Logmanager documentation
Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage
  1. Logmanager documentation
  2. /
  3. Log source devices configuration
  4. /
  5. VMware

VMware

VMware products support syslog for event information, unfortunately syslog data is not readable without VMware inner context. To overcome this disadvantage, we connect to VMware using web API/SDK to retrieve logs with their context. This API/SDK support VMware 6.x and 7.0.

In order to connect to VMware there are three requirements:

  1. Allowed communication between Logmanager server and VMware host on webserver port (TCP 443).
  2. VMware local user with read only permission to inventory root.
  3. Configured VMware agent in Logmanager server.

There are two possible deployments of VMware log reading:

  • Connect VMware agent directly to vSphere (vCenter) server and read all logs from there (recommended).
  • If you do not have vSphere server, connect agents to all standalone ESXi hosts.

Logging configuration VMware

Steps to create VMware read-only user in vSphere server:

  1. Connect to Web administration of vSphere server.

  2. Login to vSphere with administrator user rights.

  3. Click on roll down menu: Administration and choose Single Sign On.

  4. Click on Users and Groups > Users > Add user.

    Add VMware local user

    Add VMware local user

  5. Create new local user (we recommend using local user instead of domain user - if you use local user, there is no dependency on external authentication system).

  6. Click to Hosts and Clusters and select root system.

    Add new permission

    Add new permission

  7. In opened dialog, choose created user and select Role to Read-only, then click OK to add permission.

  8. vSphere configuration is complete, you can verify, that you successfully created new user by login to your vSphere using new credentials.

    vSphere configuration is complete

    vSphere configuration is complete

    Do not forget to add to Your username also your domain (in our example we use “example.com”)!
    Make sure the local user has read rights to the whole VMware inventory. Otherwise VMware component might start loosing events or even stop working completely!

Logmanager configuration

In this section, you configure Logmanager for correct downloading of messages from VMware.

  1. Login to Logmanager

  2. Go to Sources > VMware and click on add (“+” sign on top right).

    Add new agent

    Add new agent

  3. In the opened form enter following:

    • Host: IP address or DNS name
    • Port: 443 (port that your vSphere webserver listen on)
    • Username: logmanager@example.com (newly created local user in vSphere)
    • Password: password for given username

  4. Click: Create

VMware logs should now be automatically collected with Logmanager.

Dashboards

Check out following dedicated VMware dashboards for quick data analysis:

  • VMware overview
  • VMware status change
  • VMware user session
  • VMware virtual machines - This dashboard displays events related to the operation and configuration of virtual machines, showing who and when changed the configuration of a virtual machine or when it was powered on/off.

Common issues

If logs do not appear in Logmanager, please verify you put correct username and password into Logmanager console. You can verify your credentials using Vsphere client.

You can check internal VMware agent logs in Logmanager Components dashboard.