I am trying to make a filter that will filter out all VPXD, VPXA, and HOSTD data coming in from VM hosts. Below is excel sheet I use to define log use cases, green means I want to continue ingesting, yellow means I want to filter out![alt text][1]
Below is what the VPXA message looks when hitting port 514 on the the syslog server:
**Msg: 2020-03-26T04:09:53.295Z MyDomainName.com Vpxa: verbose vpxa[9164B70] [Originator@6876 sub=VpxaHalCnxHostagent opID=WFU-357897ba] Received WaitForUpdatesDone callback\0x0a**
Below is what the HOSTD message looks when hitting port 514 on the the syslog server:
**Msg: 2020-03-26T04:13:31.559Z MyDomainName.com Hostd: verbose hostd[FFC1B70] [Originator@6876 sub=PropertyProvider] RecordOp ASSIGN: guest.disk, 40. Sent notification immediately.\0x0a**
Below is my current filter in place, I filter on hostname, I still want to do this. I just want it to drop any message with the HOSTD or VPXA process and keep everything else.
![alt text][2]
Thanks for the help!
[1]: /storage/temp/286655-vmware-log-use-cases.png
[2]: /storage/temp/286656-filter.png
↧