Networks

Overview

Evidence: Networks Description: ESXi Networks for all Virtual Machines Category: Network Platform: esxi Short Name: ntwk Is Parsed: Yes Sent to Investigation Hub: Yes Collect File(s): No

Background

ESXi VM network summaries describe port groups, accessibility, and IP pool associations, providing a view of virtual networking and connectivity.

Data Collected

This collector gathers structured data about networks.

Networks Data

Field

Description

Example

AccessTime

Access Time

2023-10-15 14:30:25+03:00

AccessCount

Access Count

123

URL

URL

Example value

Browser

Browser

Example value

Title

Title

Example value

VisitDuration

Visit Duration

Example value

Referrer

Referrer

Example value

TypedCount

Typed Count

123

IsHidden

Is Hidden

true

TransitionType

Transition Type

Example value

VisitID

Visit ID

123

TransitionQualifiers

Transition Qualifiers

Example value

User

User

Example value

Profile

Profile

Example value

HistoryFilePath

History File Path

Example value

Collection Method

This collector parses vim-cmd vmsvc/get.networks output captured in a text file, extracting network records for each VM.

Forensic Value

Network mappings support scoping of east-west traffic, identifying exposed segments, and correlating VM communications during incident response.

PreviousMultipathing Info NextNIC List

Last updated 9 days ago

Was this helpful?