Skip to main content
ONTAP tools for VMware vSphere 9.13

Manage syslog

Contributors

Use syslog to send system logs to centralized logging server.

About this task

From ONTAP tools for VMware vSphere 9.12 onwards, the ONTAP tools removes the earlier 2.0 syslog APIs. They contain new 3.0 syslog related APIs which support mutual authentication. Follow the steps below to setup syslog.

Steps

  1. Run POST /2.0/security/user/login to obtain a session ID.

  2. Run POST /3.0/appliance-management/logging-client-certificate by passing the sessionid received in the above response.

    This generates certificates for the VP server as well as the ONTAP tools server.

  3. Copy both the certificates to your syslog server and make them trusted on the syslog server.

    Here is an example on how to do it for syslog-ng docker:

    • JSON unescape both the certificates and copy the pem formatted certs to the ca.d directory

    • openssl x509 -noout -hash -in vsccert.pem the result is a hash (for example 6d2962a8)

    • ln -s vsccert.pem 6d2962a8.0 this creates a symbolic link to the certificate as hash with suffix .0

    • start the syslog server

  4. Run PATCH /3.0/appliance-management/syslog-config API by passing the server IP, port, pattern(OPTIONAL), log_level and the syslog server's public certificate.

Logs are routed to the specified syslog server.