Syslog - VMware NSX/NSX-T
Device Details
Vendor | VMware |
|---|---|
Device Type | Virtualization Platform |
Supported Model Name/Number | VMware NSX/NSX-T |
Supported Software Version(s) | All |
Collection Method | Syslog |
Configurable Log Output? | Yes |
Log Source Type | Syslog - VMware NSX/NSX-T |
Log Processing Policy | LogRhythm Default |
Exceptions | N/A |
Additional Information |
Prerequisites
- VMware vCenter Server 5.5 or later
- VMware ESX 5.0 or later for each server
- VMware Tools
Device Configuration Checklist
Install the NSX Manager:
- Obtain the NSX Manager OVA File.
- Install the NSX Manager Virtual Appliance.
- Log In to the NSX Manager Virtual Appliance.
- Register vCenter Server with NSX Manager.
- Schedule a Backup of NSX Manager Data.
Install NSX Components:
- Install and Assign NSX for vSphere License.
- Install Network Virtualization Components.
- Prepare and Enable Clusters for Logical Switches.
- Install NSX Edge.
- Install vShield Endpoint.
- Install Data Security.
- Create an IP Pool.
Currently Supported Log Types
Type | Product Version | Supported Schema Fields |
|---|---|---|
Audit Log | All | User Name, Module Name, Operation, Resource, Status |
DCNPool Messages | All | Severity, Event Message, Host, Quantity, Event ID, Object |
Firewall Message | All | Vendor Info, Security Group, Action ID, Object Type |
Job Information | All | Command, Result, User Name, Process ID |
Policy Message | All | Vendor Info, Policy Name, Policy Action |
Scheduler Message | All | Vendor Info, Quantity, Object |
Security Message | All | Vendor Info, Identifier, Moid, Object Name, Security Group |
Session Information | All | Session Key, User Name |
System Event | All | Event Source, Event Message, Group, Module |
| Rules Message | All | Severity,Action,UserName ,VMid , Size ,Protname , IP Address , Port ,Quantity |
Parsed Metadata Fields
Product Field Name | LogRhythm Metadata Field | Value/Data Type |
|---|---|---|
N/A | <severity> | Text/String |
N/A | <dname> | Text/String |
N/A | <process> | Text/String |
N/A | <processid> | Numeric |
N/A | <object> | Text/String |
N/A | <vendorinfo> | Text/String |
N/A | <parentprocessname> | Text/String |
N/A | <parentprocessid> | Numeric |
N/A | <command> | Text/String |
N/A | <result> | Text/String |
N/A | <login> | Text/String |
N/A | <action> | Text/String |
N/A | <size> | Numeric |
N/A | <sip> | IP Address |
N/A | <sport> | Numeric |
N/A | <dip> | IP Address |
N/A | <dport> | Numeric |
N/A | <packetsin> | Numeric |
N/A | <packetsout> | Numeric |
N/A | <bytesin> | Numeric |
N/A | <bytesout> | Numeric |