I am looking for a script that will extract the data from the update manager scans and possibly additional information ....
Thank you for any assistance..
The following script will produce a CSV file with missing patches for a number of guests.
In this case I took all the guests on a specific cluster but that can easily be changed.
$clusterName = <cluster-name>
$vms = Get-Cluster $clusterName | Get-VM
$report = @()
# Scan-Inventory -Entity $vms -UpdateType "vmPatch"
$vms | %{
$vm = $_
Get-Compliance -Entity $_ -ComplianceStatus "NotCompliant" -Detailed | %{
$_.NotCompliantPatches | where {$_.Severiy -ne "NotApplicable"} | %{
$row = "" | Select VMname, Vendor, UpdateName, Severity, Compliance, ReleaseDate
$row.VMname = $vm.Name
$row.Vendor = $_.Vendor
$row.UpdateName = $_.Name
$row.Severity = $_.Severity
$row.Compliance = "Missing"
$row.ReleaseDate = $_.ReleaseDate
$report += $row
}
}
}
$report | Export-Csv "C:\Missing-patches.csv" -NoTypeInformation -UseCulture
If you want to perform a Scan before you run the report , uncomment the line with the Scan-Inventory cmdlet.
____________
Blog: LucD notes
Twitter: lucd22
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Not sure exactly what information you want to extract but with the Get-Compliance cmdlet you can retrieve the information.
For example, this will show if there are patches for which the guest is non-compliant and it will list some details of each of these patches.
$vmName = <vm-name>
Scan-Inventory -Entity (Get-VM $vmName) -UpdateType "vmPatch"
Get-Compliance -Entity (Get-VM $vmName) -ComplianceStatus "NotCompliant" -Detailed | %{
if($_.NotCompliantPatches.Count -eq 0){
Write-Host "Compliant"
}
else{
Write-Host "Not compliant"
$_.NotCompliantPatches | %{
Write-Host $_.Vendor $_.IdByVendor $_.Nam
}
}
}
There is a lot more information in the data returned by the Get-Compliance cmdlet.
Are you looking for some specific information ?
____________
Blog: LucD notes
Twitter: lucd22
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
After a scan for updates, of a group of virtual machines is completed, the only way to see the systems that are not is compliance is via the Update Manager console. What I need, is to be able to export the results of a scan, which I can pass along to the server team.
As an example. Can you export the below information, from the scan results panel, per vm or for all vm’s.
Thank you for the help…
The following script will produce a CSV file with missing patches for a number of guests.
In this case I took all the guests on a specific cluster but that can easily be changed.
$clusterName = <cluster-name>
$vms = Get-Cluster $clusterName | Get-VM
$report = @()
# Scan-Inventory -Entity $vms -UpdateType "vmPatch"
$vms | %{
$vm = $_
Get-Compliance -Entity $_ -ComplianceStatus "NotCompliant" -Detailed | %{
$_.NotCompliantPatches | where {$_.Severiy -ne "NotApplicable"} | %{
$row = "" | Select VMname, Vendor, UpdateName, Severity, Compliance, ReleaseDate
$row.VMname = $vm.Name
$row.Vendor = $_.Vendor
$row.UpdateName = $_.Name
$row.Severity = $_.Severity
$row.Compliance = "Missing"
$row.ReleaseDate = $_.ReleaseDate
$report += $row
}
}
}
$report | Export-Csv "C:\Missing-patches.csv" -NoTypeInformation -UseCulture
If you want to perform a Scan before you run the report , uncomment the line with the Scan-Inventory cmdlet.
____________
Blog: LucD notes
Twitter: lucd22
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Thank you for the help, I will test in a few and let you know if I have any issues... Thanks again !
I get the following error message when trying to run this script.
Get-Compliance : Cannot validate argument on parameter 'Entity'. The argument i
s null. Supply a non-null argument and try the command again.
At line:3 char:28
+ Get-Compliance -Entity <<<< $_ -ComplianceStatus "NotCompliant" -Detail
ed | %{
+ CategoryInfo : InvalidData: (:) [Get-Compliance], ParameterBind
ingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,VMware.VumAutom
ation.Commands.GetCompliance
I need to export a list of all VMs and their Not Compliant patches.
Thanks,
