ESXi: esxi-8.logs-remote

Information

Configure a remote log server for the ESXi host. Remote logging to a central log host provides a secure and centralized store for ESXi logs. By gathering host log files onto a central host, you can more easily monitor all hosts using a single tool. Additionally, you can perform aggregate analysis and searching to identify coordinated attacks on multiple hosts. Logging to a secure and centralized log server helps prevent log tampering and ensures a long-term audit record.

Solution

Get-VMHost -Name $ESXi | Get-AdvancedSetting Syslog.global.logHost | Set-AdvancedSetting -Value "<log collector>"

See Also

https://github.com/vmware/vcf-security-and-compliance-guidelines/raw/refs/heads/main/security-configuration-hardening-guide/vsphere/8.0/