-
Notifications
You must be signed in to change notification settings - Fork 203
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Added ESXi artifact definitions (#519)
- Loading branch information
Showing
2 changed files
with
117 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,115 @@ | ||
| # ESXi artifacts | ||
| --- | ||
| name: ESXApiForwarder | ||
| doc: Records activities related to the vSphere Trust Authority API forwarder. | ||
| sources: | ||
| - type: FILE | ||
| attributes: {paths: ['/var/run/log/esxapiadapter.log']} | ||
| supported_os: [ESXi] | ||
| --- | ||
| name: ESXiAttestationService | ||
| doc: Records activities related to the vSphere Trust Authority Attestation Service. | ||
| sources: | ||
| - type: FILE | ||
| attributes: {paths: ['/var/run/log/attestd.log']} | ||
| supported_os: [ESXi] | ||
| --- | ||
| name: ESXiAuthenticationLog | ||
| doc: Contains all events related to authentication for the local system. | ||
| sources: | ||
| - type: FILE | ||
| attributes: {paths: ['/var/log/auth.log']} | ||
| supported_os: [ESXi] | ||
| --- | ||
| name: ESXiHostAgentLog | ||
| doc: Contains information about the agent that manages and configures the ESXi host and its virtual machines. | ||
| sources: | ||
| - type: FILE | ||
| attributes: {paths: ['/var/log/hostd.log']} | ||
| supported_os: [ESXi] | ||
| --- | ||
| name: ESXiKeyProviderService | ||
| doc: Records activities related to the vSphere Trust Authority Key Provider Service. | ||
| sources: | ||
| - type: FILE | ||
| attributes: {paths: ['/var/run/log/kmxd.log']} | ||
| supported_os: [ESXi] | ||
| --- | ||
| name: ESXiQuickBootLog | ||
| doc: Contains all events related to restarting an ESXi host through Quick Boot. | ||
| sources: | ||
| - type: FILE | ||
| attributes: {paths: ['/var/log/loadESX.log']} | ||
| supported_os: [ESXi] | ||
| --- | ||
| name: ESXiShellLog | ||
| doc: Contains a record of all commands typed into the ESXi Shell and shell events (for example, when the shell was enabled) | ||
| sources: | ||
| - type: FILE | ||
| attributes: {paths: ['/var/log/shell.log']} | ||
| supported_os: [ESXi] | ||
| --- | ||
| name: ESXiSystemLogsDirectory | ||
| doc: ESXi System Logs Directory | ||
| sources: | ||
| - type: FILE | ||
| attributes: {paths: ['/var/run/log/*']} | ||
| supported_os: [ESXi] | ||
| urls: ['https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.monitoring.doc/GUID-DACC9E0E-E857-4AE1-A469-3FDAE2B391A0.html'] | ||
| --- | ||
| name: ESXiSystemMessageslog | ||
| doc: Contains all general log messages and can be used for troubleshooting. This information was formerly located in the messages log file. | ||
| sources: | ||
| - type: FILE | ||
| attributes: {paths: ['/var/log/syslog.log']} | ||
| supported_os: [ESXi] | ||
| --- | ||
| name: ESXTokenService | ||
| doc: Records activities related to the vSphere Trust Authority ESX Token Service. | ||
| sources: | ||
| - type: FILE | ||
| attributes: {paths: ['/var/run/log/esxtokend.log']} | ||
| supported_os: [ESXi] | ||
| --- | ||
| name: ESXiTrustedInfrastructureAgentLog | ||
| doc: Records activities related to the Client Service on the ESXi Trusted Host. | ||
| sources: | ||
| - type: FILE | ||
| attributes: {paths: ['/var/run/log/kmxa.log']} | ||
| supported_os: [ESXi] | ||
| --- | ||
| name: ESXiVMKernelLog | ||
| doc: Records activities related to virtual machines and ESXi. | ||
| sources: | ||
| - type: FILE | ||
| attributes: {paths: ['/var/log/vmkernel.log']} | ||
| supported_os: [ESXi] | ||
| --- | ||
| name: ESXiVMKernelSummaryLog | ||
| doc: Used to determine uptime and availability statistics for ESXi (comma separated). | ||
| sources: | ||
| - type: FILE | ||
| attributes: {paths: ['/var/log/vmksummarylog.log']} | ||
| supported_os: [ESXi] | ||
| --- | ||
| name: ESXiVMKernelWarningsLog | ||
| doc: Records activities related to virtual machines. | ||
| sources: | ||
| - type: FILE | ||
| attributes: {paths: ['/var/log/vmkwarning.log']} | ||
| supported_os: [ESXi] | ||
| --- | ||
| name: vCenterServerAgentLog | ||
| doc: Contains information about the agent that communicates with vCenter Server (if the host is managed by vCenter Server). | ||
| sources: | ||
| - type: FILE | ||
| attributes: {paths: ['/var/log/vxpa.log']} | ||
| supported_os: [ESXi] | ||
| --- | ||
| name: vSphereClientLogsDirectory | ||
| doc: vSphere Client Logs Directory | ||
| sources: | ||
| - type: FILE | ||
| attributes: {paths: ['/var/log/vmware/vsphere-ui/logs/*']} | ||
| supported_os: [ESXi] | ||
| urls: ['https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.monitoring.doc/GUID-7E10C58F-16EA-44AB-8AA0-8D4A66399879.html'] |