Bulk Enable Logging on all NSX Distributed Firewall Rules

A customer of mine who has NSX deployed in production recently added vRealize Log Insight into their environment. Since they have been using NSX for quite some time already they had a large number of rules created for the distributed firewall. All of the rules currently were not set to log to a remote syslog server, without a setting in the UI to modify all the rules at once to enable logging they were looking for the easiest way to do this.

Enter PowerNSX, while today there is not a built-in command for doing this it is possible to set it via the API which you can see called within the script. Please note this is not my script, I’m just passing this along as it was created for my customers use case and I think it can be useful to others.

Original source: https://github.com/vmware/powernsx/blob/master/Examples/EnableFirewallRuleLogging.ps1

Post Navigation

vRealize Network Insight Search Queries

Building a NSX Distributed Firewall Hit Count Chart in Log Insight

1 comments On Bulk Enable Logging on all NSX Distributed Firewall Rules

Leave a reply:

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Site Footer

Sliding Sidebar

About Me

About Me

I currently work for VMware helping customers realize the value of software defined networking. I hold the VMware Certified Design Expert (VCDX #111) certification in both datacenter virtualization (DCV) as well as network virtualization (NV). I am passionate about new technology and how it can solve business issues, and am fortunate to work for the leader in the software defined datacenter space. My full CV is available at LinkedIn

Social Profiles