# Baseline-Compliancy.Ps1 # # Author: Harold Schoofs - Http://Twitter.Com/Hharold # # Script To Get Compliancy Of All Esx Hosts In A Vmware Vcenter To Any Baseline # # It Will Generate 3 Kinds Of Output Files: # # 1) One File With All Host And Their Compliancy State # 2) One File With All Attached Baselines Found # 3) One File For Every Attached Baseline Found With Its Content # # Changes: # Version 0.1 - 2010-03-08 - Initial Version - Harold Schoofs - Http://Twitter.Com/Hharold # Version 1.0 - 2010-03-26 - Updated Version - Harold Schoofs - Http://Twitter.Com/Hharold Param( [String] $Visrv) # Add Vi-Toolkit Add-Pssnapin Vmware.Vimautomation.Core -Erroraction Silentlycontinue Add-Pssnapin Vmware.Vumautomation -Erroraction Silentlycontinue Initialize-Vitoolkitenvironment.Ps1 # Force To Load Vmware Powershell Plugin [Reflection.Assembly]::Loadwithpartialname("Vmware.Vim") # On Error Continue $Erroractionpreference = "Continue" # Start Of Script If ($Visrv -Eq ""){ Write-Host Write-Host Write-Host "Please Specify A Vi Server Name Eg:" Write-Host " Baseline-Compliancy.Ps1 Vcenter-Server" Write-Host " Baseline-Compliancy.Ps1 Vcenter.Domain.Local" Write-Host Exit } # Set All Variables $Reporthost = @() $Objreporthost = @() $Reportpatch = @() $Objreportpatch = @() $Baselines = @() $Date = get-date -uformat "%Y-%m-%d" $Outbaselines = ".\Output\" + $Date + " - Attached Baselines.Csv" $Outcompliancy = ".\Output\" + $Date + " - Host Compliancy.Csv" $Vcserver = $Visrv $Portvc="443" # Connect To The Vcenter Server Connect-Viserver $Vcserver -Port $Portvc # Host Compliancy Cls Write-Host Getting All Esx Hosts In $Vcserver $Esxhosts = Get-Vmhost | Sort # Only Continue Of There Are Any Esxhosts If ($Esxhosts){ # Create Output Folder If It Does Not Exist If ((Test-Path .\Output) -Eq $False){ New-Item .\Output -Type Directory} Foreach ($Esxhost In $Esxhosts){ Cls Write-Host Checking Compliancy For: $Esxhost $Compliancy = Get-Vmhost $Esxhost | Get-Compliance $Objreporthost= "" | Select Name,Baseline,Compliancy $Objreporthost.Name = $Esxhost.Name $Objreporthost.Baseline = $Compliancy.Baseline.Name $Objreporthost.Compliancy = $Compliancy.Status If ($Baselines -Notcontains $Compliancy.Baseline.Name) { $Baselines += $Compliancy.Baseline.Name } $Reporthost += $Objreporthost } } #Baseline Content Reporting # Only Continue Of There Are Any Baselines If ($Baselines){ Foreach ($Baseline In $Baselines){ Cls Write-Host Checking Baseline Content: $Baseline $Patches = Get-Baseline -Name "$Baseline" | Get-Patch Foreach ($Patch In $Patches){ $Objreportpatch = "" | Select Name,Product,Release_Date,Severity,Vendor_Id $Objreportpatch.Name = $Patch.Name $Product = $Patch.Product | Select Name $Objreportpatch.Product = $Product.Name $Objreportpatch.Release_Date = $Patch.Releasedate $Objreportpatch.Severity = $Patch.Severity $Objreportpatch.Vendor_Id = $Patch.Vendor $Reportpatch += $Objreportpatch $Outbaselinecontent = ".\Output\" + $Date + " - Baseline-Content - $Baseline.Csv" $Reportpatch | Export-Csv -Notypeinformation $Outbaselinecontent } } } # Generate Output $Baselines | Out-File $Outbaselines $Reporthost | Export-Csv -Notypeinformation $Outcompliancy Disconnect-Viserver * -Confirm:$False