Menu

Virtual Geek

Tales from real IT system administrators world and non-production environment

vSphere PowerCLI - Configure syslog on VMware ESXi hosts and Enable security profile firewall

November 1, 2017 01:55PM

In my earlier article I wrote about Configure syslog on VMware ESXi hosts: VMware best practices using VMWare vSphere web client GUI. Configuring syslog server on multiple esxi host servers manually by clicks is very boring task, As automation is everywhere, use it to doing with better way in VMWare Powercli. for more on Powercli check my below articles

VMWARE VSPHERE POWERCLI INSTALLATION AND CONFIGURATION STEP BY STEP
POWERCLI INITIALIZE-POWERCLIENVIRONMENT.PS1 CANNOT BE LOADED BECAUSE RUNNING SCRIPTS IS DISABLED

Once logged into vCenter server using PowerCLI, Try below command to view existing information for syslog server on Esxi. Get-VMHostSysLogServer -VMHost esxi001.vcloud-lab.com, if you have multiple servers comma separate and use like Get-VMHost Esxi001, Esxi002 | Get-VMHostSysLogServer to get information in bulk. As in below screenshot I can see esxi001 has syslog information configuration. and server esxi002 doesn't.

Next to configure and modify setting use Set-VMHostSysLogServer -VMHost Esxi002.vcloud-lab.com -SysLogServer 'udp://192.168.34.15:514', Again if you have multiple server use the same technique to setup as shown above Get-VMHost Esxi001, Esxi002 | Set-VMHostSysLogServer -SysLogServer 'udp://192.168.34.15:514'.

For more on syslog port number and how to use them differently check Configure syslog on VMware ESXi hosts: VMware best practices.

vmware vsphere vcenter esxi web client, powercli powershell, get-vmhostsyslogserver vmhost, set-vmhostsyslogserver syslogserver host udp tcp ssl port 514.png

Next enable esxi security profile firewall. To get the details about syslog firewall status use Get-VMhostFireWallException -VMhost esxi001.vcloud-lab.com -Name syslog. To know firewall information of multiple server, input name separated by comma (,). Check for the Status of Enabled, it should be true. To change it to true use Get-VMHostFireWallException -VMHost esxi002.vcloud-lab.com -Name Syslog | Set-VMHostFirewallException -Enabled:$True.

vmware vsphere vcenter esxi web client, powercli set-vmhostsyslogserver syslogserver host udp tcp ssl port 514, Get-VMhostFirewallException syslog, enabled, port 1514 set-vmhostfirewallexception, .png

There is tip in the last if you want to remove syslog server and make it null use below one liner cmdlet.
Set-VMHostSysLogServer -SysLogServer $null -VMHost Host

Another tip is syslog configuration can also be changed using another cmdlet Set-AdvancedSetting. To get the current configuration run as as below.
Get-VMHost esxi001.vcloud-lab.com | Get-AdvancedSetting -Name Syslog.Global.Loghost

And to change the syslog.global.loghost information.
Get-VMHost esxi001.vcloud-lab.com | Get-AdvancedSetting -Name Syslog.Global.Loghost | Set-AdvancedSetting -Value udp://10.168.34.15:514 -Confirm:$false

vmware vsphere esxi powercli get-vmhost, get-advanced settings syslog.global.Loghost Set-advancedsettings, Get-vmhostsyslogserver port 514 udp tcp ssl value

Useful Articles
PART 2 : CONFIGURING ESXI ON VMWARE WORKSTATION HOME LAB
POWERCLI - CREATE DATACENTER AND ADD ESXI HOST IN VCENTER
PART 1 : BUILDING AND BUYING GUIDE IDEAS FOR VMWARE LAB

Go Back

Comment