# Account Info ## Overview **Evidence:** Account Info\ **Description:** ESXi Account Info\ **Category:** System\ **Platform:** esxi\ **Short Name:** accinfo\ **Is Parsed:** Yes\ **Sent to Investigation Hub:** Yes\ **Collect File(s):** No ## Background Local ESXi accounts define administrative and service access to the hypervisor. Enumerating them supports auditing and detection of unauthorized users. ## Data Collected This collector gathers structured data about account info. ### Account Info Data | Field | Description | Example | | ---------------------- | --------------------- | ------------------------- | | `AccessTime` | Access Time | 2023-10-15 14:30:25+03:00 | | `AccessCount` | Access Count | 123 | | `URL` | URL | Example value | | `Browser` | Browser | Example value | | `Title` | Title | Example value | | `VisitDuration` | Visit Duration | Example value | | `Referrer` | Referrer | Example value | | `TypedCount` | Typed Count | 123 | | `IsHidden` | Is Hidden | true | | `TransitionType` | Transition Type | Example value | | `VisitID` | Visit ID | 123 | | `TransitionQualifiers` | Transition Qualifiers | Example value | | `User` | User | Example value | | `Profile` | Profile | Example value | | `HistoryFilePath` | History File Path | Example value | ## Collection Method This collector parses esxcli system account list output captured in a text file to enumerate local user accounts and descriptions. ## Forensic Value Account inventories enable validation against policy, detection of rogue accounts, and correlation with authentication events.