The script below enables syslog on an ESXi host (server, port, protocol) but it does not actually enable syslog in the ESXi firewall. I have searched here but somehow unable to find a script that can do that. Can someone please help improve upon this script to do that? Thank you.
Get-VMHost -PipelineVariable esx |
ForEach-Object -Process {
$sLog = @{
loghost = 'tcp://server.com:1514'
}
$esxcli = Get-EsxCli -VMHost $esx -V2
$old = $esxcli.system.syslog.config.get.Invoke()
if($esxcli.system.syslog.config.set.Invoke($sLog)){
New-Object -TypeName PSObject -Property ([ordered]@{
vCenter = ([uri]$esx.ExtensionData.Client.ServiceUrl).Host
VMHost = $esx.Name
SyslogOld = $old.RemoteHost
SyslogNew = $esxcli.system.syslog.config.get.Invoke().RemoteHost
})
}
else{
Write-Error "Syslog configuration failed on $($esx.Name)"
}
} | Export-Csv -Path "c:\file.csv" -NoTypeInformation -UseCulture
There are a couple of mistakes in there.
The reload and refresh methods do not require arguments.
You should suppress the Booleans returned from entering in your CSV by redirecting the result to Out-Null
The firewall list method only has a Name and Enabled property in the returned object.
Get-VMHost -PipelineVariable esx |
ForEach-Object -Process {
$sLog = @{
loghost = 'tcp://server.com:1514'
}
$esxcli = Get-EsxCli -VMHost $esx -V2
$old = $esxcli.system.syslog.config.get.Invoke()
$old2 = $esxcli.network.firewall.ruleset.list.Invoke(@{rulesetid = 'syslog' })
if ($esxcli.system.syslog.config.set.Invoke($sLog)) {
$esxcli.system.syslog.reload.Invoke() | Out-Null
if ($esxcli.network.firewall.ruleset.set.Invoke(@{rulesetid = 'syslog'; enabled = $true })){
$esxcli.network.firewall.refresh.Invoke() | Out-Null
New-Object -TypeName PSObject -Property ([ordered]@{
vCenter = ([uri]$esx.ExtensionData.Client.ServiceUrl).Host
VMHost = $esx.Name
SyslogOld = $old.RemoteHost
SyslogNew = $esxcli.system.syslog.config.get.Invoke().RemoteHost
FirewallRulesetOld = $old2.Enabled
FirewallRulesetNew = $esxcli.network.firewall.ruleset.list.Invoke(@{rulesetid = 'syslog' }).Enabled
})
}
}
else {
Write-Error "Syslog configuration failed on $($esx.Name)"
}
} | Export-Csv -Path "c:\file.csv" -NoTypeInformation -UseCulture
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Did you try adding a line like this?
Get-VMHostFireWallException -VMHost $esx -Name Syslog |
Set-VMHostFirewallException -Enabled:$True.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Thank you @LucD . I was able to add that to the script and it worked, however the export had empty rows. Also, I believe a reload command is needed after updating the syslog server and port, and also the syslog ESXi firewall to prevent having to reboot. So I added more lines to the script. I am currently getting the following error when I run it, and I have tried various things but am still getting similar errors:
At line:29 char:3
+ $esxcli.network.firewall.refresh.Invoke(@{rulesetid='syslog'; ...
+ ~~~~~~~
Missing closing ')' after expression in 'if' statement.
+ CategoryInfo : ParserError: (:) [], ParentContainsErrorRecordException
+ FullyQualifiedErrorId : MissingEndParenthesisAfterStatement
Below is the script. I basically want it to perform the reloads I mentioned above, and also if possible, export the new firewall ruleset value as well. Thanks.
Get-VMHost -PipelineVariable esx |
ForEach-Object -Process {
$sLog = @{
loghost = 'tcp://server.com:1514'
}
$esxcli = Get-EsxCli -VMHost $esx -V2
$old = $esxcli.system.syslog.config.get.Invoke()
$old2 = $esxcli.network.firewall.ruleset.list.Invoke(@{rulesetid='syslog'})
if($esxcli.system.syslog.config.set.Invoke($sLog)){
$esxcli.system.syslog.reload.invoke($sLog)
if(($esxcli.network.firewall.ruleset.set.Invoke(@{rulesetid='syslog'; enabled=$true}))
$esxcli.network.firewall.refresh.Invoke(@{rulesetid='syslog'; enabled=$true})
New-Object -TypeName PSObject -Property ([ordered]@{
vCenter = ([uri]$esx.ExtensionData.Client.ServiceUrl).Host
VMHost = $esx.Name
SyslogOld = $old.RemoteHost
SyslogNew = $esxcli.system.syslog.config.get.Invoke().RemoteHost
FirewallRulesetNew = $esxcli.network.firewall.ruleset.list.Invoke(@{rulesetid='syslog'}).RemoteHost
})
}
}
else{
Write-Error "Syslog configuration failed on $($esx.Name)"
} | Export-Csv -Path "c:\file.csv" -NoTypeInformation -UseCulture
There are a couple of misaligned parentheses and a missing curly brace.
This seems to be working for me syntax-wise
Get-VMHost -PipelineVariable esx |
ForEach-Object -Process {
$sLog = @{
loghost = 'tcp://server.com:1514'
}
$esxcli = Get-EsxCli -VMHost $esx -V2
$old = $esxcli.system.syslog.config.get.Invoke()
$old2 = $esxcli.network.firewall.ruleset.list.Invoke(@{rulesetid = 'syslog' })
if ($esxcli.system.syslog.config.set.Invoke($sLog)) {
$esxcli.system.syslog.reload.invoke($sLog)
if ($esxcli.network.firewall.ruleset.set.Invoke(@{rulesetid = 'syslog'; enabled = $true })){
$esxcli.network.firewall.refresh.Invoke(@{rulesetid = 'syslog'; enabled = $true })
New-Object -TypeName PSObject -Property ([ordered]@{
vCenter = ([uri]$esx.ExtensionData.Client.ServiceUrl).Host
VMHost = $esx.Name
SyslogOld = $old.RemoteHost
SyslogNew = $esxcli.system.syslog.config.get.Invoke().RemoteHost
FirewallRulesetNew = $esxcli.network.firewall.ruleset.list.Invoke(@{rulesetid = 'syslog' }).RemoteHost
})
}
}
else {
Write-Error "Syslog configuration failed on $($esx.Name)"
}
} | Export-Csv -Path "c:\file.csv" -NoTypeInformation -UseCulture
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Thank you. The script appeared to update the syslog settings and enabled the syslog firewall service, but it displayed the output below in red:
Index (zero based) must be greater than or equal to zero and less than the size of the argument list.
At H:\Files\Scripts\vSphere\syslog\esxi-syslog-configure.ps1:27 char:13
+ $esxcli.system.syslog.reload.invoke($sLog)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [], FormatException
+ FullyQualifiedErrorId : System.FormatException
Index (zero based) must be greater than or equal to zero and less than the size of the argument list.
At H:\Files\Scripts\vSphere\syslog\esxi-syslog-configure.ps1:29 char:17
+ ... $esxcli.network.firewall.refresh.Invoke(@{rulesetid = 'sy ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [], FormatException
+ FullyQualifiedErrorId : System.FormatException
Index (zero based) must be greater than or equal to zero and less than the size of the argument list.
At H:\Files\Scripts\vSphere\syslog\esxi-syslog-configure.ps1:27 char:13
+ $esxcli.system.syslog.reload.invoke($sLog)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [], FormatException
+ FullyQualifiedErrorId : System.FormatException
Index (zero based) must be greater than or equal to zero and less than the size of the argument list.
At H:\Files\Scripts\vSphere\syslog\esxi-syslog-configure.ps1:29 char:17
+ ... $esxcli.network.firewall.refresh.Invoke(@{rulesetid = 'sy ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [], FormatException
+ FullyQualifiedErrorId : System.FormatException
Index (zero based) must be greater than or equal to zero and less than the size of the argument list.
At H:\Files\Scripts\vSphere\syslog\esxi-syslog-configure.ps1:27 char:13
+ $esxcli.system.syslog.reload.invoke($sLog)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [], FormatException
+ FullyQualifiedErrorId : System.FormatException
Index (zero based) must be greater than or equal to zero and less than the size of the argument list.
At H:\Files\Scripts\vSphere\syslog\esxi-syslog-configure.ps1:29 char:17
+ ... $esxcli.network.firewall.refresh.Invoke(@{rulesetid = 'sy ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [], FormatException
+ FullyQualifiedErrorId : System.FormatException
Index (zero based) must be greater than or equal to zero and less than the size of the argument list.
At H:\Files\Scripts\vSphere\syslog\esxi-syslog-configure.ps1:27 char:13
+ $esxcli.system.syslog.reload.invoke($sLog)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [], FormatException
+ FullyQualifiedErrorId : System.FormatException
Index (zero based) must be greater than or equal to zero and less than the size of the argument list.
At H:\Files\Scripts\vSphere\syslog\esxi-syslog-configure.ps1:29 char:17
+ ... $esxcli.network.firewall.refresh.Invoke(@{rulesetid = 'sy ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [], FormatException
+ FullyQualifiedErrorId : System.FormatException
Index (zero based) must be greater than or equal to zero and less than the size of the argument list.
At H:\Files\Scripts\vSphere\syslog\esxi-syslog-configure.ps1:27 char:13
+ $esxcli.system.syslog.reload.invoke($sLog)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [], FormatException
+ FullyQualifiedErrorId : System.FormatException
Index (zero based) must be greater than or equal to zero and less than the size of the argument list.
At H:\Files\Scripts\vSphere\syslog\esxi-syslog-configure.ps1:29 char:17
+ ... $esxcli.network.firewall.refresh.Invoke(@{rulesetid = 'sy ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [], FormatException
+ FullyQualifiedErrorId : System.FormatException
Index (zero based) must be greater than or equal to zero and less than the size of the argument list.
At H:\Files\Scripts\vSphere\syslog\esxi-syslog-configure.ps1:27 char:13
+ $esxcli.system.syslog.reload.invoke($sLog)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [], FormatException
+ FullyQualifiedErrorId : System.FormatException
Index (zero based) must be greater than or equal to zero and less than the size of the argument list.
At H:\Files\Scripts\vSphere\syslog\esxi-syslog-configure.ps1:29 char:17
+ ... $esxcli.network.firewall.refresh.Invoke(@{rulesetid = 'sy ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [], FormatException
+ FullyQualifiedErrorId : System.FormatException
Also, the report generated but only had the "FirewallRulesetNew" column, which was empty. Then I noticed that it didn't have a FirewallRulesetOld column so I added it to the script but it still failed with the same error, although it now has that column in the report and it too is empty. Could this just be that there's no way to properly display the syslog ruleset value?
There are a couple of mistakes in there.
The reload and refresh methods do not require arguments.
You should suppress the Booleans returned from entering in your CSV by redirecting the result to Out-Null
The firewall list method only has a Name and Enabled property in the returned object.
Get-VMHost -PipelineVariable esx |
ForEach-Object -Process {
$sLog = @{
loghost = 'tcp://server.com:1514'
}
$esxcli = Get-EsxCli -VMHost $esx -V2
$old = $esxcli.system.syslog.config.get.Invoke()
$old2 = $esxcli.network.firewall.ruleset.list.Invoke(@{rulesetid = 'syslog' })
if ($esxcli.system.syslog.config.set.Invoke($sLog)) {
$esxcli.system.syslog.reload.Invoke() | Out-Null
if ($esxcli.network.firewall.ruleset.set.Invoke(@{rulesetid = 'syslog'; enabled = $true })){
$esxcli.network.firewall.refresh.Invoke() | Out-Null
New-Object -TypeName PSObject -Property ([ordered]@{
vCenter = ([uri]$esx.ExtensionData.Client.ServiceUrl).Host
VMHost = $esx.Name
SyslogOld = $old.RemoteHost
SyslogNew = $esxcli.system.syslog.config.get.Invoke().RemoteHost
FirewallRulesetOld = $old2.Enabled
FirewallRulesetNew = $esxcli.network.firewall.ruleset.list.Invoke(@{rulesetid = 'syslog' }).Enabled
})
}
}
else {
Write-Error "Syslog configuration failed on $($esx.Name)"
}
} | Export-Csv -Path "c:\file.csv" -NoTypeInformation -UseCulture
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Thank you as usual @LucD . The script works by specifying TRUE or FALSE for FirewallRulesetOld and FirewallRulesetNew now. Sincerely appreciated!