Syslog server filling up with log files
Article ID: 319992
Updated On:
Products
Issue/Introduction
The log filtering capability lets you modify the logging policy of the syslog service that is running on an ESXi host.
Cause
Resolution
To forward only the filtered logging to the syslog server
enable_logfilters = false needs to be changed to enable_logfilters = true
Steps:
- Take backup of the
vmsyslog.conf"cp vmsyslog.conf vmsyslog.conf.bck" - Edit
vmsyslog.confusingVI editor - Press
ito change toinsert mode - Change this value to true
"enable_logfilters = true" - Press Esc key to exit insert mode and to Save the file
:wq!
Example: Commands for the logs that need to be filtered as per requirement
esxcli system syslog config logfilter add --filter="0|Vpxa|info vpxa" esxcli system syslog config logfilter add --filter="1|Vpxa|info vpxa" esxcli system syslog config logfilter add --filter="1|vpxa|info vpxa" esxcli system syslog config logfilter add --filter="0|vpxa|info vpxa" esxcli system syslog config logfilter add --filter="0|Fdm|verbose fdm" esxcli system syslog config logfilter add --filter="1|Fdm|verbose fdm" esxcli system syslog config logfilter add --filter="1|fdm|verbose fdm" esxcli system syslog config logfilter add --filter="0|fdm|verbose fdm" esxcli system syslog config logfilter add --filter="0|Rhttpproxy|verbose rhttpproxy" esxcli system syslog config logfilter add --filter="1|Rhttpproxy|verbose rhttpproxy" esxcli system syslog config logfilter add --filter="1|rhttpproxy|verbose rhttpproxy" esxcli system syslog config logfilter add --filter="0|rhttpproxy|verbose rhttpproxy" esxcli system syslog config logfilter add --filter="0|Fdm|info fdm" esxcli system syslog config logfilter add --filter="1|Fdm|info fdm" esxcli system syslog config logfilter add --filter="1|fdm|info fdm" esxcli system syslog config logfilter add --filter="0|fdm|info fdm"
Run the below commands to check the filtersesxcli system syslog config logfilter listesxcli system syslog reload
Additional Information
Feedback
