Syslog Server

This Section describes how to setup a dedicated Syslog server in a virtual data center. There are two given IP addresses the customer can choose to collect the syslog output of the edge gateway over an additional Org VDC Network. This document describes creation of this Org VDC Network and shows how to connect the Network with an existing vApp.

IPs:

This two IP addresses are used as Syslog server on every edge gateway and cannot be changed. The Org VDC Network has to be setup with an IP range that includes one of these IPs.

  • 172.16.0.253
  • 192.168.253.253

Syslog 1

Layout:

Syslog 2

Create Organisation VDC Network:

Step 1:

  • Select Administration tab
  • Open a virtual Data Center
  • Click Org VDC Networks
  • Click on the plus icon

Syslog 3

Step 2:

  • Select "Create a routed network..."
  • Select the Edge-Gateway
  • Click Next

Syslog 4

Step 3:

Enter the Gateway IP address and Subnetmask (The Gateway address has to be in the same subnet as the Syslog server), then select the Edge-Gateway.

Choose one of the given Syslog server-IPs:

  • 172.16.0.253 (Gateway: 172.16.0.1 / Subnetmask: 255.255.255.0)
  • 192.168.253.253 (Gateway: 192.168.253.1 / 255.255.255.0)

Click Next

Syslog 5

Step 4:

  • Enter a Name e.g. SYSLOG
  • Optional: Enter a description
  • Check "Share this network with other VDCs in the organization" if you want to use this network in other VDCs
  • Click Next

Syslog 6

Step 5:

  • Review the configuration summary
  • Click Finish

Syslog 7

Step 6:

The Org VDC Network is now going to be created

Syslog 8

Step 7:

Thus creation of Org VDC Network is finished and thus the the ability to record the traffic of the Edge-Gateway

Step 8:

  • Select the vApp and add the just built Org VDC Network

Syslog 9

Step 9:

  • Select Organization VDC Network
  • Click Next

Syslog 10

Step 10:

  • Choose SYSLOG Network
  • Click Finish

The network will now be connected to the chosen vApp

Syslog 11

Step 11:

Subsequently, the network can be connected with an existing VM

Syslog 12

Depending on customer needs, an additional application can be installed which is able to log the traffic sent from the vShield Edge. There are various market solutions that provide this functionality. A large vendor of such a solution is called Splunk. The following links provide information about this product on the basis of a Windows server available. Splunk is also available for LINUX server. There are other manufacturers that offer alternative products.

Links:

results matching ""

    No results matching ""