Open-AudIT

What's on your network?
It is currently Fri Jan 19, 2018 4:03 am

All times are UTC + 10 hours




Post new topic Reply to topic  [ 13 posts ] 
Author Message
PostPosted: Sat Apr 06, 2013 12:55 am 
Offline
Newbie

Joined: Wed Jan 09, 2013 6:43 am
Posts: 13
I'd like to inventory all of our VMware ESXi servers. Unfortunately I couldn't find any best-pratice yet.

Adding an ESXi host manually is possible, but slow and I can't insert all necessary information. For example I couldn't find a way to insert the RAM size of a system after I have created it manually. In the system details view I only have one section "Summary". I miss the other sections like "hardware". I can see the field "memory" in the summary section, but I can't edit it.

I know that I can edit everything in the DB but that's not the I prefer populating my database.

Unfortunately all of our systems have SSH disabled by default. So I can't access them without manually enable SSH. But even when I'm logged in via SSH I can't execute the audit_linux.sh script because /bin/bash is not know by our ESXi servers.

Any ideas how we can easily populate our database with our ESXi servers?

Thanks

_________________
You are running version beta9.2 of OAv2.
Your database platform is mysql (version 5.1.66).
Your web server is Apache/2.2.15 (CentOS) .

Mixed environment (Physical&Virtual):
~200x Windows, ~50x Linux, ~30x VMware hosts


Top
 Profile  
Reply with quote  
PostPosted: Sat Apr 06, 2013 5:37 am 
Offline
Newbie

Joined: Mon Jan 21, 2013 11:34 pm
Posts: 7
Bump.

I have a similar situation. Our data-center houses a few dozen ESXi boxes. I'd like to find a good way of auditing them.


Top
 Profile  
Reply with quote  
PostPosted: Tue Apr 09, 2013 10:36 pm 
Offline
Newbie

Joined: Tue Apr 09, 2013 3:28 am
Posts: 1
Hi,

I'm pretty new to open audit but here is what I use to export almost all I need to populate an old custom made DB for inventory
This uses powershell for VMware (AKA PowerCLI) and works on ESXi or vcenter.
It dumps all the data in c:\scripts\export in CSV format.

I'm pretty sure that I could work on something as soon as I understand how OpenAudit work

Code:
Add-PSSnapin VMware.VimAutomation.Core;
connect-viserver <your_ESXi_IP_or_dns>;

Get-VM | Select Id, Name, PowerState, Folder, ResourcePool, NumCpu, MemoryMB, PersistentId, UsedSpaceGB, ProvisionedSpaceGB, VMHost, VApp, FolderId, Version, Notes, HARestartPriority, HAIsolationResponse, DrsAutomationLevel, VMSwapfilePolicy, VMResourceConfiguration | export-csv -NoTypeInformation c:\Scripts\Export\vm.csv

Get-VM | Get-VMGuest | Select VmName, OSFullName, State, HostName, ScreenDimensions | export-csv -NoTypeInformation c:\Scripts\Export\vm_Guest.csv

Get-VM | Get-HardDisk | Select Parent, Filename, Name, CapacityKB, StorageFormat, Persistence, DiskType | export-csv -NoTypeInformation c:\Scripts\Export\vm_HDD.csv

Get-VM | Get-NetworkAdapter | Select Parent, Name, MacAddress, Type, NetworkName, ConnectionState, WakeOnLanEnabled | export-csv -NoTypeInformation c:\Scripts\Export\vm_NetworkAdapter.csv

Get-Datastore | Select Name, Datacenter, CapacityMB, FreeSpaceMB, Accessible, Type, ParentFolder | export-csv -NoTypeInformation c:\Scripts\Export\Datastore.csv

Get-VMHost | Select Name, Id, Version, State, ConnectionState, PowerState, VMSwapfileDatastoreId ,VMSwapfilePolicy ,ParentId ,IsStandalone ,Manufacturer ,Model ,NumCpu ,CpuTotalMhz ,CpuUsageMhz ,MemoryTotalMB ,MemoryUsageMB ,ProcessorType ,HyperthreadingActive, TimeZone, ApiVersion, DiagnosticPartition | export-csv -NoTypeInformation c:\Scripts\Export\VMHost.csv

Get-vmHost | Get-VMHostHba | Select VMHost, Name, Device, Model, Pci, Driver, Bus, Status, Type | export-csv -NoTypeInformation c:\Scripts\Export\VMHost_HBA.csv

Get-VMHost | Get-VMHostNetworkAdapter | Select VMHost, Name, Mac, DhcpEnabled, IP, SubnetMask, BitRatePerSec, FullDuplex, WakeOnLanSupported  | export-csv -NoTypeInformation c:\Scripts\Export\VMHost_NetworkAdapter.csv


Top
 Profile  
Reply with quote  
PostPosted: Wed Apr 10, 2013 1:18 am 
Offline
Newbie

Joined: Wed Jan 09, 2013 6:43 am
Posts: 13
That's great. It's definitely a good start for a OAv2 script. If I find some time I'll have a look at it in detail.

Thanks

_________________
You are running version beta9.2 of OAv2.
Your database platform is mysql (version 5.1.66).
Your web server is Apache/2.2.15 (CentOS) .

Mixed environment (Physical&Virtual):
~200x Windows, ~50x Linux, ~30x VMware hosts


Top
 Profile  
Reply with quote  
PostPosted: Thu Jul 25, 2013 10:29 pm 
Offline
Newbie

Joined: Tue Jul 23, 2013 10:43 pm
Posts: 12
that's brilliant!

Once you have the data, you just need to format it for importing. if you check the VBS script, you can get the rest of the structure for the xml and sending of the file to the open-audit server.

if I get time over the next few days, i'll have a crack at it

:)


Top
 Profile  
Reply with quote  
PostPosted: Tue Jun 03, 2014 12:30 am 
Offline
Contributor
User avatar

Joined: Thu Mar 02, 2006 4:41 am
Posts: 181
Location: Massachusetts
Has anybody come up with an automated way to submit these csv files to the OA server? thanks

_________________
Server Info: running on a CentOS 7 vm
OA Version: 2.0.6 @ 500 devices


Top
 Profile  
Reply with quote  
PostPosted: Thu Jun 05, 2014 8:39 am 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1933
Location: Brisbane, Australia
If you have SNMP enabled on your ESXi server(s), you should get a nice surprise in the next release of Open-AudIT :D
Screenshot attached.
Also (it's not shown in the screenshot), when a virtual machine has been audited, there are links you can click on to view the Device Details of that VM.


Attachments:
esxi.png
esxi.png [ 160.07 KiB | Viewed 3909 times ]

_________________
Support and Development hours available from Opmantek.
Please consider a purchase to help make Open-AudIT better for everyone.
Top
 Profile  
Reply with quote  
PostPosted: Fri Jun 06, 2014 6:10 am 
Offline
Contributor
User avatar

Joined: Thu Mar 02, 2006 4:41 am
Posts: 181
Location: Massachusetts
Two thumbs up for that news 8)

_________________
Server Info: running on a CentOS 7 vm
OA Version: 2.0.6 @ 500 devices


Top
 Profile  
Reply with quote  
PostPosted: Sat Jun 21, 2014 12:29 am 
Offline
Contributor
User avatar

Joined: Thu Mar 02, 2006 4:41 am
Posts: 181
Location: Massachusetts
I'm testing out v 1.3.2 and would like to try snmp. But I've never used it before. Looking at the instructions, I'm supposed to enable snmp on the esxi hosts, and configure them with a community. How would I configure them with a community so that OA 1.3.2 could audit them? Thanks, and sorry for the snmp clueless-ness. Just never used it here before.

_________________
Server Info: running on a CentOS 7 vm
OA Version: 2.0.6 @ 500 devices


Top
 Profile  
Reply with quote  
PostPosted: Sat Jun 21, 2014 1:55 pm 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1933
Location: Brisbane, Australia
I can't tell you how to configure ESXi with SNMP and a community string (that's what the VMware site is for here is documentation for 5.1 for example), but as far as Open-AudIT is concerned, just run Menu -> Admin -> Discovery -> Discover a Device with SNMP, put in the ip address and community string, click Scan and away you go :-)

_________________
Support and Development hours available from Opmantek.
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
PostPosted: Wed Jun 25, 2014 5:33 am 
Offline
Contributor
User avatar

Joined: Thu Mar 02, 2006 4:41 am
Posts: 181
Location: Massachusetts
I have read the vmware snmp info, the problem I have is that I don't have any community to use and it's required that you configure a community. Not sure if I can just make one up. I have a request in with netops, hopefully they can help me with a community string. thanks

_________________
Server Info: running on a CentOS 7 vm
OA Version: 2.0.6 @ 500 devices


Top
 Profile  
Reply with quote  
PostPosted: Wed Jun 25, 2014 9:45 am 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1933
Location: Brisbane, Australia
A community string is basically a password and must be set on the server itself.

_________________
Support and Development hours available from Opmantek.
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
PostPosted: Thu Jul 03, 2014 4:30 am 
Offline
Contributor
User avatar

Joined: Thu Mar 02, 2006 4:41 am
Posts: 181
Location: Massachusetts
Thanks Mark. I haven't tried esxi 5.0 yet, but it was easy to get snmp setup and discovered for my esxi 5.1 hosts:

esxcli system snmp set –communities public
esxcli system snmp set –targets pod23-esx-01a.pml.local@161/public
esxcli system snmp set –enable true
esxcli system snmp test


These commands are directly from the instructions at the vmware blog http://blogs.vmware.com/vsphere/2012/11/configuring-snmp-v1v2cv3-using-esxcli-5-1.html

These commands are for snmp v1 and there are additional instructions for v2 & v3 it looks like each new version added additional security layers. Since we are inside a corporate network I'm hoping that v1 is all I need.

esxi 5.0 snmp instructions are different, I'm hoping to test that soon.

_________________
Server Info: running on a CentOS 7 vm
OA Version: 2.0.6 @ 500 devices


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 13 posts ] 

All times are UTC + 10 hours


Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group