# Networks ## Overview **Evidence:** Networks\ **Description:** ESXi Networks for all Virtual Machines\ **Category:** Network\ **Platform:** esxi\ **Short Name:** ntwk\ **Is Parsed:** Yes\ **Sent to Investigation Hub:** Yes\ **Collect File(s):** No ## Background ESXi VM network summaries describe port groups, accessibility, and IP pool associations, providing a view of virtual networking and connectivity. ## Data Collected This collector gathers structured data about networks. ### Networks Data | Field | Description | Example | | ---------------------- | --------------------- | ------------------------- | | `AccessTime` | Access Time | 2023-10-15 14:30:25+03:00 | | `AccessCount` | Access Count | 123 | | `URL` | URL | Example value | | `Browser` | Browser | Example value | | `Title` | Title | Example value | | `VisitDuration` | Visit Duration | Example value | | `Referrer` | Referrer | Example value | | `TypedCount` | Typed Count | 123 | | `IsHidden` | Is Hidden | true | | `TransitionType` | Transition Type | Example value | | `VisitID` | Visit ID | 123 | | `TransitionQualifiers` | Transition Qualifiers | Example value | | `User` | User | Example value | | `Profile` | Profile | Example value | | `HistoryFilePath` | History File Path | Example value | ## Collection Method This collector parses vim-cmd vmsvc/get.networks output captured in a text file, extracting network records for each VM. ## Forensic Value Network mappings support scoping of east-west traffic, identifying exposed segments, and correlating VM communications during incident response.