Hi Kunaludapi,

Thanks for your support,

My Requirement is if any one has connected to ESXi via SSH and executed commands like history or checking Logs or any ESXi Command then I need to get the same information via Powercli by doing a query to particular host.

Simply it can be history of commands executed via SSH.

Thanks in Advance.

Yes, you can use plink tool and output to powercli.

Thanks Kunaludapi,

In  your blog you are changing the banner for SSH login so you are editing /etc/motd, but in my case I need to get history of commands who has executed previously and I need to fetch it from Powercli, can you please give me script for the same.

I assume you are looking for something as described in KB2004810, and how to do that from PowerCLI.

Is that correct ?

Hi Lucd,

I am looking for same to get from Powercli as I need this report on a daily basis. Please suggest.

Once you login to the vcenter it will fetch logs from all the esxi host and store under c:\scripts\

On the same location you will have to create a txt file and save below command., file date also can be scripted to change date daily.

cat /var/log/shell.log | grep -i "2015-01-07"

#####################################  

  ## http://kunaludapi.blogspot.com  

  ## Version: 1  

  ## Tested this script on  

  ## 1) Powershell v3  

  ## 2) Powercli v5.5  

  ## 3) Vsphere 5.x  

  #################################### 

 

Connect-Viserver

Add-PSSnapin vmware.vimautomation.core 

$command = "C:\scripts\motd.txt" 

$esxiHosts = Get-VMHost  

$root = "root" 

$Passwd = "Newused123" 

foreach ($esxiHost in $esxiHosts) { 

   $SSHservice = $esxiHost | Get-VMHostService | where {$psitem.key -eq "tsm-ssh"} 

   if ($SSHservice.Running -eq $False) { 

     $esxiHost | Get-VMHostService | where {$psitem.key -eq "tsm-ssh"} | Start-VMHostService | Out-Null  

   } 

   $result = Write-Output "yes" | plink.exe -ssh root@$esxihost -P 22 -pw $passwd -m $command 

   $esxiHost | Get-VMHostService | where {$psitem.key -eq "tsm-ssh"} | Stop-VMHostService -Confirm:$false | Out-Null

   $filename =  "{0}-{1}{2}{3}-Shell.log" -f $esxihost, $((get-date).day), $((get-date).month), ((get-date).year)

   $result | Out-File c:\scripts\$filename

}

#################################################################################################

I also have another script written,

vGeek: Download logs from all esxi host to desktop to review it later

It will download complete /var/log folder. if you only want shell.log, find the line $filesource = "/var/log/*" and change with below in the script.

$filesource = "/var/log/shell.log"

You can get both of these logs via the Web interface (as described in the KB), if that kind of access hasn't been prohibited in your installation of course.

Something like this should do the trick.

Hi Kunaludapi,

Thanks for your support.Script is working fine. Is there any way that we can get the same result without using plink.

Hi Lucd,

Thanks for your support, as https is blocked for our environment to access ESXi, Is there any other way to get this achieved without using plink. Please suggest.

Hi Lucd,

Thanks Script works fine.

Hi Lucd,

Can you please direct me to any article which explain about New-object as well New-Viproperty with explanation and examples.

For the New-Object cmdlet, there is a great post by Don Jones, called Windows PowerShell: The Many Ways to a Custom Object

For the New-VIProperty cmdlet have a look at the post called http://blogs.vmware.com/PowerCLI/2013/01/lets-make-new-viproperty-easier.htmlLet’s Make New-VIProperty Easier, which not only introduces an interesting Fling, but also has a list of pointers to other blog posts.

Thanks Lucd.