VMware ESX/ESXi and vCenter Server

VersionVMware ESX 3 and later, VMware ESXi 5.5 and later, VMware vCenter 6.0 and 6.5.

VMware is a virtualization and cloud computing software provider. VMware virtualization is based on the ESXi bare metal hypervisor, supporting virtual machines. The term "VMware" is often used in reference to various VMware Inc. products such as VMware vCenter, VMware Workstation, VMware View, VMware Horizon Application Manager and VMware vCloud Director.

Providing log and audit coverage across VMware components can be difficult since each component of VMware writes audit logs and tasks in different ways. Within ESXi, the Tasks & Events pane provides a view into administrator activities; these can be fetched via API. Netsurion seamlessly aggregates and assists in analysis and visualization aided by alerts, reports and dashboards.

Netsurion Data Source Integration for VMware allows you to monitor the following components:-

  • Operations:- Clusters, data centers, virtual machine created or removed and high resource usage.
  • Security:- Alarms triggered
  • Compliance:- Policy and permission changes, configuration changes and Esxi host/vCenter login and logout.

Once VMware is configured to deliver events to Netsurion's Open XDR platform; alerts, dashboards and reports can be configured into Netsurion's Open XDR platform.

Some of the Data Source Integrations available in Netsurion are listed below.

Alerts

Type Name Description
Security VMware ESXi - User authentication failed This alert is generated when a ESXi authentication failure occurs.
Security VMware ESXi - Account created This alert is generated when an ESXi account is created.
Security VMware vCenter - User role deleted This alert is generated when a user role is deleted in vCenter.
Security VMware vCenter - User role modified This alert is generated when a user role is modified.
Security VMware ESX - User authentication failed This alert is generated when a ESX authentication failure occurs.
Security VMware ESX - Task failed This alert is generated when a ESX task fails.
Operations VMware ESXi - Host added This alert is generated when an ESXi host is added.
Operations VMware ESX - Task failed This alert is generated when an ESXi Task fails.
Operations VMware ESXi - Virtual machine created This alert is generated when an ESXi virtual machine is created.
Operations VMware ESXi - Virtual machine reconfigured This alert is generated when an ESXi virtual machine is reconfigured.
Operations VMware ESXi - High resource usage alarm This alert is generated when utilization of ESXi resource is high.
Operations VMware vCenter - Virtual machine created This alert is generated when a virtual machine is created.
Operations VMware vCenter - Virtual machine removed This alert is generated when a virtual machine is removed.
Operations VMware ESX - Virtual machine created This alert is generated when a ESX virtual machine is created.
Operations VMware ESX - High resource usage alarm This alert is generated when utilization of ESX resource is high.
Compliance VMware ESXi - User authentication success This alert is generated when a ESXi authentication is successful.
Compliance VMware vCenter - User permission removed This alert is generated when user permission on vCenter is removed.
Compliance VMware Firewall - configuration changed This alert is generated when a firewall configuration changes are done.
Compliance VMware ESX - Virtual machine reconfigured This alert is generated when a ESX virtual machine is reconfigured.

Reports

Type Name Description
Security VMware - Alarms triggered This report provides information about the activities related to alarms triggered.
Security VMware - Esxi host authentication failures This report provides information about the activities related to esxi host authentication failures.
Operations VMware - Cluster created or removed This report provides information about the activities related to cluster created or removed.
Operations VMware - Data center added or deleted This report provides information about the activities related to data center added or deleted.
Operations VMware - Datastore creation or deletion This report provides information about the activities related to datastore creation or deletion.
Operations VMware - Virtual machine connected and disconnected This report provides information about the activities related to virtual machine connected and disconnected.
Operations VMware - Virtual machine power on or off This report provides information about the activities related to virtual machine power on or off.
Operations VMware - Virtual machine installation errors This report provides information about the activities related to virtual machine installation errors.
Operations VMware - Virtual machine created or removed This report provides information about the activities related to virtual machine created or removed.
Operations VMware - Esxi host added or removed This report provides information about the activities related to esxi host added or removed.
Compliance VMware - Esxi host login and logout This report provides information about the activities related to Esxi host login and logout.
Compliance VMware - vCenter login and logout This report provides information about the activities related to vCenter login and logout.
Compliance VMware - vCenter Firewall configuration changes This report provides information about the activities related to vCenter firewall configuration changes.
Compliance VMware - Policy and permission changes This report provides information about the activities related to policy and permission changes.

Documentation

The configuration details are consistent with Netsurion version 7.X and later, VMware ESX 3 and later, VMware ESXi 5.5 and later, VMware vCenter 6.0 and later.

Download Integration Guide for more information.

This site uses cookies to store information on your computer. Some are essential to make our site work; others help us improve the user experience. By using the site, you consent to the placement of these cookies. Read our Privacy Statement to learn more.

I Accept