VMware Auditing Software

Netwrix Auditor for VMware delivers complete visibility into changes on VMware vSphere and its components, including standalone ESXi hosts. Perform regular VMware audits to harden security, prove IT compliance and optimize operations.


Details when each change was made, who made it, and what exactly was changed with the before and after values, across your entire VMware environment.

Detailed reports and overview dashboards

Simplifies routine VMware reporting tasks. Predefined reports and overview dashboards offer filtering, sorting, exporting, drill-down, and email subscriptions. Access them through a web interface.


Notifies you about the changes you deem most critical, whether it’s the deletion of a virtual machine or changes to storage resources, so you can respond in a timely manner and avoid downtime or performance issues.

Streamlined compliance reporting

Provides audit data in out-of-the-box reports mapped to PCI DSS, HIPAA, SOX, GLBA, FISMA/NIST, CJIS, GDPR and many other regulatory standards. Prove to auditors that you regularly audit VMware.


Makes it easy to sort through VMware audit data and locate any specific information you might be looking for. Quickly find answers to questions such as what caused an ESXi or ESX server failure or who made critical changes to VMs.


Identifies high-risk user accounts by aggregating their anomalous activity across the VMware infrastructure and other critical systems such as Active Directory and Windows Server.

Ensure security and prove compliance with continuous VMware audit

To secure your virtual applications, it’s critical to have a powerful VMware reporting tool. Who made unwarranted changes to one of the most important clusters in your VMware vCenter Server and brought your virtual software down? When were the configuration settings of an ESX or ESXi host modified? Most VMware and vCenter reporting tools don’t enable you to quickly answer these questions. Netwrix Auditor does.

Detect security incidents and unauthorized changes with customizable alerting

Because of the tangled structure of VMware environments, if you don’t have the right VMware audit tools, it might take quite a while to piece together all the native logs and analyze them each time a security incident or unauthorized change occurs. Netwrix Auditor enables you to configure alerts on the most critical modifications that could affect the health of your VMware environment, such as the deletion of a virtual machine or unauthorized VMware cluster changes, so you can respond in a timely manner.

Prevent performance issues and system downtime by quickly pinpointing their causes

Your virtual infrastructure can be disrupted by simple mistakes or accidental changes to vSphere elements. Use the Interactive Search functionality to quickly investigate what steps led to system downtime or performance issues so you can prevent them from recurring and improve your management practices.

Control resource usage with detailed VMware reporting

Optimize resource utilization and avoid virtualization sprawl with predefined VMware reports. Determine which servers and objects were modified most, which virtual machines have been inactive for a long time, and which might have been created without any business need.

Slash time spent on compliance audit preparation

Use out-of-the-box compliance reports mapped to PCI DSS, HIPAA, SOX, GLBA, FISMA/NIST, CJIS, GDPR and other regulatory standards to quickly answer auditors’ questions, such as who made most changes to critical vCenter elements. Store your audit trail for more than 10 years in a scalable two-tiered (file-based + SQL database) storage system that enables easy historic e-discovery and security investigations.

Netwrix Auditor for VMware

Learn more about how Netwrix Auditor for VMware helps organizations just like yours improve detection of insider threats and pass compliance audits with less effort.

Download Datasheet (.pdf)
Netwrix Auditor for VMware

See how Netwrix Auditor’s actionable intelligence can help you gain visibility into the top 5 VMware incidents by providing security intelligence instead of raw log data.

Download Free Guide (.pdf)
"After we implemented our VMware environment, we figured out that, in addition to auditing Active Directory and Group Policy, to name just a few, Netwrix Auditor also tracks and reports changes in VMware environment — and it was exactly what we needed."
Borut Šorli, IT Director, Ministry of Higher Education, Science and Technology,
Republic of Slovenia

Deploy Netwrix Auditor wherever you need it

On Premises

Download a free 20-day trial of Netwrix Auditor and deploy it on Windows Server.


Download our virtual appliance and start using Netwrix Auditor without having to provision any hardware or software.

Efficient Tracking of Changes across Your Virtual Environment with Netwrix Auditor for VMware

When application downtime happens in your VMware environment, you need to respond immediately: you must quickly identify the root cause of the problem and restore the business-critical processes that depend on your virtualization technologies as soon as possible. Because any change to hardware configuration or vCenter servers can affect your virtual machines and degrade VMware performance, you need efficient VMware monitoring to keep track of those changes. Native tools can be helpful here; however, be ready to spend significant time and effort manually sifting through logs. Netwrix Auditor for VMware, on the other hand, delivers ready-to-use reports with all the details, such as who made each change and when and where it happened, including the before and after values. Plus, you can easily subscribe to any reports and view them on the schedule you set.

VMware Auditing and Reporting with Netwrix Auditor for VMware

IT auditing of virtualized infrastructures and reporting on all changes is an important aspect of any virtualization strategy. Undesired changes — whether accidental or malicious — are not rare and can potentially lead to sensitive data leaks, application and services failures, and expensive downtime. Netwrix Auditor offers an impressive array of detailed and easy-to-read reports containing all the necessary audit information about each change, giving organizations complete visibility into their virtualized VMware technologies.

VMware vSphere Monitoring for Security and Compliance

Monitoring vSphere virtualization platform for changes is critical to sustaining overall virtual environment health and security. Netwrix Auditor for VMware helps you monitor vSphere configuration changes, including host system settings, cluster resources and individual virtual machines. Off-the-shelf change reports provide you with key details about critical modifications, including previous and current configuration values. This audit information helps enforce and validate internal controls and prove VMware compliance.

Using and Managing VMware Snapshots to Minimize the Risk of System Performance Problems

Keeping virtual environments running at peak performance is a top priority for system administrators. To protect your critical systems and data, you can periodically take snapshots of the virtual machine state, including system memory and the virtual disk file system. If something goes wrong (for example, an update goes awry), you can use the VMware snapshot to revert to a previous state known to be good. However, letting a growing pile of VMware snapshot files linger in your system will slowly eat away at both storage space and VM performance. Efficient VMware snapshot management helps you minimize the risk of performance hits and drained disk space.

VMware Reporting You Can Rely on

Are you keeping your VMware environment secure? Are you sure the data on your virtual machines is protected from insider and outsider threats? Any unauthorized change to system configuration can jeopardize the availability of your virtualization technology, leading to downtime, or resulting in costly compliance failures. The VMware reporting tool from Netwrix provides actionable, ready-to-use reports on user activity across your VMware infrastructure, enabling you to quickly remediate possible threats and avoid downtime. Plus, automated report delivery on the schedule you set will slash report preparation time and keep you informed.

How Audit Checklists Help Strengthen the Security of Your Virtual Infrastructure, and How They Fall Short

Virtualization enables IT departments to reduce operating costs and optimize their resources. But it raises additional concerns about the security of IT systems, since it introduces an additional layer to the IT environment. There are many tools that can help you mitigate the risks associated with virtualization. For example, a VMware audit checklist is a list of recommendations designed to strengthen the security of your virtual infrastructure. It can include step-by-step guidance on setup and general controls, resource provisioning and deprovisioning, and virtual environment management. However, those guidelines generally focus on configuration, deployment and implementation of controls, and fail to cover continuous server audit for changes made to your virtual infrastructure, which is equally important to overall security and risk mitigation.

Keeping Your VMware PCI DSS Compliant with Netwrix Auditor

Today, organizations of all sizes embrace virtualization to reduce hardware costs, speed server provisioning and more. But if you run virtual machines and store cardholder data, you must watch your VMware infrastructure like a hawk to ensure no activity jeopardizes your VMware security and data privacy policy. In fact, meeting strict PCI DSS 3.2 security requirements can feel like a nightmare. Netwrix Auditor for VMware takes the burden of VMware PCI compliance off your shoulders. It enables you to address PCI requirements and helps you safeguard your sensitive data by identifying risks threatening it, all while slashing audit report preparation time by 50%.

Enabling a Continuously Compliant VMware Environment

Undocumented and unmonitored modifications to VMware settings, including changes to VMs, ESXi hosts and vCenter servers, can result in security breaches and failed compliance audits. But maintaining VMware compliance with a constantly growing list of internal policies, regulations and standards can be a significant challenge. Netwrix Auditor helps you ensure and maintain a compliance capable VMware environment, and also provides the evidence you need to prove that your security program adheres to the requirements of the regulatory mandates you may be subject to, such as PCI DSS, HIPAA, NERC CIP and CJIS.

VMware Alerting on Critical Activity to Spot Threats Faster

When there’s an unauthorized change to VMware vCenter Server permissions or a virtual machine is unexpectedly deleted, you need to be the first one to know, so you can minimize the risk of system downtime and protect your highly sensitive assets. However, is there a way to ensure that no important change slips by your radar? With Netwrix Auditor, you can set VMware alerts to issue an alarm whenever a critical change occurs, so you can rapidly spot events threatening your VMware security without having to sift through piles of cryptic logs. Moreover, you can customize the alerts just the way you need, so the critical activity that you specify triggers them immediately.