10 Replies Latest reply on Aug 11, 2017 11:04 AM by LucD

    Get-Compliance Report for a List of ESX Hosts in 1 vCenter?

    LC48442 Novice

      So i have a command that works below individually. I want this to work for a list of hosts. How can i do this?

       

      $vCenter = "VCENTERNAMEHERE" # vCenter FQDN

      # Connect to vCenter

      Connect-VIServer -Server $vCenter -User "USER" -Password "PASSWORD"

      Get-Inventory -Name ESXHOSTNAMEHERE | Scan-Inventory -UpdateType HostPatch

      $ESXhost = get-vmhost ESXHOSTNAMEHERE

      $compliance = Get-Compliance -Entity $ESXhost -Detailed

      $compliance.NotCompliantPatches | Select-Object Name,IDByVendor,Description,@{n='Product';e={$_.product | Select-Object -expandproperty Version}},ReleaseDate |

      Export-Csv "C:\FOLDER\vCenterPatchReport.csv" -NoTypeInformation -UseCulture

        • 1. Re: Get-Compliance Report for a List of ESX Hosts in 1 vCenter?
          LucD Guru
          vExpertCommunity WarriorsUser Moderators

          Try something like this

          Note that I used the latest Update Manager cmdlets (from PowerCLI 6.5.1).

          If you are using an older Update Manager version, you will have to use the cmdlets you had in there earlier

           

          $vCenter = "VCENTERNAMEHERE" # vCenter FQDN

          # Connect to vCenter

          Connect-VIServer -Server $vCenter -User "USER" -Password "PASSWORD"

           

          $esx = Get-VMHost

          Test-Compliance -Entity $esx -UpdateType HostPatch

          $report = $esx | Get-Compliance -Detailed | %{

              $_.NotCompliantPatches |

              Select-Object Name,IDByVendor,Description,@{n='Product';e={$_.product | Select-Object -expandproperty Version}},ReleaseDate

          }

           

          $report | Export-Csv "C:\FOLDER\vCenterPatchReport.csv" -NoTypeInformation -UseCulture

           

           

          • 2. Re: Get-Compliance Report for a List of ESX Hosts in 1 vCenter?
            LC48442 Novice

            How would a insert a text file into this so I can simply store the names?

            • 3. Re: Get-Compliance Report for a List of ESX Hosts in 1 vCenter?
              LC48442 Novice

              the other thing I notice, that 6.5.1 does not work properly. I had to downgrade back to 6.0.0.

              • 4. Re: Get-Compliance Report for a List of ESX Hosts in 1 vCenter?
                LucD Guru
                Community WarriorsvExpertUser Moderators

                You could try like this.

                Why did 6.5.1 not work?

                Due to your Update Manager version?

                 

                $vcNames = Get-Content C:\VCnames.txt

                 

                foreach($vc in $vcNames){

                    Connect-VIServer -Server $vc -User "USER" -Password "PASSWORD"

                    

                    $esx = Get-VMHost

                    Test-Compliance -Entity $esx -UpdateType HostPatch

                    $esx | Get-Compliance -Detailed | %{

                        $_.NotCompliantPatches |

                        Select-Object @{N='vCenter';E={$vc}},Name,IDByVendor,Description,

                            @{n='Product';e={$_.product | Select-Object -expandproperty Version}},ReleaseDate

                    }

                 

                    Disconnect-VIServer -Server $vc -Confirm:$false

                }

                 

                $report | Export-Csv "C:\FOLDER\vCenterPatchReport.csv" -NoTypeInformation -UseCulture

                 

                • 5. Re: Get-Compliance Report for a List of ESX Hosts in 1 vCenter?
                  LC48442 Novice

                  this does not work for me. How can incorporate a For-Each Statement into this script below? Just from this code below only? Just so i can run against a list of names.

                   

                  Get-Inventory -Name ESXHOSTnameHERE | Scan-Inventory -UpdateType HostPatch

                  $ESXhost = get-vmhost ESXHOSTnameHERE

                  $compliance = Get-Compliance -Entity $ESXhost -Detailed

                  $compliance.NotCompliantPatches | Select-Object Name,IDByVendor,Description,@{n='Product';e={$_.product | Select-Object -expandproperty Version}},ReleaseDate |

                  Export-Csv "C:\vSphere PowerCLI\ESXHOSTname_ComplianceReportb.csv" -NoTypeInformation -UseCulture

                  • 6. Re: Get-Compliance Report for a List of ESX Hosts in 1 vCenter?
                    LucD Guru
                    Community WarriorsvExpertUser Moderators

                    Try like this.

                    You can use a mask (like all nodes starting with esx or a list of names)

                     

                    $report = foreach($esx in Get-VMHost -Name esx*){

                        Scan-Inventory -Entity $esx -UpdateType HostPatch

                        Get-Compliance -Entity $esx -Detailed |

                        select -ExpandProperty NotCompliantPatches |

                        Select-Object @{N='VMHost';E={$esx.Name}},Name,IDByVendor,Description,@{N='Product';E={$_.product.Version}},ReleaseDate

                    }

                     

                    $report |

                    Export-Csv "C:\vSphere PowerCLI\ESXHOSTname_ComplianceReportb.csv" -NoTypeInformation -UseCulture

                    • 7. Re: Get-Compliance Report for a List of ESX Hosts in 1 vCenter?
                      LC48442 Novice

                      how do i bring in the txt file into this script you just created? Such as adding in Get-Content?

                      • 8. Re: Get-Compliance Report for a List of ESX Hosts in 1 vCenter?
                        LucD Guru
                        User ModeratorsCommunity WarriorsvExpert

                        Try something like this.

                        It assumes one hostname per line in the file

                         

                        $report = foreach($esx in Get-VMHost -Name (Get-Content -Path $hostNamesFile)){

                            Scan-Inventory -Entity $esx -UpdateType HostPatch

                            Get-Compliance -Entity $esx -Detailed |

                            select -ExpandProperty NotCompliantPatches |

                            Select-Object @{N='VMHost';E={$esx.Name}},Name,IDByVendor,Description,@{N='Product';E={$_.product.Version}},ReleaseDate

                        }

                         

                        $report |

                        Export-Csv "C:\vSphere PowerCLI\ESXHOSTname_ComplianceReportb.csv" -NoTypeInformation -UseCulture

                        • 9. Re: Get-Compliance Report for a List of ESX Hosts in 1 vCenter?
                          LC48442 Novice

                          How would i expand all of these properties to get Unknown, NotApplicable, Compliant, and NotCompliant all in one select statement?

                           

                          Neither methods work below:

                           

                          select -ExpandProperty NotApplicablePatches, NotCompliantPatches,CompliantPatches,UnknownPatches  |

                           

                          OR

                           

                          select -ExpandProperty "NotApplicablePatches, NotCompliantPatches,CompliantPatches,UnknownPatches"  |

                          • 10. Re: Get-Compliance Report for a List of ESX Hosts in 1 vCenter?
                            LucD Guru
                            Community WarriorsUser ModeratorsvExpert

                            The question is, how are you going to display that in one line?

                            Each of these (Compliant,NonCompliant...) can have multiple entries.

                            As an example

                            compliance.png

                             

                            If you want to join that info, that first entry in the example would produce 1 x 2 x 52 = 104 lines of output.