VMware: Troubleshooting - How to list the log files on VMware vSphere ESX

-
The following log files contain information that needs to be track on a VMware vSphere ESX Host to be in compliance with many security standards and best practices
We can also use syslog or splunk lightweight forwarders for this purpose.

/var/log/vmkernel
/var/log/secure
/var/log/vmkwarning
/var/log/vmksummary
/var/log/vmksummary.txt
/var/log/messages
/var/log/vmware/*.log
/var/log/vmware/aam/*.log
/var/log/vmware/aam/*.err
/var/log/vmware/webAccess/*.log
/var/log/vmware/vpx/vpxa.log
/vmfs/volumes/*/*/*.log

Table with Explanation of files to log for VMware vSphere ESX

Component
Location
Purpose
 VMkernel
 /var/log/vmkernel
 Records activities related to the virtual machines and ESX
VMkernel warnings
/var/log/vmkwarning
Records activities with the virtual machines
VMkernel summary
/var/log/vmksummary
Used to determine uptime and availability statistics for ESX; comma separated
VMkernel summary human readable
/var/log/vmksummary.txt
Used to determine uptime and availability statistics for ESX; humanreadable summary
ESX host agent log
/var/log/vmware/hostd.log
Contains information on the agent that manages and configures the ESX host and its virtual machines
vCenter agent
/var/log/vmware/vpx/vpxa.log
Contains information on the agent that communicates with vCenter
Web access
Log all the files in the directory /var/log/vmware/webAccess/*.log
client.log, proxy.log, unitTest.log, viewhelper.log, objectMonitor.log, timer.log, updateThread.log
Records information on Web-based access to ESX
(service vmware-webAccess start on ESX host to enable this)
Authentication log
/var/log/secure
Contains records of connections that require authentication, such as VMware daemons and actions initiated by the xinetd.
Service Console
/var/log/messages
Contain all general log messages used to troubleshoot virtual machines or ESX
Virtual machines
The same directory as the affected virtual machine’s configuration files; named vmware.log and vmware*.log
/vmfs/volumes/<DS>/<VM>/vmware.log
/vmfs/volumes/<DS>/<VM>/vmware-*.log
Contain Virtual Machine Power Events, system crashes, Tools status and activity, Time Sync, Virtual Hardware changes, VMotion Migrations, Machine Clones,

Comments

Post a Comment

Popular posts from this blog

Part - 1 : Windows Administrator: L1: Interview question & Answer for AD, DNS, DHCP, WINS & DFS

-
Image
Part - 1 : Interview question & Answer for AD, DNS, DHCP, WINS & DFS Active Directory Active Directory is a centralized and standardized system, stores information about objects in a network and makes this information available to users and network administrators. Domain Controller In an Active Directory forest, the domain controller is a server that contains a writable copy of the Active Directory database, participates in Active Directory replication, and controls access to network resources.
Read more

Windows: Interview Q & A: L1 & L2 Interview question

-
Image
Active Directory Active Directory is a centralized and standardized system, stores information about objects in a network and makes this information available to users and network administrators. Domain Controller In an Active Directory forest, the domain controller is a server that contains a writable copy of the Active Directory database, participates in Active Directory replication, and controls access to network resources. Global catalog server A global catalog server is a domain controller that stores information about all objects in the forest. Like all domain controllers, a global catalog server stores full, writable replicas of the schema and configuration directory partitions and a full, writable replica of the domain directory partition for the domain that it is hosting. In addition, a global catalog server stores a partial, read-only replica of every other domain in th e forest. Partial replicas are stored on Global Catalog servers so that searches of the e
Read more

How to create a Bootable ESXi Installer using USB Flash Drive

-
Image
For servers without CD drive or remote KVM you might want to use an USB Flash Drive to install ESXi to the hardware. This post explains how to create a bootable ESXi Installer USB Flash Drive in less than 2 minutes. The Flash Drive will work totally identical to an Installable CD. There are many USB Flash drive bootable software like in microsoft we have windows 7 USB/DVD download tools, here I have took Rufus tool for example. Download  Rufus Download  or  create  an ESXi Image Connect the USB flash drive to your computer Open Rufus Select your Device Select your ISO file Select  MBR partition scheme for BIOS or UEFI computers Press  Start Select  Yes  when it asks to replace menu.c32. Rufus will now create your bootable ESXi Installer USB Flash Drive. This will take about one minute. Additional Hint When you boot a server with this USB Flash Drive the ESXi Installer will copy the whole installer to the memory which means that you can install ESXi to the device whe
Read more