Skip to main content

NSX-T: Retrieving Logs via the API

Stephanie R.
Updated

Learn how to get NSX node logs using the dedicated API.

NSX is a Software-Defined Networking (SDN) solution provided by VMware. OVHcloud is offering this service in place of NSX-V in its VMware on OVHcloud solution.

At the moment (November 1, 2023), due to the implementation by OVHcloud, it is not possible to export the logs of an NSX-T via a syslog server. To remedy this, you can retrieve a few logs via API calls.

 

Requirements

For the current version of NSX to work, two hosts are deployed with a dedicated virtual machine for NSX on each host, allowing redundancy in the event of one of the hosts failing.

Moreover, the following prerequisites are required:

  • NSX hosts are deployed.
  • A user with NSX access rights.
  • You need to verify that the node is enabled.

 

Instructions

Gather logs with the API

Before logs can be retrieved, you will need to enable the logging option on the corresponding rule.

NOTE: By default, logs are not enabled on rules!

For example, consider a rule that blocks all IP addresses between 192.168.211.0/24 and 8.8.8.8/32.

To access the configuration of a rule, click the settings button (in the form of a cogwheel) to the right of the rule you have chosen.

HPC_VMware_NSX_retrievelogsAPI01.png

 

The rule settings are then available. Enable the logging option that should switch to green.

Make sure to apply the new configuration and publish it.

HPC_VMware_NSX_retrievelogsAPI02.png

 

Gather the logs

To have access to the logs, you must identify the Edge NSX ID. To do this, use this first API call:

curl -k -u user@pcc-123-123-123-123.ovh.us:'<password>' https://nsxt.pcc-123-123-123-123.ovh.us/api/v1/transport-nodes/

🔽 Example response:

This API call returns the two IDs of your two Edge nodes:

"resource_type" : "EdgeNode",

      "external_id" : "8a8e0033-9eee-4d13-a5e2-7cd2dbdebc6c",


 "resource_type" : "EdgeNode",

      "external_id" : "b35873da-ca7f-48ff-961e-5d6fa8bc5bf7"

Once you have retrieved the ID of your Edge node, make an API call to get the logs for your rule:

curl -k -u user@pcc-123-123-123-123.ovh.us:'<password>' https://nsxt.pcc-123-123-123-123.ovh.us/api/v1/transport-nodes/8a8e0033-9eee-4d13-a5e2-7cd2dbdebc6c/node/logs/firewallpkt.log/data

🔽 Example response:

The call then returns the logs associated with your rule:

2023-09-15T13:15:05.548Z edge321-3995b.sbg1a.pcc.ovh.us NSX 5188 FIREWALL [nsx@6876 comp="nsx-edge" subcomp="datapathd" s2comp="firewallpkt" level="INFO"] <30 d612293055f3431f:8b01687591afe36e> INET reason-match DROP 2312 OUT 84 PROTO 1 192.168.211.169->8.8.8.8

 

Retrieving logs with bundle

To download the bundle support for your nodes or cluster to your file server/machine, follow the official VMware documentation.

HPC_VMware_NSX_retrievelogsAPI03.gif

 

Go further

NSX-T Datacenter Rest API documentation

For more information and tutorials, please see our other Hosted Private Cloud support guides, our NSX guides, or the guides for other OVHcloud products and services.

Related articles