- VMkernel, /var/log/vmkernel/. Records activities related to the VMs and ESX hosts. Rotated with a numeric extension. The current log has no extension, and the next newest one has a .1 extension
- VMkernel Warnings, /var/log/vmkwarning/. Records activities with the VMs. It is a subset of the VMkernel log and uses the same rotation scheme.
- VMkernel Summary, /var/log/vmksummary/. Used to determine uptime and availability statistics for ESX hosts; a human-readable summary can be found in /var/log/vmksummary.txt.
- ESX Server host agent, /var/log/vmware/hostd.log. Contains information about the agent that manages and configures the ESX host and its VMs. (Search the file date/time stamps to find the log file it is currently outputting to or open hostd.log, which is linked to the current log file.)
- ESX Firewall, /var/log/vmware/esxcfg-firewall.log. Logs all firewall rule events. Rotated with a numeric extension. The current log has no extension, and the next newest one has a .1 extension
- ESX Boot, /var/log/vmware/esxcfg-boot.log. Logs all ESX boot events. Rotated with a numeric extension. The current log has no extension, and the next newest one has a .1 extension.
- ESX Update, /var/log/vmware/esxupdate.log. Logs all updates done through the esxupdate tool.
- Service Console, /var/log/messages/. Contains all general log messages used to troubleshoot VMs or an ESX host.
- Web Access, /var/log/vmware/webAccess. Records information about web-based access to an ESX host.
- High Availability (HA), /var/log/vmware/aam/. Logs information related to the High Availability service. In ESX 3.0.x, these logs were in /opt/LGTOaam512/ instead.
- Authentication, /var/log/secure. Contains records of connections that require authentication, such as VMware daemons and actions initiated by the xinetd daemon.
- Vpxa, /var/log/vmware/vpx/vpxa.log. Contains information about the agent that communicates with vCenter Server. Search the file date/time stamps to find the log file it is currently outputting to or open vpxa.log file, which is linked to the current log file.
- RT @LukasStefanko: "Our data breach happened using a highly professional attack with sophisticated social engineering" https://t.co/eFl6Xos… 5 days ago
- An attacker may be able to bypass administrator authentication without supplying the administrator’s password -> in… twitter.com/i/web/status/9… 2 weeks ago
- @mikesusz Loosing cuddles experience helps kids go through mourning process... That is important too. 1 month ago
- @CTOAdvisor @RebeccaFitzhugh Aka lift-and-shift #The6Rs 1 month ago
- #mozzeno now on #BelRTL 1 month ago
How To Troubleshoot… on Chunk Size Of a RAID0 Volume O… PiroNet on It All Started With This … Gorka on It All Started With This … An administrator not… on Ballooning And Hypervisor Swap… revate on Installing Oracle Database Cli…
Views expressed here are mine, they are not read or approved in advance by any company and don’t reflect the views of my employer, my employer’s business partners, or clients. I am solely responsible for all content produced here. No information provided here was reviewed by or endorsed by my employer or any other vendor or organization. This is my own blog. Comments are moderated!