LucD notes

There was an interesting thread in the PowerCLI Community today. It raised the question how one could report on the current vCenter sessions, including the IP address or hostname from where the session was started.

Unfortunately the SessionManager doesn’t hold any information from where the session was started.

But there are other ways of finding that information. The UserLoginSessionEvent object has a property, called ipAddress, that has the information we’re after.

Btw if you are only interested in looking for idle sessions, independent from which host they were started, there is a great post, called List and Disconnect vCenter Sessions on the PowerCLI blog.

function Get-VISessionInfo{
<#
.SYNOPSIS  Retrieve vCenter session information
.DESCRIPTION The function will retrieve the open vCenter
  session, including the IP address and hostname from where
  the session was started
.NOTES  Author:  Luc Dekens
.PARAMETER AllowedDifference
  The timestamps from the Session Manager entries and the
  event objects can sometimes differ, depending on the vCenter
  activity. The default is 1 second, but this can be changed
  with this parameter. The unit for this parameter is seconds.
.EXAMPLE
  PS> Get-VISessionInfo
#>

  param(
  [CmdletBinding()]
  [int]$AllowedDifference = 1
  )

  process{
    $sessMgr = Get-View SessionManager
    $oldest = ($sessMgr.SessionList | Sort-Object -Property LoginTime | Select -First 1).LoginTime
    $users = $sessMgr.SessionList | %{$_.UserName}
    $events = Get-VIEvent -MaxSamples ([int]::MaxValue) -Start $oldest.AddHours(-1) |
    where {$_ -is [VMware.Vim.UserLoginSessionEvent] -and $users -contains $_.UserName} |
    Sort-Object -Property CreatedTime

    $allowedDiffTS = New-TimeSpan -Seconds $AllowedDifference

    foreach($session in $sessMgr.SessionList){
      $events |
      where {[math]::Abs(($session.LoginTime.ToLocalTime() - $_.CreatedTime).Ticks) -lt $allowedDiffTS.Ticks -and
        $users -contains $_.UserName} | %{
        New-Object PSObject -Property @{
          "Session login" = $session.LoginTime
          UserName = $_.UserName
          IPAddress = $_.IPAddress
          Hostname = [System.Net.Dns]::GetHostEntry($_.IPAddress).HostName
        }
      }
    }
  }
}

Line 24: The script will look for the session with the oldest login time. This will allow us to limit the number of events that need to be retrieved.

Line 25: Besides the timestamps, the script will also check if the username that appears in an user session login event, is one of the users that has an open vCenter session.

Line 26-28: We retrieve the UserLoginSessionEvent for users that have an open vCenter session.

Line 30: The time difference we allow between the timestamp in the session and the corresponding UserLoginSessionEvent is converted to a TimeSpan object.

Line 34: To link a vCenter session to a UserLoginSessionEvent the script calculates the time difference between the timestamps in the UserLoginSessionEvent and the session object from the SessionManager. If the absolute time difference falls below the accepted time difference ($AllowedDifference), the event is linked to the session.

Line 36-41: The result is placed in the pipeline

Line 40: The script converts the IP address to the hostname with the GetHostEntry method.

The function is rather simple in use.

Get-VISessionInfo

And the result looks something like this.

Enjoy!