Hello Everyone I dont know if this is the correct place to raise this question
I wanted to know if there is a kind of powershell script to gather to a text file or csv or whichever to easy analize the export version of Distributed Firewall, like the next KB article,
The Customer is in the process to migrate from NSX-V to NSX-T and they need to know the current export version
The customer has about 80 ESXi Hosts and when I run the first command, it gives me like 80 Filter names:
[root@esxi:~] vsipioctl getfilters | grep "Filter Name" | grep "sfw.2"
name: nic-2112467-eth0-vmware-sfw.2
name: nic-2112467-eth1-vmware-sfw.2
name: nic-2112467-eth2-vmware-sfw.2
Then I have to run the next command for every nic listed in the previous command, in order to identify the current export version.
[root@esxi:~] vsipioctl getexportversion -f nic-2112467-eth0-vmware-sfw.2
Current export version: 500
However 80 hosts by 80 nics by host will 1600 iterations, so I wanted to get a kind of script to make it a utomaticall process.
Can anyone help me with this please.
Thanks in advance!
Regards!
You can use this as a basis if you like? It uses Posh-SSH and minimum PowerShell version 5.1.
# Gets Firewall Export Version prior to upgrade to T
# https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.1/migration/GUID-993AB7A8-C560-43C0-B7B0-B5A58EC6884D.html
$csv_path = "$($env:LogPath)\HostFwExportVersions_$(Get-Date -F "yyyyMMdd_HHmmss").csv"
$esxiCreds = Get-Credential -Username "root" -Message "Please enter ESXI root password"
$vcsaCreds = Get-Credential -Message "Please enter your vcsa admin username and password"
Connect-ViServer -server "" -credential $vcsaCreds
$vmhosts = Get-VMHost
$dfw_filter_exports = @()
foreach ($vmhost in $vmhosts) {
# Start SSH session on host (saved pwd)
$sshService = Get-VMHostService $vmhost | where Key -eq 'TSM-SSH'
Start-VMHostService -HostService $sshService | out-null
$session = New-SSHSession -ComputerName $vmhost -credential $esxiCreds -AcceptKey
$dfw_filters = Invoke-SSHCommand -SessionId $session.sessionid -command "vsipioctl getfilters | grep 'Filter Name' | grep 'sfw.2' | awk -F': ' '{print`$2}'"
foreach ($filter in $dfw_filters.output) {
$result = Invoke-SSHCommand -SessionId $session.sessionid -command "vsipioctl getexportversion -f $filter | awk -F': ' '{print`$2}'"
$dfw_filter_exports += [PSCustomObject]@{
Host = $result.host
FilterName = $filter
ExportVersion = $result.output[0]
}
}
#Cleanup
Remove-SshSession -session $session.sessionid
Stop-VMHostService -HostService $sshService -confirm:$false | out-null
}
$dfw_filter_exports | Export-Csv $csv_path -notypeinformation
There's also this script which could be modified to just export the info. They use Posh-SSH as well.