IDFW Event Server configuration results in an "Unknown error"
Article ID: 324187
Updated On:
Products
VMware NSX Networking
Issue/Introduction
Symptoms:
- NSX-T Data Center 3.2.0/3.2.0.1
- On the UI, under Inventory -> Identity Firewall AD, configuring Event Server to enable Log Scraping results in anĀ "Unknown error".
- In the NSX-T Manager log, /var/log/proton/nsxapi.log, logging similar to this example is seen
2022-03-02T19:19:20.937Z INFO http-nio-127.0.0.1-7440-exec-14038 ElsStatusUpdater 12582 FIREWALL [nsx@6876 comp="nsx-manager" level="INFO" reqId="fffda83d-6728-41cc-b13d-f53da4700d76" subcomp="manager" username="admin"] EventLogServer: connection test status: domain=corp.local host=192.168.1.10 user=svc_nsxmanager status=ERROR, Unknown error
Environment
VMware NSX-T Data Center
Cause
When configuring IDFW Event Server an unknown error is seen due to incorrect parsing of the event record id. This issue occurs if theĀ received event record id is a long value.
Resolution
This is a known issue impacting NSX-T Data Center 3.2.0/3.2.0.1. Currently there is no resolution.
Workaround:
VMware Tools introspection module can be used as an alternative login detection mechanism when Event Server cannot be configured.
If this is not an viable workaround, please open a Support Request with VMware Support to discuss other options.
Workaround:
VMware Tools introspection module can be used as an alternative login detection mechanism when Event Server cannot be configured.
If this is not an viable workaround, please open a Support Request with VMware Support to discuss other options.
Feedback
Yes
No
Powered by
