewall_action”, which appears to be none.

       

      If in that section, I remove that as a filter I have plenty of hits.  The only vmw_nsx fields I can filter on is as follows:

      vmw_nsx_edge_firewall_dst

      vmw_nsx_edge_firewall_dst_port

      vmw_nsx_edge_firewall_ruleid

      vmw_nsx_edge_firewall_src

      vmw_nsx_edge_firewall_protocol

       

      An example of one of my entries is as follows:

       

      Aug 9 11:54:45 ESG-0 firewall: DROP_131073IN= OUT=vNic_0 SRC=xxx.xxx.xxx.xxx DST=xxx.xxx.xxx.xxx LEN=52 TOS=0x00 PREC=0x00 TTL=126 ID=15402 DF PROTO=TCP SPT=53598 DST=9997 WINDOW=64240 RES=0x00 SYN URGP=0

       

      I assume the “DROP_” portion of the log message should be the “vmw_nsx_edge_firewall_action” piece but doesn’t seem to show up in a filter.  Is it possible the format of the log message was changed in NSX 6.4.5?