Solved: Re: Help with changing script to a report

mark_chuman · ‎06-22-2011

I've tried, but have been unable to make this script into a report. Here's the script I would like to make into a report:

foreach ($VMHost in Get-VMHost){
   $esx = Get-View -Id $VMHost.id
   foreach($vSwitch in $esx.Config.Network.Vswitch){
          Write-Host $vSwitch.Name
          Write-Host "`tmac changes:" $vSwitch.Spec.Policy.Security.macChanges
          Write-Host "`tForged transmits:" $vSwitch.Spec.Policy.Security.ForgedTransmits
     }
}

I'd like to also add the esx host name into the output. I'd like the output to take this format if possible:

esxservername,mac changes,forged transmits

I was looking at this script as sort of a template, but when I went to replace parts of the script it just wasn't working correctly. This script is for VM information, but I am looking for the above script to be put into this type report format. Or am I wrong in that the above script is only good for just displaying out to the screen when launched in powerCLI?

$report = foreach($vm in (Get-VM | where {$_.PowerState -eq "PoweredOn" })){
    Get-NetworkAdapter -VM $vm | `
    Select @{N="VMname";E={$vm.Name}},
         @{N="MAC address";E={$_.MacAddress}}
}

$report | Export-Csv ".\output.csv" -NoTypeInformation -UseCulture

Thanks in advance for any help.

RvdNieuwendijk · ‎06-22-2011

Hi Mark,

The next script will give you the desired report:

Get-View -ViewType HostSystem | ForEach-Object {
  $VMHostView =$_
  $VMHostView.Config.Network.vSwitch | ForEach-Object {
    $Report = "" | Select-Object -Property VMHost,vSwitch,"MAC Changes","Forged Transmits"
    $Report.VMHost = $VMHostView.Name
    $Report.vSwitch = $_.Name
    $Report."MAC Changes" = $_.Spec.Policy.Security.macChanges
    $Report."Forged Transmits" = $_.Spec.Policy.Security.ForgedTransmits
    $Report
  }
}

Regards, Robert

Blog: https://rvdnieuwendijk.com/ | Twitter: @rvdnieuwendijk | Author of: https://www.packtpub.com/virtualization-and-cloud/learning-powercli-second-edition

View solution in original post

RvdNieuwendijk · ‎06-22-2011

Hi Mark,

The next script will give you the desired report:

Get-View -ViewType HostSystem | ForEach-Object {
  $VMHostView =$_
  $VMHostView.Config.Network.vSwitch | ForEach-Object {
    $Report = "" | Select-Object -Property VMHost,vSwitch,"MAC Changes","Forged Transmits"
    $Report.VMHost = $VMHostView.Name
    $Report.vSwitch = $_.Name
    $Report."MAC Changes" = $_.Spec.Policy.Security.macChanges
    $Report."Forged Transmits" = $_.Spec.Policy.Security.ForgedTransmits
    $Report
  }
}

Regards, Robert

Blog: https://rvdnieuwendijk.com/ | Twitter: @rvdnieuwendijk | Author of: https://www.packtpub.com/virtualization-and-cloud/learning-powercli-second-edition

mark_chuman · ‎06-22-2011

Thank you.

mark_chuman · ‎06-22-2011

Can you please add in a where statement causing the script to only report on "False" settings for these?

$Report."MAC Changes" = $_.Spec.Policy.Security.macChanges
$Report."Forged Transmits" = $_.Spec.Policy.Security.ForgedTransmits

LucD · ‎06-22-2011

Sure, try this.

Get-View -ViewType HostSystem | ForEach-Object { 
    $VMHostView =$_
    $VMHostView.Config.Network.vSwitch | `
       where {!$_.Spec.Policy.Security.macChanges -or !$_.Spec.Policy.Security.ForgedTransmits} | `
       ForEach-Object {
        $Report = "" | Select-Object -Property VMHost,vSwitch,"MAC Changes","Forged Transmits"
        $Report.VMHost = $VMHostView.Name
        $Report.vSwitch = $_.Name
        $Report."MAC Changes" = $_.Spec.Policy.Security.macChanges
        $Report."Forged Transmits" = $_.Spec.Policy.Security.ForgedTransmits
        $Report
      }
}

If both should be $false, replace the -or in the where-clause with an -and

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

mark_chuman · ‎06-22-2011

Worked great. I am curious about this part of the script as I don't see explicit values noted (ie, "False" or "True").

where {!$_.Spec.Policy.Security.macChanges -or !$_.Spec.Policy.Security.ForgedTransmits}

Trying to figure out where the "False" identification is requested. Does it have to do with the "!"?

Thanks again.

LucD · ‎06-22-2011

The exclamation mark is the Boolean NOT operator in PS.

So the statement says: where MacChanges is not true or where ForgedTransmits is not true.

In other words: where MacChanges is false or where ForgedTransmits is false.

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

mark_chuman · ‎06-22-2011

ok, so it is the same as this?

where {$_.Spec.Policy.Security.macChanges -eq "False" -or $_.Spec.Policy.Security.ForgedTransmits -eq "False"}

what would be the way to change out True for False?

Thanks

LucD · ‎06-22-2011

Not really.

In fact that is an interesting example, the value "False" that you use to compare is a string.

PowerShell casts this automatically for you to a Boolean value. But it will not be what you expected, it will be the Boolean value $true.

Another example, you can write

where {$_.Spec.Policy.Security.macChanges -ne "whatever" -or $_.Spec.Policy.Security.ForgedTransmits -ne "whatever"}

Confusing ? Yes, but it shows the way PS casts a string to a Boolean.

Any non-empty string will be cast to $true !

So

where {$_.Spec.Policy.Security.macChanges -eq "False" -or $_.Spec.Policy.Security.ForgedTransmits -eq "False"}

will in fact translate, after the cast, to this

where {$_.Spec.Policy.Security.macChanges -eq $true -or $_.Spec.Policy.Security.ForgedTransmits -eq $true}

It's not the content of the string that is casted, it's the fact if the string is empty or not

This will work

where {$_.Spec.Policy.Security.macChanges -eq "" -or $_.Spec.Policy.Security.ForgedTransmits -eq ""}

since it translates to

where {$_.Spec.Policy.Security.macChanges -eq $false -or $_.Spec.Policy.Security.ForgedTransmits -eq $false}

Don't you just love the flexibility and intelligence of PowerShell

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

mark_chuman · ‎06-22-2011

Ah. I get it now. But, I am not even going to ask why this one works differently

Get-VM | ForEach-Object {Get-View $_.ID} | Where-Object { $_.Config.Version -eq "vmx-04" } | Where-Object { $_.guest.gueststate -eq "running" } | ForEach-Object {Write-Host $_.Name","$_.guest.guestfamily }

Appreciate the time.

LucD · ‎06-22-2011

Short explanation, the left operand ($_.Config.Version) is a string, and so is the right operand, no cast needed.

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

mark_chuman · ‎06-22-2011

It's becoming clearer. Thanks again.

aflore · ‎01-11-2012

Great script Lucd, I'm learning a lot here! Is there anyway we can search a specific Cluster for forged transmits and mac changes using this script?

LucD · ‎01-11-2012

Sure you can.

You could limit the ESX(i) hosts that are returned to just those that are part of a specific cluster.

The first line would then become

$cluster = Get-Cluster -Name MyCluster 
Get-View -ViewType HostSystem -Filter @{"Parent"=$cluster.ExtensionData.MoRef.Value}

Is that what you were looking for ?

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

aflore · ‎01-11-2012

That did it! Thanks!!!!

Matt_B1 · ‎01-17-2012

To modify these setting to meet the vSphere Security Hardening guide, is it possible to leverage the above script? This line would edit the object but probably needs to overwrite the actual object setting.

$_.Spec.Policy.Security.macChanges = "Reject"

LucD · ‎01-18-2012

I'm afraid that changing the settings will not work like that.

You will have to call the UpdateVirtualSwitch method with a HostVirtualSwitchSpec object as argument.

See the Script to Change vSwitch Security Settings thread for an example.

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

All

Help with changing script to a report