Vmware ESX systems has built-in support for forwarding the data it creates to Unomaly.



Use the command line

You can forward logs from your ESXi hosts using the built-in vmsyslogd service or using the esxcli system syslog command shown here:

esxcli system syslog config set --loghost tcp://unomaly.company.com:514

Also, to make sure the ESXi firewall is allowing the connections, run the following command in the CLI:

esxcli network firewall ruleset set -r syslog -e true

Use the vSphere client

First, configure the firewall settings for the vSphere host. This can be done by following these steps:

  1. Select your host in the vSphere client inventory.

  2. Click Configuration tab and in the Software panel, select Security Profile.

  3. Click Properties for the Firewall settings.

  4. Check the box for Syslog.

  5. Click OK.

The syslog ports are now enabled.

Next, follow these steps to set up the ESXi host to log to Unomaly:

  1. Select your host in the vSphere client inventory.

  2. Click Configuration tab and in the Software panel, select Advanced.

  3. Select Syslog in the control tree and select Global.

  4. Configure Syslog.global.Loghost with the IP address or hostname for your Unomaly instance.

    Example: tcp://hostname:514

  5. Click OK to apply the changes.