Page 1 of 1
vmware monitoring issue
Posted: Fri May 15, 2015 2:44 pm
by ucemike
I've setup a ESXi device to send logs to udp 514 -> NLS. I can see data is coming in on the NLS.
Code: Select all
19:26:00.875443 IP 198.X.X.85.33294 > 198.X.X.171.syslog: SYSLOG local4.info, length: 193
But no data shows up for that ip in searches. Far as I can tell the time is correct (using ntp to maintain it) and the timezone appears to be UTC.
Re: vmware monitoring issue
Posted: Mon May 18, 2015 1:39 am
by Box293
If you have not already done so, you need to allow Log Server to listen on privileged ports:
http://assets.nagios.com/downloads/nagi ... Server.pdf
Does this fix your problem?
This guide might also help:
http://assets.nagios.com/downloads/nagi ... Server.pdf
Re: vmware monitoring issue
Posted: Mon May 18, 2015 10:52 am
by ucemike
Oh, my mistake, I didn't realize 514 UDP was privileged. I had it in my head tcp was but udp wasn't for some reason.
I would just use port 9001 like I did with my other devices but vmware hypervisor firewall configuration for custom ports is ridiculously silly.
Re: vmware monitoring issue
Posted: Mon May 18, 2015 11:56 am
by jolson
Let us know if you get this working or if you run into any problems along the way. Thanks!