Showing results for 
Search instead for 
Did you mean: 
Level 9
Report Inappropriate Content
Message 1 of 3

Vmware ESX 5 logs

Does anyone have any experience in pushing ESX5 logs into the ESM ? I can get ESX4.1 logs to send via syslog without issue. I have set up ESX 5 the same way, but so far nothing is received.

2 Replies
McAfee Employee siemchris
McAfee Employee
Report Inappropriate Content
Message 2 of 3

Re: Vmware ESX 5 logs

Hi Feeds

If you are having an issue with getting ESX to send syslogs there is some informaiton at sites like this;

Have you used tcpdump and verified that ESX is sending the syslog events? If it is then can you put a tcpdump on the receiver for that IP and port and see if you are getting traffic? If you are not getting it at the receiver interfaces then there is a networking problem.

If you are seeing the data at the interface, make sure you have configured the datasource with the correct IP and syslog port information and that has been written to the receiver. Then using Data Source Model VMware (ASP) set Support Generic Syslogs to Log "uknown syslog" event. Make sure you write out the datasource, rollout policy and then you *should* see events.

Let me know if this helps,


Level 9
Report Inappropriate Content
Message 3 of 3

Re: Vmware ESX 5 logs

Thanks for the url.  I have sent it over to the vm admins and will update on if/when we can get it to work.  I hope all that I was missing was the firewall piece.

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community