Hello,
We are ingesting vmware vpxa logs from our ESX servers into Elasticsearch but parsing is problematic as every agent on the ESX servers seems to have a different message format.
Sexilog produced an ELK appliance for vmware logs but it hasn't been updated in a while: http://www.sexilog.fr/
I've taken the filter-syslog-esxi.conf file from Sexilog's appliance here:
This parses most of the messages but does anyone have a working set of Logstash filters for ESX 6 hosts?
Thank you.