Solved: Re: Configure syslog on multiple ESXi hosts in mul...

BBB36 · ‎10-03-2022

I have this script below (I got it from here) that adds syslog info to servers. It works, but the only output message shows "true" (no quotes) after it runs with ESXi host, vCenter server or any other information. Can someone please help to get the output message to show the vCenter server name, the ESXi host name, the previous syslog server entry, then the new syslog server entry? If this is not possible, could it at least display a "Success" instead of true? I'd still want it to display the vCenter server and ESXi host, then a "Suucess" next to each entry. If the output can also be in a CSV report format that would be very helpful. Thank you.

#This will prompt you to enter your credentials
$vCenterCredential = Get-Credential -Message "Enter account with access to the vCenter(s)" -ErrorAction SilentlyContinue;

#List of vCenter server(s) in a text file either on local or shared drive location
$vCenters = Get-Content -Path "c:\Scripts\Inputs\vcenters.txt"

#Connect to vCenters
Connect-VIServer -Server $vCenters -Credential $vCenterCredential -Protocol https | Out-Null

#Iterate through all ESXi hosts in all vCenter server(s), and configure the Syslog protocol, server, and port
Get-VMHost -PipelineVariable esx |
ForEach-Object -Process {
$sLog = @{
    loghost = 'tcp://syslog-server:123'
}
Get-VMHost -PipelineVariable esx |
ForEach-Object -Process {
    $esxcli = Get-EsxCli -VMHost $esx -V2
    $esxcli.system.syslog.config.set.Invoke($sLog)
}
#Disconnect from all vCenter server(s)
Disconnect-VIServer -Server $vCenters -Confirm:$false

LucD · ‎10-03-2022

Try something like this

#This will prompt you to enter your credentials
$vCenterCredential = Get-Credential -Message "Enter account with access to the vCenter(s)" -ErrorAction SilentlyContinue;

#List of vCenter server(s) in a text file either on local or shared drive location
$vCenters = Get-Content -Path "c:\Scripts\Inputs\vcenters.txt"

#Connect to vCenters
Connect-VIServer -Server $vCenters -Credential $vCenterCredential -Protocol https | Out-Null

#Iterate through all ESXi hosts in all vCenter server(s), and configure the Syslog protocol, server, and port
Get-VMHost -PipelineVariable esx |
ForEach-Object -Process {
    $sLog = @{
        loghost = 'tcp://syslog-server:123'
    }
    $esxcli = Get-EsxCli -VMHost $esx -V2
    $old = $esxcli.system.syslog.config.get.Invoke()
    if($esxcli.system.syslog.config.set.Invoke($sLog)){
        New-Object -TypeName PSObject -Property ([ordered]@{
            vCenter = ([uri]$esx.ExtensionData.Client.ServiceUrl).Host
            VMHost = $esx.Name
            SyslogOld = $old.RemoteHost
            SyslogNew = $esxcli.system.syslog.config.get.Invoke().RemoteHost
            })
     }
     else{
        Write-Error "Syslog configuration failed on $($esx.Name)"
    }
} | Export-Csv -Path .\report.csv -NoTypeInformation -UseCulture

#Disconnect from all vCenter server(s)
Disconnect-VIServer -Server $vCenters -Confirm:$false

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

View solution in original post

LucD · ‎10-03-2022

Try something like this

#This will prompt you to enter your credentials
$vCenterCredential = Get-Credential -Message "Enter account with access to the vCenter(s)" -ErrorAction SilentlyContinue;

#List of vCenter server(s) in a text file either on local or shared drive location
$vCenters = Get-Content -Path "c:\Scripts\Inputs\vcenters.txt"

#Connect to vCenters
Connect-VIServer -Server $vCenters -Credential $vCenterCredential -Protocol https | Out-Null

#Iterate through all ESXi hosts in all vCenter server(s), and configure the Syslog protocol, server, and port
Get-VMHost -PipelineVariable esx |
ForEach-Object -Process {
    $sLog = @{
        loghost = 'tcp://syslog-server:123'
    }
    $esxcli = Get-EsxCli -VMHost $esx -V2
    $old = $esxcli.system.syslog.config.get.Invoke()
    if($esxcli.system.syslog.config.set.Invoke($sLog)){
        New-Object -TypeName PSObject -Property ([ordered]@{
            vCenter = ([uri]$esx.ExtensionData.Client.ServiceUrl).Host
            VMHost = $esx.Name
            SyslogOld = $old.RemoteHost
            SyslogNew = $esxcli.system.syslog.config.get.Invoke().RemoteHost
            })
     }
     else{
        Write-Error "Syslog configuration failed on $($esx.Name)"
    }
} | Export-Csv -Path .\report.csv -NoTypeInformation -UseCulture

#Disconnect from all vCenter server(s)
Disconnect-VIServer -Server $vCenters -Confirm:$false

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

BBB36 · ‎10-04-2022

Excellent! Thank you!

wetnose88 · ‎10-04-2022

It is time for me to reward the Communities, I have learned a lot from here silently.

I use PowerCLI ONLY to setup the syslog in all 4 vCenters, tested working as well.

#Configure-SyslogOnMultipleESXiHostsIinMultiplevCenters.ps1
$Transcript = "$env:USERPROFILE\documents\transcriptForSyslogSettingChanges_$(Get-Date -format yyyy-MM-dd-hh).txt"

$vcenters = "vctrp01.vsphere.local","vctrp02.vsphere.local","vctrp03.vsphere.local","vctrp04.vsphere.local"

Start-Transcript -path $Transcript -append
Foreach ($vcenter in $vcenters){

Write-Host "Connectint to $vCenter ......" -ForegroundColor Cyan
Connect-VIServer -Server $vcenter -User $creds.User -Password $creds.Password

Write-Host "Processing the ESXi host from $vcenter" -ForegroundColor Green
$vmhosts = get-vmhost
Foreach ($vmhost in $vmhosts){

Write-Host "Processing the ESXi host $vmhost from $vcenter" -ForegroundColor Cyan
#Comment out line either udp or tcp to fit with your environment
Get-VMHost $vmhost | Get-AdvancedSetting -Name Syslog.Global.Loghost | Set-AdvancedSetting -Value udp://10.115.20.100:514 -Confirm:$false
Get-VMHost $vmhost | Get-AdvancedSetting -Name Syslog.Global.Loghost | Set-AdvancedSetting -Value tcp://10.115.20.100:514 -Confirm:$false

}
Write-Host "Disconnect from $vCenter " -ForegroundColor Yellow
Disconnect-viserver * -confirm:$false
}

Stop-Transcript
Write-Host "All done successfully, please review the result $Transcript " -ForegroundColor Yellow

wetnose88 · ‎10-04-2022

BTW, I forget to mention the command I used to connect to vCenter "Connect-VIServer -Server $vcenter -User $creds.User -Password $creds.Password". I am doing it from a jumper server, and my login account have domain admin privilege and Global Permission from each vCenter.

wetnose88 · ‎10-04-2022

Thank you LucD.

BTW, the code you poster here are colorful and easy to read, how do you achieve that?

I can do it either in Notepad++/Powershell ISE, but once I copy & paste my code here, it is all black.

LucD · ‎10-04-2022

For code blocks I use the Insert/Edit Code sample button, and then select C# (the closest for decent formatting in the absence of a PowerShell option).

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

wetnose88 · ‎10-05-2022

Many thanks LucD, will try for next post.

VishnuN87 · ‎11-09-2023

Hi LUCD,

Is there a way we can append the syslog configuration with new IP ,rather than replacing the exisitng ones?

LucD · ‎11-09-2023

The loghost property in the has table accepts an array of Strings.
So you can just append the new host(s) to the old host(s).

Something like this for example

#This will prompt you to enter your credentials
$vCenterCredential = Get-Credential -Message "Enter account with access to the vCenter(s)" -ErrorAction SilentlyContinue;

#List of vCenter server(s) in a text file either on local or shared drive location
$vCenters = Get-Content -Path "c:\Scripts\Inputs\vcenters.txt"

#Connect to vCenters
Connect-VIServer -Server $vCenters -Credential $vCenterCredential -Protocol https | Out-Null

# New syslog hosts
$syslogHosts = 'tcp://syslog-newserver1:123', 'tcp://syslog-newserver2:123'

#Iterate through all ESXi hosts in all vCenter server(s), and configure the Syslog protocol, server, and port
Get-VMHost -PipelineVariable esx |
  ForEach-Object -Process {
    $esxcli = Get-EsxCli -VMHost $esx -V2
    $old = $esxcli.system.syslog.config.get.Invoke()
    $sLog = @{
      loghost = $old.RemoteHost, $syslogHosts 
    }
    if ($esxcli.system.syslog.config.set.Invoke($sLog)) {
      New-Object -TypeName PSObject -Property ([ordered]@{
          vCenter   = ([uri]$esx.ExtensionData.Client.ServiceUrl).Host
          VMHost    = $esx.Name
          SyslogOld = $old.RemoteHost
          SyslogNew = $esxcli.system.syslog.config.get.Invoke().RemoteHost
        })
    } else {
      Write-Error "Syslog configuration failed on $($esx.Name)"
    }
  } | Export-Csv -Path .\report.csv -NoTypeInformation -UseCulture

#Disconnect from all vCenter server(s)
Disconnect-VIServer -Server $vCenters -Confirm:$false

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

VishnuN87 · ‎11-09-2023

Thanks LUCD , Yes this will add multiple ,however if we have a syslog server mentioned already in all esxi and we need to append a new one . The syslog Ips are different for each region anyway that can be modified in the script .

After 1 week we will remove the old one so if you can provide your help on that too.

LucD · ‎11-09-2023

That should be just removing the old one from the array.

$oldServer = 'xyz'    
$sLog = @{
   loghost = $old.RemoteHost | where{$_ -ne $oldServer}
}

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

All

Configure syslog on multiple ESXi hosts in multiple vCenters with CSV output.