VMSA-2015-0007 Report

On October 1st 2015 VMware published Security Advisory VMSA-2015-0007. In that advisory you will find three vulnerabilities: CVE-2015-5177, CVE-2015-2342 and CVE-2015-1047.

VMSA-2015-0007

To anticipate the questions you will surely get from your local Security Officer, I created a function to report which vSphere Servers in your environment are impacted, and which action to take.

Update October 5th 2015:

  • Updated build numbers in $vmsaTab
  • Corrected build number testing (thanks Richard)

Continue reading VMSA-2015-0007 Report

PowerCLI and the Linux Shellshock vulnerability

With all the fuss going round about the latest Linux vulnerability you will probably get a request from your local Security Officer to produce a report which of your Linux systems are vulnerable to the Shellshock bug. And, seen there are already several known exploits, who can blame him for asking such a report.

shellshock-main

Since a lot of these Linux boxes are running under vSphere, we can use PowerCLI to produce such a report. The Invoke-VMScript cmdlet is the vehicle I use in the following function. With the Invoke-VMScript cmdlet it is very easy to execute, what is considered the best test to check for the vulnerability.

Update2 September 29 2014: the 2nd test from the Shellshocker gives a syntax error. The test is replaced by the one found on Michael Boelen‘s website in How to protect yourself against Shellshock Bash vulnerability. Big thanks to Wil van Antwerpen for the pointer.

Update1 September 29 2014: the function was updated to include tests for most of the known Shellshock vulnerabilities. The tests were collected from the Shellshocker site.
Continue reading PowerCLI and the Linux Shellshock vulnerability

Task Data Mining – An improved Get-Task

Quite frequently there are questions in the VMTN PowerCLI Community for scripts that report on the tasks that ran in a vSphere environment.

The PowerCLI pssnapin provides a Get-Task cmdlet, but that only provides information about the recent tasks. An alternative is to use the Get-VIEvent cmdlet and extract all the TaskEvent entries.

But why not use the TaskHistoryCollector and it’s methods ? It provides many filtering options, and since this filtering is done in vSphere itself, this way of working is inherently much faster than using a filter in your script.

In analogy with the Get-VIEventPlus function, I published in my Get the vMotion/svMotion history post, here is the Get-TaskPlus function !

Update February 13th 2020

  • Added logic to break out of do-while loop and destroy the TaskCollector to avoid issues with max 32 collectors

Continue reading Task Data Mining – An improved Get-Task

Get the vMotion/svMotion history

The availability of vMotion and svMotion, provided you have a license that allows it, in vSphere are some of its key features.

The DRS and SDRS functionality will use vMotion and svMotion to better use the available resources.

And you as a vSphere administrator can use it to facilitate your work. Just think of how easy patching or datastorecluster maintenance becomes with the help of these two features.
But as an administrator you want to be able to report on what vMotion and svMotion have been doing over a specific time interval in your vSphere environment.

In the past I already provided a vMotion reporting tool in Events – Part 8 – vMotion history, but now it was time to provide a universal (s)vMotion reporting feature.

motion-reports

Update October 29th 2013: added additional parameters to the Get-VIEventPlus function

  • User: one or more users for which to return the events
  • System: a switch to return all system user events
  • ScheduledTask: return all events for a specific Scheduled Task

Update February 10th 2014: it’s always nice to see another implementation based on one of your scripts. The Opvizor solution will soon contain this function, see Dennis Zimmer‘s post called Storage vMotion Activities Report ! Continue reading Get the vMotion/svMotion history

Alarm actions – enable – disable – report

Another post triggered by a question in the VMTN PowerCLI community. The user wanted to know how he could create a report that showed for which vSphere entities the alarm actions were disabled.

To set the stage, a short overview of what this is all about. In vSphere you can, since vSphere 4, disable and enable alarm actions for all the managed entities. This option is available from the vSphere client

alarm-action-old-client

and from the vSphere Web client.

alarm-action-web-client

But how to automate these actions, and more importantly in this case, how to report on the active settings ? Like always PowerCLI to the rescue.

Continue reading Alarm actions – enable – disable – report

Storage Views – Datastores

In the vCenter Client, since vSphere 4, you can find a Storage Views tab on several of the VI containers. The data in these Storage Views is collected and provided by the vCenter Storage Monitoring plug-in.

Have a look at David Davis‘s post, called Using VMware vSphere Storage Views, for more information on what you can do with the Storage Views.

Some time ago I got a question from Andrew how the Multipathing Status presented in the Storage Views could be detected and reported upon by a PowerCLI script. What looked rather simple at first, turned out to be a bit more difficult than I anticipated.

Continue reading Storage Views – Datastores

ThinApp Repository Report

When you’re using ThinApp to package your software packages you are bound to end up with a huge repository after some time. Of course you have documented each ThinApp package you made, but sometimes you will need to produce a quick-and-dirty report. Then it’s handy to fire up a PowerShell script, instead of reading through all the packaging documentation.

With the help of the ThinApp SDK it’s quite easy to produce such a report.

Continue reading ThinApp Repository Report

LUN report – datastore, RDM and node visibility

When you are running multi-node vSphere clusters, you probably already had the experience that one or more of your LUNs were not visible on all nodes. Now you can try to find out which LUN is missing on which node the hard way through the vSphere client. Or you can use the force of PowerCLI and run a script that will report all this in a handy spreadsheet.

To make the script as flexible as possible it should be able to handle any n-node cluster. And as you some of you might know, the Export-CSV cmdlet has some problems with variable length rows. Luckily there is a handy solution I already used in my yadr – A vDisk reporter post.

Continue reading LUN report – datastore, RDM and node visibility

yadr – A vdisk reporter

I know there are already numerous scripts to report on virtual hard disks and most of them without a doubt much better then what I came up with for this post.

The reason I started with this script was a question in the PowerCLI Community from Alan in his Thin Provisioned Disks post. He wanted to know if you could get the provisioned and the allocated disk size for a thin provisioned virtual disk.

Continue reading yadr – A vdisk reporter