Enabling syslog firewall settings on vSphere Clients by using the esxcli command

To forward syslog events from ESXi v5.x or ESXi v6.x servers, as an alternative, you can configure ESXi Firewall Exception by using the esxcli command.

Note: To forward syslog logs, you might need to manually open the Firewall rule set. This firewall rule does not effect ESXi 5.0 build 456551. The UDP port 514 traffic flows.

To open outbound traffic through the ESXi Firewall on UDP port 514 and on TCP ports 514 and 1514, run the following commands:

esxcli network firewall ruleset set --ruleset-id=syslog --enabled=true
esxcli network firewall refresh