SysSet – A Syslog Configuration Tool for NSX Edges

I had a colleague the other week ask about changing a few hundred NSX Edges Syslog address. There was some configuration drift in the environment where the edges fell into a few different categories. The Edges either didn’t have configuration, had incorrect configuration (such as an old syslog entry), or they needed to be changed.

SysSet – A Syslog Configuration tool for NSX Edges

The goal was instead of clickety clicking all the way through the UI to use PowerNSX. This can be done quite easily which is great. Whilst there is not explcitly a command that does Set-NsxEdgeSyslogcurrently, the XML object can be modified and placed back onto the given edge with Set-NsxEdge.

The order of operations are as follows:

  • Collect all Edges
  • For each collected Edge:
  • Check Syslog Status
  • If enabled: Configure properties
  • Publish
  • If not enabled : Enable Syslog
  • Publish
  • Update properties
  • Publish

The reason for the double Set-NsxEdge operation is the fact that Log Level and Syslog protocol cannot be set before Syslog itself is enabled. This tool can handle most changes. It can also handle the ability to change only one property if desired.

Running SysSet.

I ran SysSet against my recently blogged about ECMP topology. This is 9 different nodes. Based on the content in the paramter block my Syslog was configured.

PowerCLI C:\> C:\Users\Administrator\Desktop\sysset.ps1
Enabling Syslog for upstream-edge
Configuring Syslog values for upstream-edge
Enabling Syslog for ecmp-edge1
Configuring Syslog values for ecmp-edge1
Enabling Syslog for ecmp-edge2
Configuring Syslog values for ecmp-edge2
Enabling Syslog for ecmp-edge3
Configuring Syslog values for ecmp-edge3
Enabling Syslog for ecmp-edge4
Configuring Syslog values for ecmp-edge4
Enabling Syslog for ecmp-edge5
Configuring Syslog values for ecmp-edge5
Enabling Syslog for ecmp-edge6
Configuring Syslog values for ecmp-edge6
Enabling Syslog for ecmp-edge7
Configuring Syslog values for ecmp-edge7
Enabling Syslog for ecmp-edge8
Configuring Syslog values for ecmp-edge8

Superb! We can see that the 9 edges have had their syslog configuration create. Now to validate.

PowerCLI C:\> $edge = get-nsxedge ecmp-edge8
PowerCLI C:\> $edge.features.syslog

version enabled protocol serverAddresses
------- ------- -------- ---------------
3       true    udp      serverAddresses

Here we can see that Syslog is enabled, the protocol is udp and the serverAddresses property has content.

PowerCLI C:\> $edge.features.syslog.serverAddresses


Hopefully this helps bring your environment in line with a configuration standard. I should crack the DLR code shortly too. I think I might look at doing some DSC and remediation tests with this. Something along the lines of “if an Edge has incorrect Syslog settings, modify them”.

Grab the script

SysSet Script

My VMworld 2016 submissions

VMworld Public voting is on now. There is information about each session and public members are encouraged to vote for interesting sessions. Alas there is not author detail about who is presenting or additional information that was asked for when submitting a session.

My colleagues and I have been working on some cool things that we hope to share with the wider world and VMworld is a great platform for this.

The first session proposal is with Grant Orchard. He and I have built a process to on approaching micro-segmentation of any application that has a virtual endpoint. After buying into the marketing fluff and value proposition how to start? Where do you start? It is daunting and first. This approach provides the method to tackle any workload no matter the nuances and ensure you capture all the traffic correctly and safely.

  • 8500
  • Building and Visualizing Microsegmentation with Log Insight
  • Breakout Session
  • Logs are one of the most powerful resources that we have, but are often overlooked due to their lack of context. Join us as we show you how to use your log data to create accurate microsegmentation policies, and graphically represent them for easy consumption by even the most junior administrator.
  • Session Outline – This session will cover:
    1. Recommendations from the field for controlling and sending meaningful VMware NSX logs to Log Insight
    2. A live demonstration of grouping pertinent vRealize Automation traffic into a practical dashboard
    3. Continuing the live demo we build security policies from your dashboard to protect and microsegment vRealize Automation
    4. Effective visualisation of log data to validate security posture and detect anomalous traffic patterns
  • Log Insight is more than just a basic troubleshooting tool
  • Log Insight and its free content packs provide context for your logs and a starting point for customization
  • NSX Distributed Firewall and Security Polices can be created with confidence and assurance
  • Advanced Technical
  • Software-Defined Data Center
  • Networking and Security
  • NSX
  • Enterprise
  • Technical Support, IT – All, IT – Risk/Compliance/Security, IT – Operations, IT – Network

Vote for this session here

Readers of this blog will be familiar with some work I have done with Nick Bradford on PowerNSX. This presentation seeks to introduce a wider audience to PowerNSX, a PowerShell module that allows CRUD activities for NSX. The object orientated pipeline provides a unique method of administering NSX environments along with integration into the already popular PowerCLI!

  • 7514
  • PowerNSX – Bringing the power of PowerCLI to VMware NSX for vSphere
  • Breakout Session
  • PowerNSX is a PowerShell module that abstracts the VMware NSX for vSphere API to a set of easily used PowerShell functions. Working seamlessly with VMware PowerCLI, PowerNSX brings unprecendented power and flexibilty to administrators of VMware NSX for vSphere environments. In this session you will learn what PowerNSX is and the flexibility and control that it can bring. From quick ad-hoc queries, to interactive administration and even full-blown automation of complete NSX logical topologies, you will discover how easy it is to leverage your existing PowerCLI skills and extend them to include managing your VMware NSX for vSphere environments. This session will provide an overview of PowerNSX architecture and functionality and then focus on PowerNSX usage and workflows through the use of live demonstrations.
    1. PowerNSX architecture and functionality
    2. Live demonstration of seamlessly using PowerNSX in conjunction with PowerCLI
    3. Practical examples that you can apply to your VMware NSX for vSphere environments
    4. Learnings based on customer deployments on how best to take advantage of PowerNSX
  • Learn what PowerNSX is and what functionality is included
  • Learn how PowerCLI and PowerNSX work hand in hand and get exposed to some examples of common PowerNSX workflows
  • How to get started with PowerNSX and how to contribute
  • Advanced Technical
  • Software-Defined Data Center
  • Networking and Security
  • NSX
  • Enterprise
  • IT – All, IT – Network, IT – Operations, IT – Risk/Compliance/Security

Vote for this session here

If you’re interested in seeing these sessions please vote. There is also additional content in the related links section.