ESXi: esxi-8.logs-level-global

Information

The ESXi host must log sufficient information for events. Without sufficient log data, critical indicators of compromise may go unnoticed, leading to increased vulnerability and potential failure to respond effectively to cybersecurity incidents.

Solution

Get-VMHost -Name $ESXi | Get-AdvancedSetting Syslog.global.logLevel | Set-AdvancedSetting -Value info

See Also

https://github.com/vmware/vcf-security-and-compliance-guidelines/raw/refs/heads/main/security-configuration-hardening-guide/vsphere/8.0/

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-3, CCI|CCI-000130

Plugin: VMware

Control ID: 9eb8aca3218247c5d01f57800300a4bd1580e4d760b5025841c211877915a186