You can view the traffic between members of defined Active Directory groups and can use this data to fine-tune your firewall rules.
Before you begin
Guest Introspection must be installed in your environment.
A domain must be registered with NSX Manager. For information on domain registration, see Register a Windows Domain with NSX Manager.
Data collection must be enabled on one or more virtual machines.
About this task
You can either do a quick query using the default search criteria by clicking Search, or tailor the query according to your requirements.
- Log in to the vSphere Web Client.
- Click Networking & Security and then Activity Monitoring.
- Select the AD Groups & Containers tab in the left pane.
- Click the link next to Originating from.
All groups discovered through guest introspection are displayed.
- Select the type of user group that you want to include in the search.
- In Filter, select one or more group and click OK.
- In Where AD Group, select includes or excludes to indicate whether the selected AD group should be included in or excluded from the search.
- Click the link next to Where AD Group.
- Select one or more AD groups and click OK.
- Click the During period () icon and select the time period for the search.
- Click Search.
Search results filtered by the specified criterion are displayed. Click in a row to view information about the members of the specified AD group that are accessing network resources from within the specified security group or desktop pool.
You can export a specific record or all records on this page and save them to a directory in a .csv format by clicking the icon on the bottom right side of the page.