Configuring the syslog to use TLS streamed over TCP for NSX ALB can only be accomplished through the console because these aren’t exposed via UI. The user interface only allows the specification of UDP. I used self-signed certificates for the AVI controller and AOL, but the process is identical when using CA-signed certificates.
1. Firstly, the certificate for the AVI (controller) needs to be added in the SSL/TLS Certificates. Additionally, the Aria Operations for Logs certificate should be added to a newly created PKI Profile, ensuring that CRL checking is disabled.
SSL/TLS Profile: go to Templates -> Security-> SSL/TLS Certificates
PKI Profile: go to Templates -> Security -> PKI Profile
2. Next, SSH into the controller using the admin account. After entering ‘shell’, you will be prompted to input your credentials again and run below commands:
> configure alertsyslogconfig AOL-syslog
alertsyslogconfig> syslog_servers
alertsyslogconfig:syslog_servers> syslog_server 192.168.79.1
alertsyslogconfig:syslog_servers> syslog_server_port 6514
alertsyslogconfig:syslog_servers> tls_enable
alertsyslogconfig:syslog_servers> no udp
alertsyslogconfig:syslog_servers> ssl_key_and_certificate_ref System-Default-Portal-Cert
alertsyslogconfig:syslog_servers> pkiprofile_ref vrli
alertsyslogconfig:syslog_servers> save
alertsyslogconfig> where
alertsyslogconfig> save
tls_enable – set to true;
no udp – TCP port will be used;
pkiprofile_ref – name of PKI profile created for AOL certificate in step 1;
ssl_key_and_certificate_ref – certificate used for NSX ALB controller selected in step 1;
- Register a Domain Name
Registering a domain name is a fundamental step in establishing an online presence, whether it’s for a personal project, a business, or any other endeavor. - Progressive Mix of World News and Propaganda
- Migrating from GoDaddy Website Builder to WooCommerce
Building an online store with a Website Builder is a great starting point for a new business. - WordPress Security Vulnerabilities and Solutions
Security is a massive topic in the modern world. Mental, physical, emotional, financial, cyber, we all care one way or another about at least one of those. - Perform an SEO Audit for WordPress
You can’t simply build a WordPress website and think you’ll attract traffic and users without having a solid search engine optimization strategy.
A key element of any successful search engine optimization strategy is performing regular SEO audits of your website. - LIEFFIE – Digital News and Development
The syslog should be immediately visible in the NSX ALB UI:
3. Add notification to Alert Actions: go to Operations -> Alerts -> Alert Actions and edit each action, where you wish to include your recently configured syslog server.
4. To confirm that everything is functioning correctly, you can check the logs at: /var/lib/avi/log/alert_notifications_debug.log
5. View at NSX Advanced Load Balancer dashboards in Aria Operations for Logs:
