Open-AudIT https://www.open-audit.org/phpBB3/ |
|
[feature] audit/discovery by esx/vsphere host ( PowerCLI ) https://www.open-audit.org/phpBB3/viewtopic.php?f=20&t=6279 |
Page 1 of 1 |
Author: | jimmylowell [ Mon Feb 24, 2014 4:40 am ] |
Post subject: | [feature] audit/discovery by esx/vsphere host ( PowerCLI ) |
The need arose to audit all Windows guests in our VM infrastructure. I put together a little PowerCLI script that sends audit_windows_vm.vbs to VM and Invokes cscript via bat to run it. [code]##ESX based auditing using Open-AudIT's audit_windows.vbs #vm_list.txt has one VM guest name per line - can give different lists for different creds using parameters param( [string]$user='user', [string]$pass='pass', [string]$audit_windows_vm='C:\audit_vms\audit_windows_vm.vbs', #added _vm to distinguish method [string]$vm_list='C:\audit_vms\vm_list.txt" , [string]$vm_dir='C:\' #directory script places audit_windows_vm.vbs on guest VM ) $audit_vms='C:\audit_vms' #more or less=working directory. echo $vm_list $vms = Get-Content $vm_list Foreach( $vm in $vms ) { Try { echo $vm $ErrorActionPreference = "Stop"; #Make all errors terminating - catches vm guest authentication Copy-VMGuestFile -Source "$audit_vms\audit_windows_vm.vbs" -Destination $vm_dir -VM $vm -LocalToGuest -GuestUser $user -GuestPassword $pass Invoke-VMScript -ScriptText "cscript $vm_dir\audit_windows_vm.vbs && exit" -VM $vm -GuestUser $user -GuestPassword $pass -ScriptType Bat $vm >> "$audit_vms\logs\success_list.log" "$vm was audited successfully" } Catch { $vm >> "$audit_vms\logs\failed_list.log" $Error[0] >> "$audit_vms\logs\errors.log" "$vm audit error" } Finally { echo 'Continuing to next VM' } } "End of script"[/code] |
Author: | jimmylowell [ Mon Feb 24, 2014 5:08 am ] |
Post subject: | Re: [feature] audit/discovery by esx/vsphere host ( PowerCLI |
I was also looking into grabbing VM Host for each guest. Doesn't seem like xml created after audit contains the "Physical Host" value anywhere. Wouldn't really be able to edit the audit results from how I've set it up. Could that information be included in the audit_windows_vm.vbs somewhere, or maybe as a command line argument / parameter? Mark, will get back to your email soon! : ) |
Page 1 of 1 | All times are UTC + 10 hours |
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |