Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

External Systems Configuration Guide

VMware ESX

What is Discovered and Monitored

Protocol

Information discovered

Metrics collected

Used for

VMWare SDK

ESX Server and the Guest hosts running on that server. ESX host clusters. Hardware (CPU, Memory, Disk, network Interface) for all guests, OS vendor and version for all guests. Virtual switch for connecting guest hosts to network interfaces.

Both ESX level and guest host level performance metrics.

Guest host level metrics include CPU/memory/disk utilization, CPU Run/Ready/Limited percent, memory swap in/out rate, free memory state, disk read/write rate/latency, network interface utilization, errors, bytes in/out.

ESX level metrics include physical CPU utilization, ESX kernel disk read/writre latency  etc

Performance Monitoring

VMWare SDK

ESX logs include scenarios like ESX level login sucess/failure, configuration change, Guest host movement, account creation and modification

Availability, Change and Security Monitoring

Configuration

FortiSIEM discovers and monitors VMware ESX servers and guests over the the VMware SDK. Make sure that VMware Tools is installed on all the guests in your ESX deployment, and FortiSIEM will be able to obtain their IP addresses. 

Settings for Access Credentials

User with System View Credentials

Make sure to provide a user with System View permissions who can access the entire vCenter hierarchy when setting up the access credentials for your VMware ESX device. See the VMware documentation on how to se tup a user with System View permissions.

Settings for VMware ESX VMSDK Access Credentials

Set these Access Method Definition values to allow FortiSIEM to communicate with your device.

Setting Value
Name <set name>
Device Type VMware ESX Server
Access Protocol VM SDK
User Name A user with System View permissions
Password The password associated with the user

VMware ESX

What is Discovered and Monitored

Protocol

Information discovered

Metrics collected

Used for

VMWare SDK

ESX Server and the Guest hosts running on that server. ESX host clusters. Hardware (CPU, Memory, Disk, network Interface) for all guests, OS vendor and version for all guests. Virtual switch for connecting guest hosts to network interfaces.

Both ESX level and guest host level performance metrics.

Guest host level metrics include CPU/memory/disk utilization, CPU Run/Ready/Limited percent, memory swap in/out rate, free memory state, disk read/write rate/latency, network interface utilization, errors, bytes in/out.

ESX level metrics include physical CPU utilization, ESX kernel disk read/writre latency  etc

Performance Monitoring

VMWare SDK

ESX logs include scenarios like ESX level login sucess/failure, configuration change, Guest host movement, account creation and modification

Availability, Change and Security Monitoring

Configuration

FortiSIEM discovers and monitors VMware ESX servers and guests over the the VMware SDK. Make sure that VMware Tools is installed on all the guests in your ESX deployment, and FortiSIEM will be able to obtain their IP addresses. 

Settings for Access Credentials

User with System View Credentials

Make sure to provide a user with System View permissions who can access the entire vCenter hierarchy when setting up the access credentials for your VMware ESX device. See the VMware documentation on how to se tup a user with System View permissions.

Settings for VMware ESX VMSDK Access Credentials

Set these Access Method Definition values to allow FortiSIEM to communicate with your device.

Setting Value
Name <set name>
Device Type VMware ESX Server
Access Protocol VM SDK
User Name A user with System View permissions
Password The password associated with the user