Routes

Overview

Evidence: Routes Description: List Routes Category: Network Platform: esxi Short Name: routes Is Parsed: Yes Sent to Investigation Hub: Yes Collect File(s): No

Background

ESXi network routing entries reflect layer-3 reachability and ARP neighbor state for the host. Understanding routes aids in mapping connectivity and potential egress paths.

Data Collected

This collector gathers structured data about routes.

Routes Data

Collection Method

This collector parses a pre-generated esx network routes text file and normalizes route neighbor, interface, MAC, expiry, and type fields.

Forensic Value

Routing data provides network context for lateral movement, external communications, and validates expected network topology during investigations.