Solved: Re: Trying to pull role and permission changes wit...

td9857 · ‎05-18-2015

I am new to using power shell and we have a power shell reference guide. It has a couple of scripts that I would like to implement. Seems the book was written for Vcenter server4 and Powercli 4.1. Unfortunately we are running VC5.5 and using powercli 5.5 and just downloaded 6.

Anyway Book talks about creating a function and then running the commands. Unfortunately I get nothing not event the red errors telling me I can't type.

Anyway here is the function. listed below ( But I get a error about missing the closing bracket So I have modified the function call to this function Get-VIEventType{<#} that eliminates my errors.

function Get-VIEventType{

<#

.SYNOPSIS
Returns all the available event types in the vSphere environment
Can be used on against a vCenter and an ESX(i) server
.DESCRIPTION
The function returns a string array that contains all the available
eventtypes in the current vSphere environment.
.NOTES
Authors: Luc Dekens
.PARAMETER Category
Select the eventtype to report on.
Default values are: info,warning,error,user

So this is how it looks

Function Get-VIEVentType{<#}

$tgtEvents=get-vieventtype |'

where {$_.Hierarchy -match "/RoleEvent/"} | %{$_.Name}

Get-VIEvent -Start (Get-Date).AddDays(-30) | '

where {$tgtEvents -contains $_.gettype().name} | '

select @{N="CreatedTime"; E={$_.CreatedTime}},

@{N="User"; E={$_.UserName}},

@{N="Message"; E={$_.FullFormattedMessage}},

@{N="Privileges"; E={$_.PrivilegeList}}

It seems to complete but I get zero output.

Also tried this as well - to pull permission

Function Get-VIEVentType{<#}

$tgtEvents=get-vieventtype |'

where {$_.Hierarchy -match "/PermissionEvent/"} | %{$_.Name}

Get-VIEvent -Start (Get-Date).AddDays(-30) | '

where {$tgtEvents -contains $_.gettype().name} | '

select @{N="CreatedTime"; E={$_.CreatedTime}},

@{N="User"; E={$_.UserName}},

@{N="Message"; E={$_.FullFormattedMessage}},

@{N="Privileges"; E={$_.PrivilegeList}}

@{N="Principal"; E={$_.Principal}},

@{N="Entity"; E={$_.Entity.Name}},

@{N="Propagate"; E={$_.Propagate}}

It seems to complete but I get zero output.

Any help or recommendations are greatly appreciated.

Thank you

LucD · ‎05-19-2015

Try adding the MaxSamples parameter, it could be that you have so many events that the one you are looking for is not in the default 100 that Get-VIEvent returns.

Like this

$tgtEvents = Get-VIEventType | where{$_.Hierarchy -match "/RoleEvent/"} | %{$_.Name}

Get-VIEvent -Start (Get-Date).AddDays(-7) -MaxSamples ([int]::MaxValue) |

where{$tgtEvents -contains $_.GetType().Name} |

Select @{N='CreatedTime';E={$_.CreatedTime}},

@{N='User';E={$_.UserName}},

@{N='Message';E={$_.FullFormattedMessage}},

@{N='Privileges';E={$_.PrivilegeList}}

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

View solution in original post

LucD · ‎05-18-2015

Not sure where you copied the code from, but it looks messed up.

You can download the code from here (under Downloads).

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

td9857 · ‎05-18-2015

Thanks; that is the book that I am using just not having very much luck.

LucD · ‎05-18-2015

But all the code in the book can be downloaded from that link I gave.

Did you try that ?

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

td9857 · ‎05-18-2015

Yes I did but no luck.

If I copy your sample script this is what I get.

PowerCLI C:\ps_Scripts> function Get-VIEventType{

>> <#

>> Get-VIEventType | Export-Csv -Path $csvName -NoTypeInformation

>> #>

>> param(

>> [parameter(HelpMessage = "Accepted categories: info,warning,error,user")]

>> [string[]]$Category = @("info","warning","error","user"))

>> begin{

>> $si = Get-View ServiceInstance

>> $eventMgr = Get-View $si.Content.EventManager

>> $oldErrorActionPreference = $ErrorActionPreference

>> $ErrorActionPreference = "SilentlyContinue"

>> }

>>

>> process{

>> $eventMgr.Description.EventInfo | `

>> where {$Category -contains $_.Category} | %{

>> New-Object PSObject -Property @{

>> Name = $_.Key

>> Category = $_.Category

>> Description = $_.Description

>> Hierarchy = &{

>> $obj = New-Object -TypeName ("VMware.Vim." + $_.Key)

>> if($obj){

>> $obj = $obj.GetType()

>> $path = ""

>> do{

>> $path = ($obj.Name + "/") + $path

>> $obj = $obj.BaseType

>> } until($path -like "Event*")

>> $path.TrimEnd("/")

>> }

>> else{

>> "--undocumented--"

>> }

>>

>> end{

>> $ErrorActionPreference = $oldErrorActionPreference

>> }

>>

PowerCLI C:\ps_Scripts>

No output

In the book it talks about running this command

PowerCLI C:\ps_Scripts> function Get-VIEventType{

>> <#

>> get-vieventstype | f1

>>

again I get nothing but if I run this I get everything

PowerCLI C:\ps_Scripts> Get-VIEventType

Hierarchy                     Category                      Name                          Description
---------                     --------                      ----                          -----------
Event/GeneralEvent/Extende... info                          ExtendedEvent                 Import certificate succ
Event/GeneralEvent/Extende... error                         ExtendedEvent                 Import certificate fail
Event/GeneralEvent/Extende... info                          ExtendedEvent                 Join domain success
Event/GeneralEvent/Extende... error                         ExtendedEvent                 Join domain failure
Event/GeneralEvent/Extende... info                          ExtendedEvent                 Leave domain success
Event/GeneralEvent/Extende... error                         ExtendedEvent                 Leave domain failure

etc....

But when I run the commands listed under 17.5 and 17.6 again I get nothing.

I suspect I am just doing something incorrect. But as I mentioned very new to powercli and just do not know where I am going wrong.

I saw in the beginning of the book the commands were for an older version of Vcenter and using an older version of powercli. So I thought that could be the reason but since you authored the book I image that is not the case and that I am just missing something.

LucD · ‎05-18-2015

You are running the function definition from the PowerCLI prompt, that only makes the function definition known to the engine.

It will not execute the function. That's why there is no output.

To execute, you will have to call the function by it's name, and pass parameters if needed.

At the prompt call the function:

PowerCLI C:\ps_Scripts> Get-VIEventType -Category 'Info'

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

td9857 · ‎05-18-2015

well that command works but I still can not run the script needed. scripts i'm trying to get to work are thi listing 17.5 and 17.6

In the book this is what the script looks like

$tgtEvents=Get-VIEventType |'

where {$_.Hierarchy -match "/RoleEvent/"} | %{$_.Name}

Get-VIEvent -Start (Get-Date).AddDays(-7) |'

where {$tgtEvents -contains $_.gettype().name} |'

select @{N="CreatedTime"; E={$_.CreatedTime}},

@{N="User"; E={$_.UserName}},

@{N="Message"; E={$_.FUllFormattedMessage}},

@{N="Privileges"; E={$_.PrivilegeList}}

When I run the command this is the results

PS C:\ps_Scripts>

$tgtEvents=Get-VIEventType |'

where {$_.Hierarchy -match "/RoleEvent/"} | %{$_.Name}
Get-VIEvent -Start (Get-Date).AddDays(-7) |'

where {$tgtEvents -contains $_.gettype().name} |'

select @{N="CreatedTime"; E={$_.CreatedTime}},

@{N="User"; E={$_.UserName}},

@{N="Message"; E={$_.FUllFormattedMessage}},

@{N="Privileges"; E={$_.PrivilegeList}}

At line:2 char:29

+ $tgtEvents=Get-VIEventType |'

+ ~

Expressions are only allowed as the first element of a pipeline.

At line:6 char:50

+ where {$tgtEvents -contains $_.gettype().name} |'

+ ~

The string is missing the terminator: '.

At line:6 char:50

+ where {$tgtEvents -contains $_.gettype().name} |'

+ ~

Expressions are only allowed as the first element of a pipeline.

+ CategoryInfo : ParserError: (:) [], ParentContainsErrorRecordException

+ FullyQualifiedErrorId : ExpressionsMustBeFirstInPipeline

+ ~

Expressions are only allowed as the first element of a pipeline.

At line:6 char:50

+ where {$tgtEvents -contains $_.gettype().name} |'

+ ~

The string is missing the terminator: '.

At line:6 char:50

+ where {$tgtEvents -contains $_.gettype().name} |'

+ ~

Expressions are only allowed as the first element of a pipeline.

+ CategoryInfo : ParserError: (:) [], ParentContainsErrorRecordException

+ FullyQualifiedErrorId : ExpressionsMustBeFirstInPipeline

When I edit the script to remove the errors it looks like this

$tgtEvents=Get-VIEventType |

where {$_.Hierarchy -match "/RoleEvent/"} | %{$_.Name}

-Start (Get-Date).AddDays(-7) |

where {$tgtEvents -contains $_.gettype().name} |

select @{N="CreatedTime"; E={$_.CreatedTime}},

="User"; E={$_.UserName}},

="Message"; E={$_.FUllFormattedMessage}},

="Privileges"; E={$_.PrivilegeList}}

When it runs this is what I get

PS C:\ps_Scripts>
$tgtEvents=Get-VIEventType |
where {$_.Hierarchy -match "/RoleEvent/"} | %{$_.Name}

Get-VIEvent -Start (Get-Date).AddDays(-7) |
where {$tgtEvents -contains $_.gettype().name} |
    select @{N="CreatedTime"; E={$_.CreatedTime}},
    @{N="User"; E={$_.UserName}},
    @{N="Message"; E={$_.FUllFormattedMessage}},
    @{N="Privileges"; E={$_.PrivilegeList}}

PS C:\ps_Scripts> Get-VIEventType

When I add the Get-VIEventtype -category 'info"

Get-VIEventType -Category 'Info'

=Get-VIEventType |

where {$_.Hierarchy -match "/RoleEvent/"} | %{$_.Name}

-Start (Get-Date).AddDays(-7) |

where {$tgtEvents -contains $_.gettype().name} |

select @{N="CreatedTime"; E={$_.CreatedTime}},

="User"; E={$_.UserName}},

="Message"; E={$_.FUllFormattedMessage}},

="Privileges"; E={$_.PrivilegeList}}

I get all the events with info but not what I need

If I try to pipe that into the rest of the script I get this error.

Get-VIEventType -Category 'Info' |

=Get-VIEventType |

where {$_.Hierarchy -match "/RoleEvent/"} | %{$_.Name}

-Start (Get-Date).AddDays(-7) |

where {$tgtEvents -contains $_.gettype().name} |

select @{N="CreatedTime"; E={$_.CreatedTime}},

="User"; E={$_.UserName}},

="Message"; E={$_.FUllFormattedMessage}},

="Privileges"; E={$_.PrivilegeList}}

PS C:\ps_Scripts> Get-VIEventType -Category 'Info' |
$tgtEvents=Get-VIEventType |
where {$_.Hierarchy -match "/RoleEvent/"} | %{$_.Name}

Get-VIEvent -Start (Get-Date).AddDays(-7) |
where {$tgtEvents -contains $_.gettype().name} |
    select @{N="CreatedTime"; E={$_.CreatedTime}},
    @{N="User"; E={$_.UserName}},
    @{N="Message"; E={$_.FUllFormattedMessage}},
    @{N="Privileges"; E={$_.PrivilegeList}}
At line:2 char:1
+ $tgtEvents=Get-VIEventType |
+ ~~~~~~~~~~
Expressions are only allowed as the first element of a pipeline.
    + CategoryInfo          : ParserError: (:) [], ParentContainsErrorRecordException
    + FullyQualifiedErrorId : ExpressionsMustBeFirstInPipeline

PS C:\ps_Scripts> Get-VIEventType

Sorry that i'm having such a hard time with this

td9857 · ‎05-19-2015

OK to fill in some spaces, The first part of the script does seem to work see output.

$tgtEvents=Get-VIEventType |

where {$_.Hierarchy -match "/RoleEvent/"} | %{$_.Name}

PS C:\ps_Scripts> $tgtEvents

RoleAddedEvent

RoleRemovedEvent

RoleUpdatedEvent

However when we run the rest of the script is where we get no output. if we then break the script down and then run just the get-vievents and where statement we do get events but there are no roles listed. We have edited a role on Friday so we should of had some out but we extended the call for 30 days and still nothing.

PS C:\ps_Scripts> $temp = Get-VIEvent -Start (Get-Date).AddDays(-7)

PS C:\ps_Scripts> foreach($this in $temp) { $this.gettype().name}
EventEx
EventEx
UserLogoutSessionEvent
UserLoginSessionEvent
EventEx
EventEx
EventEx
UserLogoutSessionEvent

PS C:\ps_Scripts> Get-VIEvent -Start (Get-Date).AddDays(-30) |
where {$tgtEvents -contains $_.gettype().name} |
    select @{N="CreatedTime"; E={$_.CreatedTime}},
    @{N="User"; E={$_.UserName}},
    @{N="Message"; E={$_.FUllFormattedMessage}},
    @{N="Privileges"; E={$_.PrivilegeList}}

PS C:\ps_Scripts> $temp = Get-VIEvent -Start (Get-Date).AddDays(-30)

PS C:\ps_Scripts> foreach($this in $temp) { $this.gettype().name}
EventEx
EventEx
EventEx
EventEx
EventEx
EventEx
EventEx
EventEx
EventEx
EventEx
UserLogoutSessionEvent
UserLoginSessionEvent
EventEx
EventEx
EventEx
UserLogoutSessionEvent
UserLoginSessionEvent
AlarmStatusChangedEvent
UserLogoutSessionEvent

Seems to me that either the role changes are not being logged or they are not being called correctly?

LucD · ‎05-19-2015

Try adding the MaxSamples parameter, it could be that you have so many events that the one you are looking for is not in the default 100 that Get-VIEvent returns.

Like this

$tgtEvents = Get-VIEventType | where{$_.Hierarchy -match "/RoleEvent/"} | %{$_.Name}

Get-VIEvent -Start (Get-Date).AddDays(-7) -MaxSamples ([int]::MaxValue) |

where{$tgtEvents -contains $_.GetType().Name} |

Select @{N='CreatedTime';E={$_.CreatedTime}},

@{N='User';E={$_.UserName}},

@{N='Message';E={$_.FullFormattedMessage}},

@{N='Privileges';E={$_.PrivilegeList}}

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

td9857 · ‎05-19-2015

Thank you! The script is now working.

All

Trying to pull role and permission changes with out any luck.