Solved: Re: Security Tags in NSX

Vijay2027 · ‎09-06-2018

I was able to retrieve the VM's with security tags assigned.

PS C:\> Get-VM | Get-NsxSecurityTagAssignment | select-object @{Name="SecurityTag"; expression = {$_.securitytag.name}}, VirtualMachine

SecurityTag VirtualMachine

----------- --------------

VULNERABILITY_MGMT.VulnerabilityFound.threat=medium AD01

VULNERABILITY_MGMT.VulnerabilityFound.threat=medium AD-01

However I am looking for a way to retrieve VM's without any Security tags assigned through PowerCLI.

Any help is greatly appreciated. Thank you in advance. LucD

LucD · ‎09-06-2018

Try like this

Get-VM | where {-not (Get-NsxSecurityTagAssignment -VirtualMachine $_)}

LucD · ‎09-06-2018

I don't have a NSX environment to test.
To allow me to determine what to filter on, can you check what this returns?

Get-VM | Get-TagAssignment

Vijay2027 · ‎09-06-2018

Thank you for your quick response.

I am trying to security tags from powercli like:

PS C:\> Get-VM | Get-NsxSecurityTagAssignment

SecurityTag VirtualMachine

----------- --------------

securityTag AD01

securityTag AD-01

So I am trying to figure out if there is a way to get VM's without any "Security Tags" assigned.

LucD · ‎09-06-2018

I understand that, but I would like to know which TagCategory these NSX SecurityTags belong to.

Hence my previous request to run that line in your environment, and show me the result.

Vijay2027 · ‎09-06-2018

Here is the output:

PS C:\> Get-VM | Get-TagAssignment

PS C:\>

PS C:\> Get-VM | Get-NsxSecurityTagAssignment

SecurityTag VirtualMachine

----------- --------------

securityTag AD01

securityTag AD-01

PS C:\>

LucD · ‎09-06-2018

Try like this

Get-VM | where {-not (Get-NsxSecurityTagAssignment -VirtualMachine $_)}

Vijay2027 · ‎09-06-2018

Worked like a charm. thank you so much LucD

Security Tags in NSX