Cannot forward syslogs from an NSX node using the LI protocol
search cancel

Cannot forward syslogs from an NSX node using the LI protocol

book

Article ID: 434387

calendar_today

Updated On:

Products

VMware NSX VMware Aria Operations (formerly vRealize Operations) 8.x

Issue/Introduction

  • Logs forwarded via syslog from NSX are not visible in Aria Operations for Logs.

  • The syslog server configuration on the NSX node specifies the LI protocol and the default port 9000:

    nsx_node> get logging-servers
<Timestamp>
<syslog_server_ip>:9000 proto li level info exporter_name <exporter_uuid>
  • Confirmed successful communication to port 9000 of the syslog server from the NSX node using the following command:
    root@nsx_node:~# nc -zv <syslog_server_ip> 9000
Connection to <syslog_server_ip> 9000 port [tcp/*] succeeded!
  • "Require SSL Connection" is enabled in the SSL settings of Aria Operations for Logs.

Environment

VMware NSX
VMware Aria Operations for Logs

Cause

If "Require SSL Connection" is enabled in the SSL settings of Aria Operations for Logs, standard LI protocol communication is rejected.

Resolution

Disable "Require SSL Connection" or consider using the LI-TLS protocol instead.

Additional Information

TechDocs : VMware Aria Operations for Logs Server Rejects the Connection for Non-Encrypted Traffic

TechDocs : Configure Remote Logging

TechDocs : Configure a Node Profile

Powered by Wolken Software