VMware Auditing with Netwrix Auditor

Change auditing of VMware vSphere and ESX

Available Reports

Name Description
All VMware Changes by Date Shows who made what changes to VMware infrastructure objects and settings, including hosts, containers, resource pools, virtual machines. Filtered by date range and user name who made changes. Download sample.
All VMware Changes by Object Type Shows who made what changes to VMware infrastructure objects and settings grouped by object type (e.g. host, container, resource pool, etc). Filtered by date range and user name who made changes.
All VMware Changes by User Shows who made what changes to VMware infrastructure objects and setting grouped by user who made changes. Filtered by date range and user name who made changes.
All VMware Changes Shows who made what changes to VMware infrastructure objects and settings, including hosts, containers, resource pools, virtual machines. Filtered by date range and user name who made changes.
Cluster Changes Shows changes made to clusters. Such changes must be carefully reviewed as they usually affect the entire virtual infrastructure.
Clusters Added Shows newly created clusters. Such additions must be well-planned and reviewed.
Clusters Removed Shows deleted clusters. This report can be used to detect accidentally deleted objects before deletion affects the entire infrastructure.
Datacenter Changes Shows changes made to data centers. Such changes must be carefully reviewed as they usually affect the entire virtual infrastructure.
Datacenters Added Shows newly created data centers. Such additions must be well-planned reviewed and reviewed.
Datacenters Removed Shows deleted data centers. This report can be used to detect accidentally deleted objects to be restored from backup before deletion affects the entire infrastructure.
Datastores Added Shows newly created data stores. Creation of new data stores must be well-planned and reviewed.
Datastores Removed Shows deleted data stores. This report can be used to detect accidentally deleted objects to be restored from backup before deletion affects the production infrastructure.
Folder Changes Shows changes made to folder objects (e.g. folder renamed, permissions changes), without showing changes to child objects.
Folder Permission Changes Shows changes to folder permission. This report must be reviewed on a regular basis to detect unauthorized assignment of permissions to virtual machines and other objects.
Folders Added Shows newly created folders. Creation of new folders should reflect the environment-specific details and reviewed on a regular basis.
Folders Removed Shows deleted folders. Deletion of folders should be monitored to detect accidental deletions and initiate restore from backup timely.
Host System Changes Shows changes made to host systems (ESX and ESXi servers). Reconfiguration of host system can affect managed virtual machines and such changes must be carefully reviewed.
Host Systems Added Shows creation of new host systems (ESX and ESXi servers). Addition of new physical servers should be well-planned and this report can be used to review such operations.
Host Systems Removed Shows physical hosts removed from the virtual infrastructure. Removal of host systems should be planned in advance and this reports can be used for reviews.
Permission Changes Shows changes to permissions. Permissions changes are critical to the overall security and must be reviewed on a regular basis.
Resource Pool Changes Shows changes to resource pools. Resource pools control how resources are allocated to virtual machine and uncontrolled changes can lead to major disruptions in virtual machine operations.
Resource Pools Added Shows newly added resource pools. Resource pools are usually created when new resources are added to the virtual environment and this report can be used to review new resource pools.
Resource Pools Removed Shows deleted resource pools. This report can be used to detect unplanned and accidental operations affecting the overall operations of virtual machines.
Role Changes Shows changes to security roles. Security roles control access and must be regularly reviewed according to major compliance regulations.
Roles Added Shows new created security roles. Creation of new roles should reflect organizational changes in the company and this report can be used to review and control such changes.
Roles Removed Shows removed roles. Removal of roles should reflect organizational changes in the company and this report can be used to review and control such changes.
Virtual Machine Changes Show changes made to individual virtual machine configurations, such as virtual hardware, settings, and permissions.
Virtual Machine Permission Changes Show changes made to virtual machine permissions. Permissions affect who can access virtual machines and all changes must be reviewed on a regular basis.
Virtual Machine Power State Changes Shows virtual machine power on, pause, resume, and power off events on managed virtual machines. This report can be used to review planned maintenance operations of virtual machines.
Virtual Machine Snapshot Changes Shows creation, modification, and deletion of virtual machine snapshots. This report can be used to control changes to snapshots and prevent loss of important data and settings.
Virtual Machine Sprawl Shows creation of new virtual machines over time. This report is very important to analyze and control the virtual machine sprawl and prevent excessive use of computing power by unused and inactive virtual machines.
Virtual Machines Removed Shows removal of virtual machines. This report can be used to detect unplanned removals to initiate their restore from backup.