How to configure syslog (kiwi) server for ESXi –Part-02


In Part-01 you saw how to do initial setup for syslog server and now in second part we need to understand some basic stuff.

First is getting used to interface. Most important among the set up is the configuration console

image

So once you click on the configuration console you have numerous option, I have used only two-three and I would be talking about them.

First is to create rule and filter. Most basic of this is, you need to create rule first and then filter, action. Then is to associate the action with the filter.

image

In above screen, you can see default option and associated filter and action for it. I have created a additional rule and called it as “Test Rule

Then created a filter for PZESXi-07.pzwaredu.com host and associated a action against it.

image

Action is very simple here, which says filter pzesxi-07(above) and show it on Display 01(as action)

image

And here is the ultimate results, you can see below I have selected Display 01 and it is only filtering pzesxi-07 logs only.

image

Next item is to confirm your DNS settings. Make sure you select “Resolve internal address using DNS server” (underline), this will make sure your hostname are correctly in the logs.

image

And final option is to schedule a task to archive the logs over a period of time. It is just again as simple as click, click

  • Open the configuration console again, right on the schedule and select add new schedule as shown below

image

  • Rename the task as per your convenience, as “Logs Archiving task”

image

  • Select the location where the live logs are dumped as source location

image

  • Select the destination location where you wish to archive them

image

  • Then there are numerous option to schedule the task, how to archive, protect the archive. They are very easy to understand.

Other option(less important) is of highlighting the results for better readability. Go to view menu and select highlighting option.

image

Select color of your choice and apply.

image

Some tests now

To check if we can compare the results, I purposely pushed PZESXi-09.pzwaredu.com into maintenance mode as shown below

image

Check the task pane for timing details

image

Now check syslog console for detail message. You can task completed at 11:59:33 and at nearly same time syslog gave us information that host is moved to maintenance mode (Click on the image for more clarity)

image

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s