Submit a ticketCall us

whitepaperYour VM Perplexities Called, and They Need You to Read This.

Virtualization can give you enormous flexibility with future workloads and can be a key enabler for other areas, like cloud computing and disaster recovery. So, how can you get a handle on the performance challenges in your virtual environment and manage deployments without erasing the potential upside? Learn the four key areas you need to be focusing on to help deliver a healthy and well-performing data center.

Get your free white paper.

Home > Success Center > Log & Event Manager (LEM) > Log & Event Manager (LEM) Documentation > Log and Event Manager Getting Started Guide > Verify that events are being sent to LEM

Verify that events are being sent to LEM

Table of contents
No headers
LEM Getting Started Home

Updated: December 15, 2017

After you configure your device to send events to LEM, use the check logs tool to verify that LEM is receiving the data. You can access the LEM command line via VMware® vSphere® or Microsoft HyperV® Manager virtualization consoles. You can also use an SSH tool to verify that the raw syslog data is received by the LEM syslog server.

Raw syslog data is not yet parsed or normalized by LEM.

The following example shows how to use PuTTY to verify that LEM is receiving events.

  1. Open an SSH tool (such as PuTTY).
  2. Enter the IP address and port number (port 22) of the LEM virtual appliance.
  3. Log in with username cmc.

    If you using an evaluation copy of LEM, enter password as the password.

  4. Open the appliance menu and run the checklogs command.
  5. Determine which local facilities are receiving traffic.

    In the following example, local facility 4 has received 972 kilobytes of traffic while all other facilities are empty.

    File:Success_Center/Reusable_content_-_InfoDev/LEM_Getting_Started_Guide/Log_and_Event_Manager_Getting_Started_Guide/0050-Verify_that_events_are_being_sent_to_LEM/verify-logs-1.png
  6. Open the local facility to determine if it is receiving the logs you are expecting.

    In this example, local facility 4 is receiving traffic from the Cisco ASA firewall that was configured to send logs.

    File:Success_Center/Reusable_content_-_InfoDev/LEM_Getting_Started_Guide/Log_and_Event_Manager_Getting_Started_Guide/0050-Verify_that_events_are_being_sent_to_LEM/verify-logs-2.png

If you are not seeing the log data that you expect to see:

 

Previous: Configure the audit policy on your device to send events to LEM Next up: Configure an agent in LEM
Last modified

Tags

Classifications

Public