VCAP-CIA Objective 1.1 – Configure centralized logging
The blueprint states the following skills needed to cover this objective:
- Determine use cases for and configure local and syslog options for vCloud Director
- Configure and administer logging options for VMware vShield™ Manager
- Configure Log4j options for vCloud Director Tools
The first and third goal are described in several kb articles but does not really have a good description in the official documentation. There is a nice explanation in the VMware vCloud Architecture ToolKit 2.0 but this example does not seem to have made it to version 3.1.
Pages 25 – 27 of the English version of the vCloud Director Installation and Upgrade Guide seem to be the only spot in the official product documentation mentioning the setup of a syslog server during the initial setup of a cell. This will be saved into the response file for the other cells to use.
If this step was omitted during initial setup it can be set in the global.properties file located in /opt/vmware/vcloud-director/etc.
Just add the proper syslog server after “audit.syslog.host =” and restart the vcd service.
The VMware knowledge base describes how to activate the shipment of additional log files in the log4j.properties configuration file.
Enabling Centralized Logging in VMware vCloud Director 1.5.x / 5.1.x
Below you can find pictures of the configuration file in my environment, a TCP dump from the cell proving that it is now sending logs to the syslog server and the actual logs on the syslog server itself.
Further information about the threshold levels and local logging options can be found in the following kb article.
Configuring logging for VMware vCloud Director cells
Configuring a syslog server for vShield Manager is described in the English version of the vShield Administration Guide on page 19. There doesn’t seem to be a kb article explaining the process as this is really rather simple. Open up the vShield Manager configuration and pop in the correct values at the configuration pane under Settings & Reports.
Configuring the log shipping for firewall rules is done in the vCloud Director web interface. Just go to administration -> system settings -> general.
This should conclude the first objective of the VCAP-CIA, if you are interested you can find an even more advanced setup example in the vCAT 2.0 Tool.
The interesting part for this objective starts on page 41 in the English version.