PowerCLI - Configure syslog server in multiple ESXi

1 minute read 0 Comments

This is a quick powershell script to setup the remote syslog in all the hosts of a cluster or vCenter.

Script parameters

  • Mandatory
    • vCenter - vCenter FQDN/IP to connect too
    • vCenterUsername - vCenter Username to be used
    • vCenterPassword - corresponding password
    • RemoteSyslog - FQDN/IP of the syslog server to use
  • Optional
    • cluster - Cluster name if we want to change the hosts from a single cluster
    • syslogPort In case of using an alternative port, will use 514 as default

Similar to earlier posts the code is pretty simple, so we will focus in the relevant bits

  • List the current status
# Show current config
$vmHosts | ForEach-Object {
    Write-Host $_.Name
    Get-VMHostSysLogServer -VMHost $_
  • Set the remoteSyslog server in each ESXi
# Set syslog config in hypervisors
$vmHosts | ForEach-Object {
    Write-Host $_.Name
    Set-VMHostSysLogServer -SysLogServer $remoteSyslog":"$syslogPort -VMHost $_
  • Restart syslog and set the allow rules using Get-Esxcli
# Restart syslog and set the allow rules in the ESXi
$vmHosts | ForEach-Object {
    Write-Host $_.Name
    (Get-Esxcli -v2 -VMHost $_).system.syslog.reload.Invoke()
    (Get-Esxcli -v2 -VMHost $_).network.firewall.ruleset.set.Invoke(@{rulesetid='syslog'; enabled=$true})
    (Get-Esxcli -v2 -VMHost $_).network.firewall.refresh.Invoke()

Leave a comment

Your email address is used to display your Gravatar, if applicable, and subscribe you to replies using the Mailgun web service, which you are free to unsubscribe from when you get any emails. Your email address will not be displayed publicly or shared with anyone else.