Which component in NSX-T is responsible for logging and auditing?

The NSX Manager is the primary component responsible for logging and auditing within the NSX-T framework. This centralized management component handles configurations, management tasks, and monitoring for the entire NSX-T environment. It provides a clear and organized interface for tracking events, policies, and network traffic, crucial for maintaining security and compliance standards.

The logging capabilities of the NSX Manager allow administrators to access audit logs that detail changes in the environment, user activities, and system events. This information is essential for troubleshooting, ensuring regulatory compliance, and enhancing security by enabling detailed examination of potential anomalies or breaches.

In contrast, while the NSX Edge plays a vital role in routing and security enforcement, its primary focus is on data plane functionality rather than management and auditing tasks. The NSX Distributed Firewall is integral to implementing security policies at the workload level but does not manage logging. The NSX Controller enhances management of the logical switching and routing elements but does not perform logging and auditing functions directly. Thus, the NSX Manager is the definitive choice for handling these responsibilities effectively within the NSX-T architecture.