Solved: Export the results of Switch and Port Group Securi...

sjoshi25 · ‎02-01-2022

I wanted to run the following commands to get certain security policy configs for VSwitch and VPortgroup both standard and distributed for all hosts on multiple vCenters.

How should to combine these commands in one script and export the data in CSV:

Get-VirtualSwitch -Standard | Select VMHost, Name, ` @{N="MacChanges";E={if ($_.ExtensionData.Spec.Policy.Security.MacChanges) { "Accept" } Else { "Reject"} }}, ` @{N="PromiscuousMode";E={if ($_.ExtensionData.Spec.Policy.Security.PromiscuousMode) { "Accept" } Else { "Reject"} }}, ` @{N="ForgedTransmits";E={if ($_.ExtensionData.Spec.Policy.Security.ForgedTransmits) { "Accept" } Else { "Reject"} }}

Get-VDSwitch | Select VMHost, Name, ` @{N="MacChanges";E={if ($_.ExtensionData.Spec.Policy.Security.MacChanges) { "Accept" } Else { "Reject"} }}, ` @{N="PromiscuousMode";E={if ($_.ExtensionData.Spec.Policy.Security.PromiscuousMode) { "Accept" } Else { "Reject"} }}, ` @{N="ForgedTransmits";E={if ($_.ExtensionData.Spec.Policy.Security.ForgedTransmits) { "Accept" } Else { "Reject"} }}

Get-VirtualPortGroup | Select VMHost, Name, ` @{N="MacChanges";E={if ($_.ExtensionData.Spec.Policy.Security.MacChanges) { "Accept" } Else { "Reject"} }}, ` @{N="PromiscuousMode";E={if ($_.ExtensionData.Spec.Policy.Security.PromiscuousMode) { "Accept" } Else { "Reject"} }}, ` @{N="ForgedTransmits";E={if ($_.ExtensionData.Spec.Policy.Security.ForgedTransmits) { "Accept" } Else { "Reject"} }}

Get-VDPortGroup | Select VMHost, Name, ` @{N="MacChanges";E={if ($_.ExtensionData.Spec.Policy.Security.MacChanges) { "Accept" } Else { "Reject"} }}, ` @{N="PromiscuousMode";E={if ($_.ExtensionData.Spec.Policy.Security.PromiscuousMode) { "Accept" } Else { "Reject"} }}, ` @{N="ForgedTransmits";E={if ($_.ExtensionData.Spec.Policy.Security.ForgedTransmits) { "Accept" } Else { "Reject"} }}

LucD · ‎02-01-2022

Try like this

$report = Get-VirtualSwitch -Standard | Select VMHost, Name, @{N="MacChanges";E={if ($_.ExtensionData.Spec.Policy.Security.MacChanges) { "Accept" } Else { "Reject"} }},  @{N="PromiscuousMode";E={if ($_.ExtensionData.Spec.Policy.Security.PromiscuousMode) { "Accept" } Else { "Reject"} }},  @{N="ForgedTransmits";E={if ($_.ExtensionData.Spec.Policy.Security.ForgedTransmits) { "Accept" } Else { "Reject"} }}

$report += Get-VDSwitch | Select VMHost, Name,  @{N="MacChanges";E={if ($_.ExtensionData.Spec.Policy.Security.MacChanges) { "Accept" } Else { "Reject"} }},  @{N="PromiscuousMode";E={if ($_.ExtensionData.Spec.Policy.Security.PromiscuousMode) { "Accept" } Else { "Reject"} }},  @{N="ForgedTransmits";E={if ($_.ExtensionData.Spec.Policy.Security.ForgedTransmits) { "Accept" } Else { "Reject"} }}

$report += Get-VirtualPortGroup | Select-Object VMHost, Name, @{N = "MacChanges"; E = { if ($_.ExtensionData.Spec.Policy.Security.MacChanges) { "Accept" } Else { "Reject" } } }, @{N = "PromiscuousMode"; E = { if ($_.ExtensionData.Spec.Policy.Security.PromiscuousMode) { "Accept" } Else { "Reject" } } }, @{N = "ForgedTransmits"; E = { if ($_.ExtensionData.Spec.Policy.Security.ForgedTransmits) { "Accept" } Else { "Reject"} }}

$report += Get-VDPortgroup | Select-Object VMHost, Name, @{N = "MacChanges"; E = { if ($_.ExtensionData.Spec.Policy.Security.MacChanges) { "Accept" } Else { "Reject" } } }, @{N = "PromiscuousMode"; E = { if ($_.ExtensionData.Spec.Policy.Security.PromiscuousMode) { "Accept" } Else { "Reject" } } }, @{N = "ForgedTransmits"; E = { if ($_.ExtensionData.Spec.Policy.Security.ForgedTransmits) { "Accept" } Else { "Reject"} }}

$report | Export-Csv -Path .\report.csv -UseCulture -NoTypeInformation

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

View solution in original post

LucD · ‎02-01-2022

Try like this

$report = Get-VirtualSwitch -Standard | Select VMHost, Name, @{N="MacChanges";E={if ($_.ExtensionData.Spec.Policy.Security.MacChanges) { "Accept" } Else { "Reject"} }},  @{N="PromiscuousMode";E={if ($_.ExtensionData.Spec.Policy.Security.PromiscuousMode) { "Accept" } Else { "Reject"} }},  @{N="ForgedTransmits";E={if ($_.ExtensionData.Spec.Policy.Security.ForgedTransmits) { "Accept" } Else { "Reject"} }}

$report += Get-VDSwitch | Select VMHost, Name,  @{N="MacChanges";E={if ($_.ExtensionData.Spec.Policy.Security.MacChanges) { "Accept" } Else { "Reject"} }},  @{N="PromiscuousMode";E={if ($_.ExtensionData.Spec.Policy.Security.PromiscuousMode) { "Accept" } Else { "Reject"} }},  @{N="ForgedTransmits";E={if ($_.ExtensionData.Spec.Policy.Security.ForgedTransmits) { "Accept" } Else { "Reject"} }}

$report += Get-VirtualPortGroup | Select-Object VMHost, Name, @{N = "MacChanges"; E = { if ($_.ExtensionData.Spec.Policy.Security.MacChanges) { "Accept" } Else { "Reject" } } }, @{N = "PromiscuousMode"; E = { if ($_.ExtensionData.Spec.Policy.Security.PromiscuousMode) { "Accept" } Else { "Reject" } } }, @{N = "ForgedTransmits"; E = { if ($_.ExtensionData.Spec.Policy.Security.ForgedTransmits) { "Accept" } Else { "Reject"} }}

$report += Get-VDPortgroup | Select-Object VMHost, Name, @{N = "MacChanges"; E = { if ($_.ExtensionData.Spec.Policy.Security.MacChanges) { "Accept" } Else { "Reject" } } }, @{N = "PromiscuousMode"; E = { if ($_.ExtensionData.Spec.Policy.Security.PromiscuousMode) { "Accept" } Else { "Reject" } } }, @{N = "ForgedTransmits"; E = { if ($_.ExtensionData.Spec.Policy.Security.ForgedTransmits) { "Accept" } Else { "Reject"} }}

$report | Export-Csv -Path .\report.csv -UseCulture -NoTypeInformation

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

sjoshi25 · ‎02-01-2022

Thanks LuCD, just tried on one vCenter and it works. Sorry for the question on similar older post, I saw it after posting and thought I could use it. Thanks again for the help!

LucD · ‎02-01-2022

If you have multiple vCenter, just connect to all of them, and then run the script

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

All

Export the results of Switch and Port Group Security Policy