• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
The Blog of Jorge de la Cruz

The Blog of Jorge de la Cruz

Everything about VMware, Veeam, InfluxData, Grafana, Zimbra, etc.

  • Home
  • VMWARE
  • VEEAM
    • Veeam Content Recap 2021
    • Veeam v11a
      • Veeam Backup and Replication v11a
    • Veeam Backup for AWS
      • Veeam Backup for AWS v4
    • Veeam Backup for Azure
      • Veeam Backup for Azure v3
    • VeeamON 2021
      • Veeam Announces Support for Red Hat Enterprise Virtualization (RHEV/KVM)
      • Veeam announces enhancements for new versions of Veeam Backup for AWS v4/Azure v3/GVP v2
      • VBO v6 – Self-Service Portal and Native Integration with Azure Archive and AWS S3 Glacier
  • Grafana
    • Part I (Installing InfluxDB, Telegraf and Grafana on Ubuntu 20.04 LTS)
    • Part VIII (Monitoring Veeam using Veeam Enterprise Manager)
    • Part XII (Native Telegraf Plugin for vSphere)
    • Part XIII – Veeam Backup for Microsoft Office 365 v4
    • Part XIV – Veeam Availability Console
    • Part XV – IPMI Monitoring of our ESXi Hosts
    • Part XVI – Performance and Advanced Security of Veeam Backup for Microsoft Office 365
    • Part XVII – Showing Dashboards on Two Monitors Using Raspberry Pi 4
    • Part XIX (Monitoring Veeam with Enterprise Manager) Shell Script
    • Part XXII (Monitoring Cloudflare, include beautiful Maps)
    • Part XXIII (Monitoring WordPress with Jetpack RESTful API)
    • Part XXIV (Monitoring Veeam Backup for Microsoft Azure)
    • Part XXV (Monitoring Power Consumption)
    • Part XXVI (Monitoring Veeam Backup for Nutanix)
    • Part XXVII (Monitoring ReFS and XFS (block-cloning and reflink)
    • Part XXVIII (Monitoring HPE StoreOnce)
    • Part XXIX (Monitoring Pi-hole)
    • Part XXXI (Monitoring Unifi Protect)
    • Part XXXII (Monitoring Veeam ONE – experimental)
    • Part XXXIII (Monitoring NetApp ONTAP)
    • Part XXXIV (Monitoring Runecast)
  • Nutanix
  • ZIMBRA
  • PRTG
  • LINUX
  • MICROSOFT

Veeam: Taking Veeam ONE to the Next-Level with proactive Hardening Monitoring

19th December 2021 - Written in: veeam

Greetings everyone, as the year is coming to an end, this might be the last post of 2021 about Veeam. I was taking a look at the extensive, and vast, Veeam ONE capabilities, remember that I wrote here a really great detail about everything you can do with it:

  • Looking for the Perfect Dashboard: Veeam ONE – Part I – Introduction to Veeam ONE
  • Looking for the Perfect Dashboard: Veeam ONE – Part II – Download and Install Veeam ONE
  • Looking for the Perfect Dashboard: Veeam ONE – Part III – Adding a VMware vSphere Infrastructure to Veeam ONE
  • Looking for the Perfect Dashboard: Veeam ONE – Part IV – Adding a Veeam Backup and Replication Infrastructure to Veeam ONE
  • Looking for the Perfect Dashboard: Veeam ONE – Part V – Troubleshooting vSphere using Veeam ONE Monitor
  • Looking for the Perfect Dashboard: Veeam ONE – Part VI – Troubleshooting Veeam Backup and Replication using Veeam ONE Monitor
  • Looking for the Perfect Dashboard: Veeam ONE – Part VII – Dashboards at a Glance in the Veeam ONE Reporter
  • Looking for the Perfect Dashboard: Veeam ONE – Part VIII – In-depth look at Reports in Veeam ONE Reporter
  • Looking for the Perfect Dashboard: Veeam ONE – Part IX – Chargeback to create cost reports of our Infrastructure

As Veeam ONE already has deep visibility of VMware, not from every event, or change, but enough to give us an idea of what we can do. I have decided to take it to the Next-Level.

Introducing Veeam ONE Proactive Hardening Monitoring – Community-based

Quick introduction the “What”

As you might know, VMware takes the extra effort to keep up to date a really great Spreadsheet with all the security recommendations, and best practices for Center, ESXi, VMs, etc. You can find the spreadsheet for free here:

  • Version 701-20210210-01 – https://via.vmw.com/scg

The spreadsheet looks like this:

Then I thought, wait a minute, some of these changes are reflected on Veeam ONE, I remember seeing them under the Tasks and Events, on every Inventory item:

Deep into the “How”

Alright, now that we have seen the what is all of this, let’s take a look at How we can leverage Veeam ONE to alert us when some of the Hardening issues are triggered. First is to download the Community-Based Veeam ONE Alerts that you can find on GitHub:

  • https://raw.githubusercontent.com/jorgedlcruz/veeam-one-custom-alarms/main/Hardening-VMware-Hosts.xml

Now that we have the file ready, we login into Veeam ONE Client, and we go bottom left, under Alarm Management:

Great! Almost done, we go top of the tree, right-click, and Import Alarms:

As easy as pie, let’s go and select the file, and make sure you keep the Import assignment checked, finally click in Import:

If everything goes as expected, you will see something similar to this:

And finally, if you search by the keyword hardening, you will see the new alerts that have been added:

Doesn’t look awesome? Now, if these alerts are critical to you, please change and edit them to your needs. Same to the notification, it just has a default email, but maybe you want to send these to Teams, or Slack, perhaps? – https://www.veeam.com/blog/one-alarms-notifications-teams-slack.html

Quick “Why”

At this point of the year, I think I should not start pitching about Security, we all have seen massive Ransomware attacks, vulnerabilities of all scores, affecting every single layer of our stack; Hypervisor, Guest OS, Networking, Active Directory, everything really!

So, if a vendor like VMware spends time, and years as I have been following their best practices since vSphere 4.x, the less we can do is to pay attention to that recommendations and harden our environment following those instructions, as painful and less convenient as that can be. And of course, if we can leverage a tool like Veeam ONE to let us know a few pieces around that hardening, well even better.

Thank you so much for reading the blog, hope we can extend this monitoring much further.

Filed Under: veeam Tagged With: veeam one hardening, veeam one security, veeam one vmware security

Reader Interactions

Trackbacks

  1. C'est l'heure de la pause Veeam #5 Feb2022 - Baptiste Tellier says:
    23rd February 2022 at 9:44 am

    […] Jorge Delacruz vous présente Veeam One et ses fonctionnalités pour le hardened monitoring : https://jorgedelacruz.uk/2021/12/19/veeam-taking-veeam-one-to-the-next-level-with-proactive-hardenin… […]

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Primary Sidebar

  • E-mail
  • GitHub
  • LinkedIn
  • RSS
  • Twitter
  • YouTube

Posts Calendar

December 2021
M T W T F S S
 12345
6789101112
13141516171819
20212223242526
2728293031  
« Nov   Jan »

Disclaimer

All opinions expressed on this site are my own and do not represent the opinions of any company I have worked with, am working with, or will be working with.

Copyright © 2025 · The Blog of Jorge de la Cruz