PowerCLI
VMware vSphere PowerCLI is a powerful CLI that you can use to perform almost all of your daily administration tasks quickly. A basic reference has been provided in the Appendix C, Power CLI - A Basic Reference, section of the book to set it up and run the basic command. It can be used to set up a syslog server; it can also be used to download a vc-support or vm-support log bundle from VMware vSphere vCenter Server and/or ESX/VSphere hosts.
Connecting to vCenter Server or an ESX/vSphere host with PowerCLI
To run specific vSphere PowerCLI cmdlets and perform administration or monitoring tasks, you must connect to vCenter Server or a VSphere host, and then follow these steps:
- Launch vSphere PowerCLI.
- In the vSphere PowerCLI console window, establish a connection to a VSphere host or a vCenter Server using the following command:
Connect-VIServer -Server crimv1vcs001.linxsol.com - The output appears similar to as follows:
Name Port User ---- ---- ---- crimv1vcs001.linxsol.com 443 linxsol\zeeshan
Note
If the certificate is not trusted, a warning display appears. Depending on your security policy, these warnings can be ignored. Once it is done, it will ask you for a user name and password.
Setting up a syslog server using PowerCLI
We will set up a central syslog for our vSphere hosts using the PowerCLI:
Set-VMhostSyslogServer –SysLogServer 'vma.linxsol.com:514' –VMHost crimv3esxi001.linxsol.com
You can also remove the SysLogServer function by typing the following command:
Set-VMhostSyslogServer –SysLogServer $null –VMHost crimv3esxi001.linxsol.com
CMDLETS reference: https://www.vmware.com/support/developer/PowerCLI/PowerCLI41U1/html/Set-VMHostSysLogServer.html.
Setting up a sysLog server manually
Let's configure our vSphere host manually to use a syslog server as part of a post-installation script. You can run the following command in the console:
vim-cmd hostsvc/advopt/update Syslog.Remote.Hostname string vma.linxsol.com
You can also set this in the vSphere Client by clicking on a vSphere host and then navigate to Configuration | Advanced Settings. Here, expands syslog in the tree and enter the syslog server details in the Remote field.
Tip
vSphere host Firewall Exception for Syslog Ports
Note
You may need to manually open the Firewall rule set for syslog when redirecting logs. It seems that for UDP traffic, this firewall rule has no effect in vSphere host5.0 build 456551, and the UDP port 514 traffic flows regardless.
To open outbound traffic via the vSphere host Firewall on UDP port 514, TCP port 514 and 1514, use these commands:
esxcli network firewall ruleset set --ruleset-id=syslog --enabled=true esxcli network firewall refresh
