esxi support version

Hi

   Recently I need build a ESXi 8.x as testing plateform.and I want to using sentinel to collect.

But I check market place ....this version 2011.1r6 the release date is 2020...but extract it , it show the version is 2017...

Do we have new collector for Vmware in the future ?

Wencheng

Tags:

  • Suggested Answer

    0  

    I guess the question is, does it work against ESXi 8.x?  If it does then don't get too hung up on the version being from 2017.  I think it depends on whether the format of the events ESXi sends out has changed or whether they've implemented new events types etc, and if that's the case then you can raise a request to have the collector updated.  Although, in the first instance you may want to have a look at the SmartConnector, which seems to support a much more recent version of ESXi (albeit still not v8.x).

  • 0 in reply to   

    thanks!! 

        But about smart connector is not easy use for sentinel customer...

    We are not familiar with products such as Arcsight..

    How to request the collector updated?? Idea Exchange ?

  • Suggested Answer

    0   in reply to 

    The SmartConnector is'nt that complex, and you don't need to be familiar with the Arcsight product set to use it.  All it really does is to parse the events into CEF format and send them onto Sentinel via the CEF Collector.

    I would suggest you start by confirming there is actually an issue using the latest VMware Collector against ESXi 8 (It might just work).  If it doesn't work or it needs updating with new events, then you could raise it on the ideas portal, or better yet, raise a support request for it. Although, you might find that the SmartConnector is suggested as an alternative.

  • 0 in reply to   

    Hi 

        About smart Connector

    1. need read common event format collector file.

    Sentinel Installation and Configuration Guide (microfocus.com)

    I click the link to re-driect to sentinel marketplace...I click "

    Universal Common Event Format"

    it only could download collector file...no document download link on this page.

    2. About Smartconnector download.

        I try to check SLD portal to check sentinel 8.6 download list....the list has no smartconnector installation file, the marketplace seem only exist on ArcSight

      

    But it seem not normal installation file and still no document for study configuration.

    Wencheng

  • 0 in reply to   

    Hi

       Last week I join a arcsight training to learn basic smartconnector.so I install a smartconnector and to set syslog Daemon as document "Configuration Guide for VMware ESXi Syslog SmartConnector".

       I indeed see the log from ESXi 7/8 send....but the log still not parse well...for example VM create/delete/power on /power off event...the VM name and action does not parse to place attribute...

       so admin could not easy search or create VM report.

    Wencheng