We have an ambition to create an audit and monitoring system specific to vmware systems to identify
a) unauthorised access
b) data theft
Specific to esxi hosts and vcenter, is there perhaps a "top 10" events/actions that you'd (or perhaps you do) audit, and are there built in tools within esxi and vcenter to report on these events? I appreciate with IT administration you need a degree of trust but thats where I see the audit / monitoring system to fill the gap to ensure nobody is abusing that trust. I know guests i.e. guest OS/ guest apps also need considering, but based on how easy you told me it is to just pick up a server from within vcenter or within the host, then I'd like to focus on that area..