Routes

Overview

Evidence: Routes Description: List Routes Category: Network Platform: esxi Short Name: routes Is Parsed: Yes Sent to Investigation Hub: Yes Collect File(s): No

Background

ESXi network routing entries reflect layer-3 reachability and ARP neighbor state for the host. Understanding routes aids in mapping connectivity and potential egress paths.

Data Collected

This collector gathers structured data about routes.

Routes Data

Field

Description

Example

Neighbor

Neighbor

Example value

MAC

MAC

Example value

Interface

Interface

Example value

Expiry

Expiry

Example value

Type

Type

Example value

Collection Method

This collector parses a pre-generated esx network routes text file and normalizes route neighbor, interface, MAC, expiry, and type fields.

Forensic Value

Routing data provides network context for lateral movement, external communications, and validates expected network topology during investigations.

PreviousProcesses NextRouting Table Info

Last updated 9 days ago

Was this helpful?