VMware Cloud Community
vespavbb
Enthusiast
Enthusiast
‎02-02-2021 12:51 AM

report for certain security patch

Hi,

is there a way to generate a report to find if a certain esx patch is installed or not.

For Example "ESXi670-202011301-SG"

Thanks

 

VCP4,VCP5,VCP6,VCP7,VCP8
Reply
0 Kudos
3 Replies
LucD
Leadership
Leadership
‎02-02-2021 01:18 AM

Which vSphere version?
In v7 you will have to use vLCM, in pre-v7 you can use the Update Manager cmdlets (Get-Compliance) 


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
vespavbb
Enthusiast
Enthusiast
‎02-02-2021 01:32 AM

Hi Luc,

 

in v6.7

how could I extend this script for a certain patch only?

$report = foreach($esx in get-cluster "*" | Get-VMHost){
    foreach($baseline in (Get-Compliance -Entity $esx -Detailed | where {$_.Status -eq "NotCompliant"})){
        $baseline.NotCompliantPatches |
        select @{N="Host";E={$esx.Name}},
        @{N="Baseline";E={$baseline.Baseline.Name}},Name,ReleaseDate,IdByVendor,
        @{N="KB";E={(Select-String "(?<url>http://[\w|\.|/]*\w{1})" -InputObject $_.Description).Matches[0].Groups['url'].Value}}
    }
}

$report
VCP4,VCP5,VCP6,VCP7,VCP8
Reply
0 Kudos
LucD
Leadership
Leadership
‎02-02-2021 02:12 AM

The only way I know of is to insert a Where-Object clause after $baseline.NotCompliantPatches.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos