VMware Cloud Community
COS
Expert
Expert
‎06-27-2011 12:10 PM
Jump to solution

Build / Need a syslog server

Is anyone using a syslog server to capture Standalone ESXi host logs? I have a cuople of standalone ESXi 4.x hosts and need to start collecting logs because one went haywire on me this weekend.

So my question is, what products are you using for syslogging? A free one is best but not necessary.

Admittedly I have never set one up so the easiest product, like one for "Dummies", would probably be ideal. :smileysilly:

Thanks

0 Kudos
1 Solution

Accepted Solutions
marshalmatador
Enthusiast
Enthusiast
‎06-28-2011 06:49 AM
Jump to solution

Kiwi is a great service, it came highly recomended and now is highly recomended

View solution in original post

0 Kudos
8 Replies
vmroyale
Immortal
Immortal
‎06-27-2011 12:13 PM
Jump to solution

Hello.

I have used Kiwi in the past with some success.  Currently also using CentOS running syslog-ng and finding it much easier to manage.  vMA also comes with one.  It really comes down to how much (or how many hosts) you will be logging to it and how you want to manage the logs.  Kiwi is super easy, but the free version gives you a single log file to sort through.

Good Luck!

Brian Atkinson | vExpert | VMTN Moderator | Author of "VCP5-DCV VMware Certified Professional-Data Center Virtualization on vSphere 5.5 Study Guide: VCP-550" | @vmroyale | http://vmroyale.com
0 Kudos
COS
Expert
Expert
‎06-27-2011 12:18 PM
Jump to solution

Thanks, I saw Kiwi in a google search.

Like a dummy, I forgot to mention we need it to be a Windows Server and preferably on a 2008 R2 build.

Kiwi will be one of them I will test. I don't get their licensing though, 12 months? 24 months? I'll try them then call them if they are a viable solution for us.

anyone else?

0 Kudos
Troy_Clavell
Immortal
Immortal
‎06-27-2011 12:21 PM
Jump to solution

Does it have to be Windows?  You could use vMA, it works very well.

0 Kudos
COS
Expert
Expert
‎06-27-2011 12:24 PM
Jump to solution

@Troy

If it were just me managing it it could be a Linux build but since the team is comprised of all Windows admins, it has to be windows.

What's vMA?

0 Kudos
Troy_Clavell
Immortal
Immortal
‎06-27-2011 12:28 PM
Jump to solution

http://www.vmware.com/support/developer/vima/

...and a good how to. http://www.simonlong.co.uk/blog/2010/05/28/using-vma-as-your-esxi-syslog-server/

vMA can be used for so much more than a syslog server, but it's free and it can syslog.

0 Kudos
DSTAVERT
Immortal
Immortal
‎06-27-2011 12:39 PM
Jump to solution

There are web interfaces available for syslog-ng and rsyslog. Splunk is available for Windows.

-- David -- VMware Communities Moderator
ccarey
Contributor
Contributor
‎06-28-2011 05:26 AM
Jump to solution

I have to second DSTAVERT's suggestion of Splunk, especially if you're a Windows shop. But there are a couple of caveats. The free license only allows 500MB of data indexing per day; an ESXi cluster with 6 hosts can regularly generate more than 500MB of syslog data per day. It's also not cheap on the low end, a license for 1 GB of data per day is $10,000 and 20% ($2000) per year in maintenance. But with those things in mind, it's absolutely unparalleled at what it does in my opinion.

marshalmatador
Enthusiast
Enthusiast
‎06-28-2011 06:49 AM
Jump to solution

Kiwi is a great service, it came highly recomended and now is highly recomended

0 Kudos