VMware Cloud Community
Phatsta
Enthusiast
Enthusiast
‎04-23-2015 05:22 AM

Find log file from previous ESXi 5.1 install

Hello everyone,

I have a predicament. We had a non-authorised password change in our esxi 5.1 server a while back. Without going into too much detail, the guy who did it had bad intentions and we weren't likely to get the new password from him. So I did the only thing I could do - installed esxi again and set a new password, reassociated the VM's and off it went. However, now I'd like to examine the log files from the old installation to see if we can muster some sort of evidence.

I made sure to choose "keep old data". Can't remember what it said in detail now, but I got the impression I could keep my old install intact, however now I don't know where to look. Any pointers?

0 Kudos
2 Replies
CoolRam
Expert
Expert
‎04-23-2015 06:56 AM

I would suggest to recover the root password using the Ubuntu live CD install

Follow this KB you will get your password back.

How to recover VMware ESXi root password ? - UnixArena

If you find any answer useful. please mark the answer as correct or helpful.
0 Kudos
Phatsta
Enthusiast
Enthusiast
‎04-23-2015 07:10 AM

I think you missed the point. The password is not the problem anymore, I reinstalled esxi and set a new one. The server is now up and running with the new install, and all is well.

What I need is to access the previous esxi install. It's files should remain somewhere, but I don't know where.

0 Kudos