VMware Cloud Community
LC48442
Contributor
Contributor

Get-Compliance Report for a List of ESX Hosts in 1 vCenter?

So i have a command that works below individually. I want this to work for a list of hosts. How can i do this?

$vCenter = "VCENTERNAMEHERE" # vCenter FQDN

# Connect to vCenter

Connect-VIServer -Server $vCenter -User "USER" -Password "PASSWORD"

Get-Inventory -Name ESXHOSTNAMEHERE | Scan-Inventory -UpdateType HostPatch

$ESXhost = get-vmhost ESXHOSTNAMEHERE

$compliance = Get-Compliance -Entity $ESXhost -Detailed

$compliance.NotCompliantPatches | Select-Object Name,IDByVendor,Description,@{n='Product';e={$_.product | Select-Object -expandproperty Version}},ReleaseDate |

Export-Csv "C:\FOLDER\vCenterPatchReport.csv" -NoTypeInformation -UseCulture

Reply
0 Kudos
10 Replies
LucD
Leadership
Leadership

Try something like this

Note that I used the latest Update Manager cmdlets (from PowerCLI 6.5.1).

If you are using an older Update Manager version, you will have to use the cmdlets you had in there earlier

$vCenter = "VCENTERNAMEHERE" # vCenter FQDN

# Connect to vCenter

Connect-VIServer -Server $vCenter -User "USER" -Password "PASSWORD"

$esx = Get-VMHost

Test-Compliance -Entity $esx -UpdateType HostPatch

$report = $esx | Get-Compliance -Detailed | %{

    $_.NotCompliantPatches |

    Select-Object Name,IDByVendor,Description,@{n='Product';e={$_.product | Select-Object -expandproperty Version}},ReleaseDate

}

$report | Export-Csv "C:\FOLDER\vCenterPatchReport.csv" -NoTypeInformation -UseCulture


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
LC48442
Contributor
Contributor

How would a insert a text file into this so I can simply store the names?

Reply
0 Kudos
LC48442
Contributor
Contributor

the other thing I notice, that 6.5.1 does not work properly. I had to downgrade back to 6.0.0.

Reply
0 Kudos
LucD
Leadership
Leadership

You could try like this.

Why did 6.5.1 not work?

Due to your Update Manager version?

$vcNames = Get-Content C:\VCnames.txt

foreach($vc in $vcNames){

    Connect-VIServer -Server $vc -User "USER" -Password "PASSWORD"

    

    $esx = Get-VMHost

    Test-Compliance -Entity $esx -UpdateType HostPatch

    $esx | Get-Compliance -Detailed | %{

        $_.NotCompliantPatches |

        Select-Object @{N='vCenter';E={$vc}},Name,IDByVendor,Description,

            @{n='Product';e={$_.product | Select-Object -expandproperty Version}},ReleaseDate

    }

    Disconnect-VIServer -Server $vc -Confirm:$false

}

$report | Export-Csv "C:\FOLDER\vCenterPatchReport.csv" -NoTypeInformation -UseCulture


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
LC48442
Contributor
Contributor

this does not work for me. How can incorporate a For-Each Statement into this script below? Just from this code below only? Just so i can run against a list of names.

Get-Inventory -Name ESXHOSTnameHERE | Scan-Inventory -UpdateType HostPatch

$ESXhost = get-vmhost ESXHOSTnameHERE

$compliance = Get-Compliance -Entity $ESXhost -Detailed

$compliance.NotCompliantPatches | Select-Object Name,IDByVendor,Description,@{n='Product';e={$_.product | Select-Object -expandproperty Version}},ReleaseDate |

Export-Csv "C:\vSphere PowerCLI\ESXHOSTname_ComplianceReportb.csv" -NoTypeInformation -UseCulture

Reply
0 Kudos
LucD
Leadership
Leadership

Try like this.

You can use a mask (like all nodes starting with esx or a list of names)

$report = foreach($esx in Get-VMHost -Name esx*){

    Scan-Inventory -Entity $esx -UpdateType HostPatch

    Get-Compliance -Entity $esx -Detailed |

    select -ExpandProperty NotCompliantPatches |

    Select-Object @{N='VMHost';E={$esx.Name}},Name,IDByVendor,Description,@{N='Product';E={$_.product.Version}},ReleaseDate

}

$report |

Export-Csv "C:\vSphere PowerCLI\ESXHOSTname_ComplianceReportb.csv" -NoTypeInformation -UseCulture


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
LC48442
Contributor
Contributor

how do i bring in the txt file into this script you just created? Such as adding in Get-Content?

Reply
0 Kudos
LucD
Leadership
Leadership

Try something like this.

It assumes one hostname per line in the file

$report = foreach($esx in Get-VMHost -Name (Get-Content -Path $hostNamesFile)){

    Scan-Inventory -Entity $esx -UpdateType HostPatch

    Get-Compliance -Entity $esx -Detailed |

    select -ExpandProperty NotCompliantPatches |

    Select-Object @{N='VMHost';E={$esx.Name}},Name,IDByVendor,Description,@{N='Product';E={$_.product.Version}},ReleaseDate

}

$report |

Export-Csv "C:\vSphere PowerCLI\ESXHOSTname_ComplianceReportb.csv" -NoTypeInformation -UseCulture


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
LC48442
Contributor
Contributor

How would i expand all of these properties to get Unknown, NotApplicable, Compliant, and NotCompliant all in one select statement?

Neither methods work below:

select -ExpandProperty NotApplicablePatches, NotCompliantPatches,CompliantPatches,UnknownPatches  |

OR

select -ExpandProperty "NotApplicablePatches, NotCompliantPatches,CompliantPatches,UnknownPatches"  |

Reply
0 Kudos
LucD
Leadership
Leadership

The question is, how are you going to display that in one line?

Each of these (Compliant,NonCompliant...) can have multiple entries.

As an example

compliance.png

If you want to join that info, that first entry in the example would produce 1 x 2 x 52 = 104 lines of output.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos