In VMware vSphere ESXi 6.0, the ability to filter or exclude logging expressions from the system logs was introduced. This article provides information on filter or excluding specific logging expressions from the system logs. This process is useful for removing trivial or informational logging event from the system logs.
Caution: VMware does not recommend reducing logging as it may make it impossible to properly troubleshoot potential future issues.
To enable log filtering and exclude a log expression:
Log in to the VMware vSphere ESXi 6.0 host as root via console or SSH.
Run this command to save the original vmsyslog.conf:
cp /etc/vmsyslog.conf /etc/vmsyslog.orig
Using a text editor, open the /etc/vmsyslog.conf and add the line:
enable_logfilters = true
Save the file.
Using a text editor, open the /etc/vmware/logfilters file and add the log expression to exclude using the format:
numLogs | ident | logRegexp
Values:
numLogs - This value is the number of times the log entry can appear before it is filtered and excluded from system logs.
Note: By setting this value to zero, the expression defined will be suppressed from the system logs. Values greater than zero will result in the suppressing the expression defined when repeated in close proximity within the system logs.
ident - This value is used to identify the originating location of the log expression. For more information, see the /etc/vmsyslog.conf.d/*.conf files for all available values. logRegexp - This value is used to define the log expression to exclude conforming to the Python regular expression syntax.
Example:
Some rescan commands for local storage devices will report a SCSI log expression in the vmkernel.log that can be safely filtered.
Below is an example of the logfilters file including these expressions: