Vmware ESX systems has built-in support for forwarding the data it creates to Unomaly.
You can forward logs from your ESXi hosts using the built-in vmsyslogd service or using the esxcli system syslog command shown here:
esxcli system syslog config set --loghost tcp://unomaly.company.com:514
Also, to make sure the ESXi firewall is allowing the connections, run the following command in the CLI:
esxcli network firewall ruleset set -r syslog -e true
First, follow these steps to configure the firewall settings for the vSphere host:
1. Select your hose in the vSphere client inventory.
2. Click Configuration, and in the Software panel, select Security Profile.
3. Click Properties for the Firewall settings.
4. Check the box for Syslog and click OK.
The syslog ports are now enabled.
Next, follow these steps to set up the ESXi host to log to Unomaly:
1. Select your host in the vSphere client inventory.
2. Click Configuration, and in the Software panel, select Advanced.
3. Select Syslog in the control tree and select Global.
4. Configure syslog.global.loghost with the IP address or hostname for your Unomaly instance.
For example: tcp://myunomalyhost:514
5. Click OK to apply the changes.