The log collection integration for standalone vCenters via Unified Cloud Proxy displays a status of Not Available in VMware Aria Operations for Logs.

When observing this issue:

• Network port connectivity is open between the components.
• In the Log Collection menu, the status explicitly reports as Not Available.
• Editing the vCenter configuration to force log forwarding directly to the new Logs cluster fails.

In the /vcf-log-forwarder/log/log-forwarder.log file on the Cloud proxy we record the following errors:

ERROR c.v.1.1.c.LogCollectionConfigScheduler:### - Error while fetching and applying log collection configurations.
com.vmware.log.forwarder.httpclient.APIException: Failed to create request for retrieving session: null

ERROR c.v.l.f.v.IngressVerticle:159 - Error while handling vertx(future) request with message:com.vmware.log.forwarder.exception.CustomHttpException: Missing or malformed encrypted data.
java.util.concurrent.CompletionException: com.vmware.log.forwarder.exception.CustomHttpException:

VCF Operations 9.0.x

The issue resides with the Cloud Proxy (CP). The log forwarder fails to decrypt the log server credentials, which is caused by an issue with the encryption key. The Missing or malformed encrypted data error in the vcf-forwarder logs indicates a decryption failure for the log server credentials. The credentials are created correctly on the server side and are fully functional, isolating the failure to the Cloud Proxy's handling of the encryption key.

To resolve this issue, apply the following workaround to create a filtered master key file and update the Cloud Proxy runtime configuration:

Step 1: Create a Filtered Master Key File

SSH into the Unified Cloud Proxy as the root user.

Create a copy of the master key file:

cp /usr/lib/vmware-vcops/user/conf/cluster_master_key.txt /usr/lib/vmware-vcops/user/conf/cluster_master_key.txt_workaround

Edit the workaround file and remove all key entries except for Version 9.

Apply correct ownership to the file:

chown admin:admin /usr/lib/vmware-vcops/user/conf/cluster_master_key.txt_workaround

Step 2: Update Cloud Proxy Runtime Configuration (CPRC)

Open the Docker configuration file for editing:

vi /storage/db/vmware-vrops-cprc/configuration/cprc.docker.configuration

Locate the vcf-log-forwarder section.

Update the volume mount path to point to the workaround file.

Find:

"/usr/lib/vmware-vcops/user/conf/cluster_master_key.txt": "/opt/vmware/vcf-log-forwarder/security/vrops_master_key.txt:ro"

Replace with:

"/usr/lib/vmware-vcops/user/conf/cluster_master_key.txt_workaround": "/opt/vmware/vcf-log-forwarder/security/vrops_master_key.txt:ro"

Step 3: Apply and Verify

Reboot the Unified Cloud Proxy node.

In the VCF Operations UI, verify that log collection begins processing.

Note: When verifying the log collection in the UI, you may see a message stating "No permission to check the configuration." This is a known user experience limitation and does not impact actual log ingestion.