VMware aria operations 8.18.5

VMware vCenter server 7.0.x and 8.0.x

TCP 5.1

For vCenter server versions 7.0.x and 8.0.x, the native CIS compliance guide does not cover controls for assessing vSphere distributed switch and vSphere port group objects. As a result, aria operations skips evaluation of these objects in 7.0.x and 8.0.x environments, which prevents the necessary alerts from being triggered and the object breakdown section from being populated.

To resolve this issue and force evaluation of the missing networking objects, create a custom compliance benchmark by following these steps:

1. Log in to the aria operations user interface.

2. Navigate to configure > alerts > alert definitions.

3. Use the filter to locate the native CIS compliance alert definition corresponding to the vDS or vPG objects that are currently bypassing evaluation.

4. Select the target alert definition, click the vertical ellipsis (actions menu), and select clone.

5. Assign a distinct name to bypass native overrides (e.g., custom - CIS - vDS/vPG compliance).

6. Advance through the wizard steps (base object, symptoms, recommendations) without altering the core diagnostic logic or original symptom conditions.

7. Click create to save the cloned alert definition.

8. Navigate to configure > compliance.

9. Go to the all benchmarks tab, select custom benchmarks, and click add to create a new custom scorecard.
   
   

10. Define the name and description for the custom benchmark.

11. In the alert definitions assignment section, search for "users" and select the cloned alert definition created in Step 7.

12. Click save to finalize the custom benchmark.

13. Please wait for at least 5+ minutes while the process completes its initial assessments.

The results will appear as shown in the screenshot below:

CIS Compliance in Aria Operations (on-prem)

Create a New Custom Benchmark