Configure Syslog server for NSX Controller with HTTP REST and vRealize Orchestrator

For many NSX components you can easily configure a syslog server, such as vRealize Log Insight. This however is not simple and straightforward for the NSX Controller Nodes. For those components this setting has to be configured via the NSX API via HTTP REST. In this article I explain how to use vRealize Orchestrator to accomplish this task.

The syntax and procedure are described in two locations:

On-line Documentation: Configuring a Syslog Server for NSX Controller

Knowledge Base Article: Configuring syslog server for VMware NSX for vSphere 6.x controllers (2092228)

To use the HTTP Rest API to do this you can use several HTTP Rest Clients, such as the ones that come with Chrome or Firefox. But why not use vRealize Orchestrator, the tool all customers entitled to vCenter are entitled to use free of charge?

If you have never worked with vRealize Orchestrator then download and deploy the appliance and follow my guidelines in this article: Create Your First vRealize Orchestrator Workflow

Step 1: Add a Rest Host to your Inventory

You start with configuring a Rest Host in the inventory of vRealize Orchestrator that can later be used to send the HTTP Rest POST request to. This HTTP Rest Host must point to your NSX Manager instance. In the vRealze Orchestrator Library of workflows find the workflow named Add a REST Host and execute the workflow. Provide a name for this rest host, it does not have to match the FQDN for the host but it does make it easier to find the right host later in your inventory. For the URL field provide the https prefix and the FQDN for your NSX Manager instance.

Add NSX Manager as Rest Host

In the next part of the wizard select basic authentication and provide the credentials of the admin user of NSX Manager.

Step 2: Add a Rest Operation

Next you must create an inventory object that refers to a Rest Host with the details of the operation to execute, in this case adding a syslog server to a controller. The URL to use is:

https://<nsxmgr-ip>/api/2.0/vdn/controller/{controller-id}/syslog

​As you can see in the next image I have replaced the controller-id from the example above (with the brackets) to match my actual controller's id.

Add Rest Operation to add syslog for NSX Controller

To find the controller's ID access the vSphere Web Client Networkign and Security plugin, browse to the Installation menu-option and look at the controllers in your environment. In this example here the ID of my controller is: controller-2.

Find NSX Controller ID

Step 3: Invoke the Rest Operation

When I was in the process of finding out how to execute the HTTP POST operation with the right parameters I found it the most practical approach to create a new workflow and add the workflow item to that workflow named Invoke a Rest Operation.

New Workflow to invoke rest operation

Next run this workflow and provide the paramters.

The content to send with the POST request is: (from the KB)

<controllerSyslogServer>
<syslogServer>10.135.14.236</syslogServer>
<port>514</port>
<protocol>UDP</protocol>
<level>INFO</level>
</controllerSyslogServer>

Invoke Rest Operation

To verify if your NSX Controller is actively sending log entries to your vRealize Log Insight server access the Interactive Analytics page of your server and search for nsx-controller.

 

 

 

 

vRealize Orchestrator Articles on this website

Follow us on LinkedIn

  

   

   

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer