NSX Edge Firewall ( VMware )

NSX Edge Firewall ( VMware )

Download from Github
View on Github
Open Issues

Graylog extractor for VMWare Firewall NSXedge

VMware NSX firewall can ship its log via syslog protocol. A linux rsyslog server acts as gateway and sends logdata json formated to kafka message queue system.look here for an example

graylog fetch logs and extracts data, which are embedded in an JSON document.

The contents_pack consists of the input with parameters for

Content_pack parameters

parameter default_value
title nsxedge
zookeeper localhost:2181
topic_search ^nsxedge$

You can use extractor export below to upload in your environment. Then you have to adjust the “source_field” in extractor “nsxedge_get_json”.