vGW Series Attributes for VMware

Table 19 identifies the attributes that you can use in defining Smart Groups.

Table 19: Smart Group Attributes

Attribute name

Data Type

Description

vcd.tag

String

vCloud Director Organization and metadata attributes.

vf.antivirus.database.version

String Value

What version of AV database version is this VM using? (What's installed on the central AV database it is connected to)?

vf.antivirus.endpoint.connected

Boolean Value

Is this VM properly connected to central AV scan engine?

vf.antivirus.endpoint.enabled

Boolean Value

Does this VM have an operational AV agent installed?

vf.antivirus.endpoint.version

String Value

Version of endpoint installed on the VM.

vf.antivirus.engine.version

String Value

What version of the AV engine is this VM is using? (What is installed on the central VM database it is connected to?)

vf.antivirus.onaccess.enabled

Boolean Value

Does this VM have on-access AV scanning enabled?

vf.antivirus.quarantine.enabled

Boolean Value

Is this VM configured to quarantine virus files?

vf.app_count_bad

Integer

Number of applications on a VM that are classified as bad.

vf.app_count_known

Integer

Number of applications on a VM that are classified as known.

vf.app_count_unclassified

Integer

Number of applications on a VM that are unclassified.

vf.app_count_unknown

Integer

Number of applications on a VM that are classified as unknown.

vf.app.gi.compliant

String Value

Is this VM in compliance with the selected Gold Image?

vf.app.is.gold.image

Boolean Value

Is this VM defined as a master image for Image Enforcer comparisons?

vf.app.matches.gold.image

Boolean Value

Is this VM compliant with its configured Gold Image?

vf.app.registry

String Value

Registry value from s registry as determined by Introspection of VM.

vf.application

String Value

An application installed on a VM.

vf.description

String

The text string description of the VM, as defined in the vGW Security Design Settings module Machines section.

vf.firewall

String

Is this VM a vGW Security VM?

vf.group

Multi String

Comma-separated string of all vGW groups to which a VM belongs.

vf.has_installed_group_policy

Boolean

Does the VM have a non-default group policy installed?

vf.has_installed_policy

Boolean

Does the VM have an installed security policy?

vf.hotfix

Multi String

Hotfix installed on a VM.

vf.monitored

Boolean

Is the VM currently being monitored by the vGW Security Design VM?

vf.name

String

Name as defined in the vGW Security Design VM.

vf.os

String

The operating system installed on the VM.

vf.quarantined

Boolean Value

Is this VM in a quarantined state, and thus in the Quarantine Policy group?

vf.secured

Boolean

Is a VM currently secured by the vGW Security Design VM?

vf.secured_active

Boolean

Is the VM actively protected by vGW?

vf.tag

String

Tags associated with this VM that are semicolon separated.

vf.type

Enumeration

The machine object type.

vf.virus.infected

Boolean Value

Has a virus been detected on this VM by the vGW antivirus engine?

vi.attribute

String Value

The attribute values that are defined in the annotation box in VI.

vi.cluster

String

Cluster containing a VM.

vi.datacenter

String

Data Center in vCenter where a VM is housed.

vi.deleted

Boolean Value

Has this VM been deleted?

vi.excfg.copy.disable

Boolean Value

Is the copy and paste to remote console feature disabled for this VM?

vi.excfg.deviceconnectable.disable

Boolean Value

Is this VM configured to allow devices to be connected?

vi.excfg.deviceedit.disable

Boolean Value

Is this VM configured to allow devices to be connected and removed?

vi.excfg.diskshrink.disable

Boolean Value

Is this VM configured to prevent virtual disk shrinking?

vi.excfg.diskwiper.disable

Boolean Value

Is this VM configured to prevent virtual disk shrinking?

vi.excfg.dragndrop.disable

Boolean Value

Is the copy and paste to remote console feature disabled for this VM?

vi.excfg.hostinfo.disable

Boolean Value

Is access to host performance information available to this VM?

vi.excfg.log.disable

Boolean Value

Is the VM log file size limited for this VM?

vi.excfg.log.keep.old

Numeric Value

Is the number of stored log files limited for this VM?

vi.excfg.log.rotatesize

Numeric Value

Is the VM log file size limited for this VM?

vi.excfg.paste.disable

Boolean Value

Is the copy and paste to remote console feature disabled for this VM?

vi.excfg.remotedisplay.max

Numeric Value

How many remote consoles are available for this VM? VMware Hardening guideline recommends limiting to one.

vi.excfg.remoteop.disable

Boolean Value

Are remote operations disabled for this guest?

vi.excfg.setguiopts.disable

Boolean Value

Is the copy and paste to remote console feature disabled for this VM?

vi.excfg.vmxfilesize.limit

Numeric Value

Is the VMX file size limited (to limit the informational messages from VM to VMX file)?

vi.folder

Multi-String

The folder containing a VM in vCenter.

vi.host

String

ESX/ESXi hosting a VM.

vi.host.console.ids

Boolean Value

Is vGW IDS inspection enabled for this hypervisor's service console?

vi.host.console.monitor

Boolean Value

Is vGW network monitoring enabled for this hypervisor's service console?

vi.host.lockdown

Boolean Value

Is lockdown mode enabled for this hypervisor host?

vi.host.ntp.enabled

Boolean Value

Is Network Time Protocol (NTP) configured and enabled for this hypervisor?

vi.host.techsupportmode.disable

Boolean Value

Is tech support mode enabled for this hypervisor?

vi.host.vmkernel.isolated.vlan

Boolean Value

Is the vmkernel management network on this hypervisor on an isolated VLAN?

vi.host.vmkernel.isolated.vswitch

Boolean Value

Is the vmkernel management network on this hypervisor on an isolated vSwitch?

vi.indep.nonpersist.disk.ct

Numeric Value

The number of virtual disks used by this VM that are configured as Independent nonpersistent and thus cannot be introspection scanned.

vi.ipv4

IPv4 (multi value)

The IP addresses as known on a VM.

vi.ipv6

IPv6 (multi value)

The IP addresses as known on a VM. They can be coded as single addresses or an address range.

Example Addresses:

  • 2001:0db8:85a3:0000:0000:8a2e:0370:7334
  • fe80::202:b3ff:fe1e:8329

vi.memory_inspection

Boolean

Are VMsafe memory and CPU API enabled for this VM?

vi.name

String

Name of this VM as defined in vCenter.

vi.notes

String

Annotation free text notes attached to the VM in vCenter.

vi.os

String Value

Operating system defined for the VM in vCenter.

vi.pg.security.forgedtransmits

Boolean Value

Is VM connected to a port group that allows forged MAC addresses (MACs other than defined in the VMX)?

vi.pg.security.macchanges

Boolean Value

Is VM connected to a port group that allows reception of unknown MAC addresses (MACs other than defined in the VMX)?

vi.pg.security.promiscuous

Boolean Value

Is VM connected to a promiscuous port group?

vi.portgroup

String Value

Port groups on the virtual switch this VM is actively connected to. Port Groups for disconnected vNICs will not be included. (For a running/suspended VM, this will be the port groups actually connected. For a stopped VM, this value is the port groups that are connected at poweron.)

vi.portgroup.all

String Value

Port groups on the virtual switch this VM is connected to. This list includes port groups even if the vNIC is disconnected. (For a running/suspended VM, this will be the port groups actually connected. For a stopped VM, this value is the port groups that are connected at poweron.)

vi.powerstate

Enumeration

What is the current power state of this VM?

vi.pvlan

Numeric Value

Private VLAN values for connected port groups.

vi.pvlan.all

Numeric Value

List of all private VLANs in use by this VM, includes vNICs in both connected and disconnected states.

vi.os

String

Operating system defined for the VM in vCenter

vi.resourcepool

String

Resource pool VM is a member of vCenter.

vi.snapshots.count

Numeric Value

How many snapshots exist for this VM?

vi.vapp

Multi String

vApp group VM is a member of vCenter.

vi.vlan

Multi-value integer

VLANs of connected port groups.

vi.vlan.all

Multi-value integer

VLANs of all interfaces.

vi.vmci_enabled

Boolean

Is VMCI (shared memory communications) enabled for this VM?

vi.vmsafe_configured

Boolean

Is VMsafe firewall security enabled for this VM?

vi.vmsafe_dvfilter

Multi String

The dvfilters protecting this VM.

vi.vmsafe.initfailmode

Enumeration

If VMsafe is unable to initialize, what is the network connectivity choice for this VM?

vi.vmwaretools.running

Boolean

Is VMware Tools running on this VM?

vi.vmwaretools.uptodate

Boolean

Is the version of VMware Tools installed on this VM current?

vi.vnic.count

Numeric Value

Number of connected vNICs.

vi.vswitch

Multi String

vSwitch VM is connected to.

Related Documentation