PowerCLI

I have this script below (I got it from here) that adds syslog info to servers. It works, but the only output message shows "true" (no quotes) after it runs with ESXi host, vCenter server or any other information. Can someone please help to get the output message to show the vCenter server name, the ESXi host name, the previous syslog server entry, then the new syslog server entry? If this is not possible, could it at least display a "Success" instead of true? I'd still want it to display the vCenter server and ESXi host, then a "Suucess" next to each entry. If the output can also be in a CSV report format that would be very helpful. Thank you.

#This will prompt you to enter your credentials
$vCenterCredential = Get-Credential -Message "Enter account with access to the vCenter(s)" -ErrorAction SilentlyContinue;

#List of vCenter server(s) in a text file either on local or shared drive location
$vCenters = Get-Content -Path "c:\Scripts\Inputs\vcenters.txt"

#Connect to vCenters
Connect-VIServer -Server $vCenters -Credential $vCenterCredential -Protocol https | Out-Null

#Iterate through all ESXi hosts in all vCenter server(s), and configure the Syslog protocol, server, and port
Get-VMHost -PipelineVariable esx |
ForEach-Object -Process {
$sLog = @{
    loghost = 'tcp://syslog-server:123'
}
Get-VMHost -PipelineVariable esx |
ForEach-Object -Process {
    $esxcli = Get-EsxCli -VMHost $esx -V2
    $esxcli.system.syslog.config.set.Invoke($sLog)
}
#Disconnect from all vCenter server(s)
Disconnect-VIServer -Server $vCenters -Confirm:$false

Try something like this

#This will prompt you to enter your credentials
$vCenterCredential = Get-Credential -Message "Enter account with access to the vCenter(s)" -ErrorAction SilentlyContinue;

#List of vCenter server(s) in a text file either on local or shared drive location
$vCenters = Get-Content -Path "c:\Scripts\Inputs\vcenters.txt"

#Connect to vCenters
Connect-VIServer -Server $vCenters -Credential $vCenterCredential -Protocol https | Out-Null

#Iterate through all ESXi hosts in all vCenter server(s), and configure the Syslog protocol, server, and port
Get-VMHost -PipelineVariable esx |
ForEach-Object -Process {
    $sLog = @{
        loghost = 'tcp://syslog-server:123'
    }
    $esxcli = Get-EsxCli -VMHost $esx -V2
    $old = $esxcli.system.syslog.config.get.Invoke()
    if($esxcli.system.syslog.config.set.Invoke($sLog)){
        New-Object -TypeName PSObject -Property ([ordered]@{
            vCenter = ([uri]$esx.ExtensionData.Client.ServiceUrl).Host
            VMHost = $esx.Name
            SyslogOld = $old.RemoteHost
            SyslogNew = $esxcli.system.syslog.config.get.Invoke().RemoteHost
            })
     }
     else{
        Write-Error "Syslog configuration failed on $($esx.Name)"
    }
} | Export-Csv -Path .\report.csv -NoTypeInformation -UseCulture

#Disconnect from all vCenter server(s)
Disconnect-VIServer -Server $vCenters -Confirm:$false

Excellent! Thank you!

It is time for me to reward the  Communities, I have learned a lot from here silently.

I use PowerCLI ONLY to setup the syslog in all 4 vCenters, tested working as well.

#Configure-SyslogOnMultipleESXiHostsIinMultiplevCenters.ps1
$Transcript = "$env:USERPROFILE\documents\transcriptForSyslogSettingChanges_$(Get-Date -format yyyy-MM-dd-hh).txt"

$vcenters = "vctrp01.vsphere.local","vctrp02.vsphere.local","vctrp03.vsphere.local","vctrp04.vsphere.local"

Start-Transcript -path $Transcript -append
Foreach ($vcenter in $vcenters){

Write-Host "Connectint to $vCenter ......" -ForegroundColor Cyan
Connect-VIServer -Server $vcenter -User $creds.User -Password $creds.Password

Write-Host "Processing the ESXi host from $vcenter" -ForegroundColor Green
$vmhosts = get-vmhost
Foreach ($vmhost in $vmhosts){

Write-Host "Processing the ESXi host $vmhost from $vcenter" -ForegroundColor Cyan
#Comment out line either udp or tcp to fit with your environment
Get-VMHost $vmhost | Get-AdvancedSetting -Name Syslog.Global.Loghost | Set-AdvancedSetting -Value udp://10.115.20.100:514 -Confirm:$false
Get-VMHost $vmhost | Get-AdvancedSetting -Name Syslog.Global.Loghost | Set-AdvancedSetting -Value tcp://10.115.20.100:514 -Confirm:$false

}
Write-Host "Disconnect from $vCenter " -ForegroundColor Yellow
Disconnect-viserver * -confirm:$false
}

Stop-Transcript
Write-Host "All done successfully, please review the result $Transcript " -ForegroundColor Yellow

BTW, I forget to mention the command I used to connect to vCenter "Connect-VIServer -Server $vcenter -User $creds.User -Password $creds.Password". I am doing it from a jumper server, and my login account have domain admin privilege and Global Permission from each vCenter.

Thank you LucD.

BTW, the code you poster here are colorful and easy to read, how do you achieve that?

I can do it either in Notepad++/Powershell ISE, but once I copy & paste my code here, it is all black.

For code blocks I use the Insert/Edit Code sample button, and then select C# (the closest for decent formatting in the absence of a PowerShell option).

Many thanks LucD, will try for next post.

Hi LUCD,

Is there a way we can append the syslog configuration with new IP ,rather than replacing the exisitng ones?

The loghost property in the has table accepts an array of Strings.
So you can just append the new host(s) to the old host(s).

Something like this for example

#This will prompt you to enter your credentials
$vCenterCredential = Get-Credential -Message "Enter account with access to the vCenter(s)" -ErrorAction SilentlyContinue;

#List of vCenter server(s) in a text file either on local or shared drive location
$vCenters = Get-Content -Path "c:\Scripts\Inputs\vcenters.txt"

#Connect to vCenters
Connect-VIServer -Server $vCenters -Credential $vCenterCredential -Protocol https | Out-Null

# New syslog hosts
$syslogHosts = 'tcp://syslog-newserver1:123', 'tcp://syslog-newserver2:123'

#Iterate through all ESXi hosts in all vCenter server(s), and configure the Syslog protocol, server, and port
Get-VMHost -PipelineVariable esx |
  ForEach-Object -Process {
    $esxcli = Get-EsxCli -VMHost $esx -V2
    $old = $esxcli.system.syslog.config.get.Invoke()
    $sLog = @{
      loghost = $old.RemoteHost, $syslogHosts 
    }
    if ($esxcli.system.syslog.config.set.Invoke($sLog)) {
      New-Object -TypeName PSObject -Property ([ordered]@{
          vCenter   = ([uri]$esx.ExtensionData.Client.ServiceUrl).Host
          VMHost    = $esx.Name
          SyslogOld = $old.RemoteHost
          SyslogNew = $esxcli.system.syslog.config.get.Invoke().RemoteHost
        })
    } else {
      Write-Error "Syslog configuration failed on $($esx.Name)"
    }
  } | Export-Csv -Path .\report.csv -NoTypeInformation -UseCulture

#Disconnect from all vCenter server(s)
Disconnect-VIServer -Server $vCenters -Confirm:$false

Thanks LUCD , Yes this will add multiple ,however if we have a syslog server mentioned already in all esxi and we need to append a new one . The syslog Ips are different for each region anyway that can be modified in the script .

After 1 week we will remove the old one so if you can provide your help on that too.

That should be just removing the old one from the array.

$oldServer = 'xyz'    
$sLog = @{
   loghost = $old.RemoteHost | where{$_ -ne $oldServer}
}

Can you help me to add "Syslog.global.auditRecord.remoteEnable" value as True to above script.

$oldServer = 'xyz'    $sLog = @{   loghost = $old.RemoteHost | where{$_ -ne $oldServer}}