1. On Manager and Global Manager nodes, Edge and Public Cloud Gateway nodes, Ubuntu KVM Host nodes ensure the permissions for the /var/log directory is 775 and the ownership is root:syslog. One Rhel KVM and BMS Host nodes ensure the permission for the /var/log directory is 755 and the ownership is root:root.
2. On Manager and Global Manager nodes, ensure the file permissions for auth.log, nsx-audit.log, nsx-audit-write.log, rsyslog.log and syslog under /var/log is 640 and ownership is syslog:admin.
3. On Edge and Public Cloud Gateway nodes, ensure the file permissions for rsyslog.log and syslog under /var/log is 640 and ownership is syslog:admin.
4. On Ubuntu KVM Host and Ubuntu Physical Server nodes, ensure the file permissions of auth.log and vmware/nsx-syslog under /var/log is 640 and ownership is syslog:admin.
5. On Rhel KVM Host nodes and Centos/Rhel/Sles Physical Server nodes, ensure the file permission of vmware/nsx-syslog under /var/log is 640 and ownership is root:root.
6. If any of these files have incorrect permissions or ownership, invoke the commands
chmod <mode> <path> and
chown <user>:<group> <path>.
7. If rsyslog.log is missing on Manager, Global Manager, Edge or Public Cloud Gateway nodes, invoke the NSX CLI command
restart service syslog which restarts the logging service and regenerates /var/log/rsyslog.log.
8. On Windows Physical Server nodes, ensure the log folder: C:\ProgramData\VMware\NSX\Logs exists. If not, re-install NSX on the Windows Physical Server nodes.
- Maintenance window required for remediation? No