vSphere PowerCLI Scripts for Syslog and SSH

PowerCLIScripting and automation are ashamedly new territories for me. I’ve heard enough clarion calls to grow and develop personally and professionally, though, that I know I have to gain ground here. Hopefully this is the first step in building my knowledge base of such tools.

In this entry, I need to solve for two configuration tasks.

Syslog

First, I am concluding an evaluation of Splunk and need to reset my vSphere ESXi 5.5 hosts’ syslog global log hosts to only our existing syslog server. My inclination was to click through the vSphere Client and change it host by host, as it would have taken less time than it has to write the words in the post so far. However, as I am in search of a new syslog solution, possibly VMware LogInsight, I know I will need to do this again.

A quick search returned a VMware Blog post by Alan Renouf in 2013 for exactly this purpose. Thus, the following script bears no creative ingenuity on my part; merely one update to bring it current with PowerCLI 5.8 Release 1. The ‘-SyslogServerPort’ parameter has been deprecated and should be combined with the ‘-SyslogServer’ parameter.

Connect-VIServer vcenter.domain.com

$LogInsightServer = "192.168.100.50:514"

Get-VMHost | Foreach {
Write-Host "Adding $LogInsightServer as Syslog server for $($_.Name)"
$SetSyslog = Set-VMHostSyslogServer -SyslogServer $LogInsightServer -VMHost $_
Write-Host "Reloading Syslog on $($_.Name)"
$Reload = (Get-ESXCLI -VMHost $_).System.Syslog.reload()
Write-Host "Setting firewall to allow Syslog out of $($_)"
$FW = $_ | Get-VMHostFirewallException | Where {$_.Name -eq 'syslog'} | Set-VMHostFirewallException -Enabled:$true
}

Executing this script will walk through each of the ESXi hosts managed by ‘vcenter.domain.com’, set the syslog global log host entry to ‘192.168.100.50:514’, and open the firewall port so that logs will reach that host.

One key thing to note: if you copy and paste this script from here or VMware Blogs, paste it first in a plain-text editor like Notepad. Then assess whether the single- and double-quotes are ASCII standard. In my case, VMware’s web server had rendered them into the font’s equivalent, which were no longer the standard quotes. A simple copy-find-replace of the non-standard open and closing quotes will fix your script. Then update the vCenter and syslog servers and you’re ready to execute.

SSH

Second, I need to stop the SSH service (TSM-SSH) on my ESXi hosts as I had started it everywhere in order to execute a driver/firmware query on the HBAs. Again, I’d normally do this manually, but this is definitely a case of repetition where I know I’ll do this a thousand times moving forward.

In my case, I’m sticking with the default of manually starting and stopping the service, so I only need to execute one action. That action both for starting and stopping is below:

Get-VMHost | Foreach {
Write-Host "Starting TSM-SSH service on $($_.Name)"
$StartSSH = Start-VMHostService -HostService ($_ | Get-VMHostService | Where {$_.Key -eq "TSM-SSH"})
}
Get-VMHost | Foreach {
Write-Host "Stopping TSM-SSH service on $($_.Name)"
$StopSSH = Stop-VMHostService -HostService ($_ | Get-VMHostService | Where {$_.Key -eq "TSM-SSH"}) -Confirm:$FALSE
}

I adapted these from a couple posts, one of which elaborates thoroughly on this activity and provides syntax for changing the service behavior to automatically start/stop, etc.

Be First to Comment

Leave a Reply