1 person found this helpful
When selecting protocols, you could take a look at how a VMware Validated Design is configured:
Communicate with the syslog clients, such as ESXi, vCenter Server, NSX for vSphere, using the default syslog UDP protocol.
- Using the default UDP syslog protocol simplifies configuration for all syslog sources
- UDP syslog protocol is the most common logging protocol that is available across products.
- UDP has a lower performance overhead compared to TCP.
- If the network connection is interrupted, the syslog traffic is lost.
- UDP syslog traffic is not secure.
- UDP syslog protocol does not support reliability and retry mechanisms.
You can of course use TCP or TLS instead.
config.log.outputToSyslog is for sending vpxd.log to your syslog.
We've seen TCP and/or TLS result in the syslog daemon crashing or needing a bounce every once in a while... im just curious for folks using RELP-- if there's much success with it over TCP? Also, I don't see any typical port people use with RELP? Does it require changes to the VCSA firewalls?