Tag Archives: PowerShell

Finding VMs with IOPs Limiting Set

Using PowerCLI it’s pretty easy to find all the VM’s in your environment that have IOPs limits set.

get-vm | Get-VMResourceConfiguration | `
         Select VM -ExpandProperty DiskResourceConfiguration | `
         where {$_.DiskLimitIOPerSecond -gt 0} | `
         Select VM, DiskLimitIOPerSecond

This will give you a list of all VM’s where the IOps limits are not 0. You could change the condition to find VM’s with different disk shares, specific limits or any combinations there of.

Hope you find this useful ūüôā

Collecting DHCP Scope Data with Grafana

In order to collect my DHCP scope statistics data into Grafana I turned to PowerShell.  We can use Get-DhcpServerv4Scope to list our all our scopes, Get-DhcpServerv4ScopeStatistics to get the stats for each, and then a little bit of regex and math to add some additional stats that we then bring into an InfluxDB, which then ultimately gets mapped be Grafana.

I have multiple sites, with multiple scopes, which ends up with tons and tones of data.¬† I already have Nagios alerts that tell me if individual scopes are in danger ranges of available IP’s etc, so for Grafana I was more interested in aggregated data about groups of scopes and how users in my network were changing.¬† In our case, the actual scope names are contained inside the parenthesis, so I used some regex to match scope names between parenthesis and then build a hash table of stats with those scope names and total up the free and used IPs in each range.

Enough chatter, here is the script:

Function Get-DHCPStatistics {
    Param(
        [string]$ComputerName=$env:computername,
        [string]$option
    )
    Process {
        # retrieve all scopes
        $scopes = Get-DhcpServerv4Scope -ComputerName $ComputerName -ErrorAction:SilentlyContinue 

        # setup all variables we are going to use
        $report = @{}
        $totalScopes = 0
        $totalFree =  0
        $totalInUse = 0

        ForEach ($scope In $scopes) {
            # We have multiple sites and include the scope name inside () at each scope
            # this aggregates scope data by name
            if ($scope.Name -match '.*\((.*)\).*') {
                $ScopeName = $Matches[1]
            } else {
                $ScopeName = $scope.Name
            }

            # initials a named scope if it doens't exist already
            if (!($report.keys -contains $ScopeName )) {
                $report[$ScopeName] = @{
                    Free = 0
                    InUse = 0
                    Scopes = 0
                }
            }

            $ScopeStatistics = Get-DhcpServerv4ScopeStatistics -ScopeID $scope.ScopeID -ComputerName $ComputerName -ErrorAction:SilentlyContinue
            $report[$ScopeName].Free += $ScopeStatistics.Free
            $report[$ScopeName].InUse += $ScopeStatistics.InUse
            $report[$ScopeName].Scopes += 1

            $totalFree += $ScopeStatistics.Free
            $totalInUse += $ScopeStatistics.InUse
            $totalScopes += 1
        }

        ForEach ($scope in $report.keys) {
            if ($report[$scope].InUse -gt 0) {
                [pscustomobject]@{
                    Name = $scope
                    Free = $report[$scope].Free
                    InUse = $report[$scope].InUse
                    Scopes = $report[$scope].Scopes
                    PercentFull = [math]::Round(100 *  $report[$scope].InUse / $report[$scope].Free , 2)
                    PercentOfTotal = [math]::Round( 100 * $report[$scope].InUse / $totalInUse, 2)
                }
            }
        }

        #Return one last summary object
        [pscustomobject]@{
            Name = "Total"
            Free = $totalFree
            InUse = $totalInUse
            Scopes = $totalScopes
            PercentFull = [math]::Round(100 *  $totalInUse / $totalFree , 2)
            PercentOfTotal = 0
         }

    }

}

Get-DHCPStatistics | ConvertTo-JSon

I then place that script on my DHCP server and use a telegraf service to run it and send data to InfluxDB. That config is pretty straightforward, aside from all the normal configuration to send it off, I just setup inputs.exec:

[[inputs.exec]]
  name_suffix = "_dhcp"
  commands = ['powershell c:\\GetDHCPStats.ps1']
  timeout = "60s"
  data_format = "json"
  tag_keys = ["Name"]

This is pretty easy, I tell it to expect JSON and the PowerShell was set up to output JSON. I also let it know that each record in the JSON will have one key labeled “Name” that will have the scope name in it. Honestly, this should probably be ScopeName and the PowerShell should be updated to reflect that as now my tags in InfluxDB are a bit polluted if anything else ever uses a tag of Name.

Once this is all done and configured, now my DHCP server is reporting statistics about our server into InfluxDB.

I then setup a graph in Grafana using this data. I just did a pretty straight forward graph that mapped each scopes percent of the total IPs that we use. It gives a nice easy way to see how the users on my network are moving around.  The source for the query ends up being something like:

SELECT mean("PercentOfTotal") FROM "exec_dhcp" WHERE ("Name" != 'Total') AND $timeFilter GROUP BY time($__interval), "Name" fill(linear)

This gives me a graph like the following (cropped to leave off some sensitive data):

DHCP Stats

Looks a little boring overall, but individual scope graphs can be kinda interesting and informative as to how the system in performing:

 

DHCP Stats1

This gives a fun view of one scope as devices join and then as lease are cleaned up, and new devices join again.

Hope this helps!

Finding Recently Updated Files

So I needed to find what log files were getting updated.¬† The files where inC:\ProgramData\VMware\vCenterServer\logs and that¬†folder has many many folders and I wasn’t sure which one would have the files I needed. I was sure that they would have been updated recently.¬† So a quick little PowerShell to the rescue

Get-ChildItem -Recurse | Where {$_.LastWriteTime -gt (Get-Date).AddMinutes(-15)}

This returns all the files in the current folder and below that have been modified in the last 15 minutes.  It is easy enough to change up to look for other criteria, like *.log files int he last 5 minutes

Get-ChildItem -Recurse -Filter *.log | Where {$_.LastWriteTime -gt (Get-Date).AddMinutes(-5)}

Or all files with pid in their name

Get-ChildItem -Recurse -Filter *pid*

Powershell can be very very handy in a pinch! Hope this helps

 

Query Microsoft DHCP Scopes

Sometimes you just have a ton of DHCP scopes and you just need to make sure they all have some specific options set the way you want. Scanning through them by hand can be a pain, so here is a quick script to scan over them rapidly.

Param(
 [Parameter(Mandatory=$True)]
 [string]$dnsServer,
 [string]$match,
 [string]$option
)
 $scopes = Get-DhcpServerv4Scope -ComputerName $dnsServer -ErrorAction:SilentlyContinue | Where {$_.Name -like "*$match*"}
 $Report = @()

ForEach ($scope In $scopes) {
 $row = "" | Select ScopeID, Name, Option
 $OptionData = (Get-DhcpServerv4OptionValue -OptionID $option -ScopeID $scope.ScopeID -ComputerName $dnsServer -ErrorAction:SilentlyContinue).Value
 $OptionData = (Get-DhcpServerv4OptionValue -OptionID $option -ScopeID $scope.ScopeID -ComputerName $dnsServer -ErrorAction:SilentlyContinue).Value
 $row.ScopeID = $scope.ScopeID
 $row.Name = $scope.Name
 $row.Option = $OptionData -Join ","
 $Report += $row
 }
$Report

 

This script takes a couple of parameters.  Match lets you specify the name of the scope so that you can filter it down by the specific scopes, and option lets you specify the attribute number you would like to report on and dnsServer lets you specify the server.  Some usage examples:

#report on each scopes gateway where the scope name has "vlan110"
.\dhcp_query.ps1 -dnsServer dhcpServer1 -match vlan110 -option 3

#report on each scopes DNS where the scope name has "vlan110"
.\dhcp_query.ps1 -dnsServer dhcpServer1 -match vlan110 -option 6

#report and then export into a CSV
.\dhcp_query.ps1 -dnsServer dhcpServer1 -match vlan110 -option 6 | Export-CSV -Path dns_voip_options.csv -NoTypeInformation

Export Excel file to PDF

If you want to automate the conversion from XLS to PDF, then PowerShell provides a very straight forward way to do it.  Create an Excel object, load the XLS file, write to PDF.

param(
    [Parameter(Mandatory=$true)]
    [string]$InputFileName,
    [Parameter(Mandatory=$true)]
    [string]$OutputFileName
    )

$xlFixedFormat = ‚ÄúMicrosoft.Office.Interop.Excel.xlFixedFormatType‚ÄĚ -as [type] 

$excel = New-Object -ComObject excel.application
$workbook = $excel.workbooks.open($InputFileName, 3)
$workbook.Saved = $true
$workbook.ExportAsFixedFormat($xlFixedFormat::xlTypePDF, $OutputFileName)
$excel.Workbooks.close()
$excel.Quit()

You then run the code with two parameters, source file, and destination file.

Source: https://blogs.technet.microsoft.com/heyscriptingguy/2010/09/06/save-a-microsoft-excel-workbook-as-a-pdf-file-by-using-powershell/ 

Forcing Users to Reset their Password

Sometimes you have a list of users that have had their accounts compromised.  In a recent incident we received a list of users from Google, that were suspected of having followed links to a phishing scam.  As a precaution we advised the users to reset their passwords, but being users many ignored this.  Since our google accounts are tied to AD it was easy to find out which ones had reset their passwords, remove them from the report and then use the remaining list of email addresses to force those accounts to reset their passwords.

The following script accepts a CSV file with a column labeled “email” and then loops over it. For each email address it finds the AD account with that email address and sets the ChangePasswordAtLogon to true, forcing the users to set a new password on their next login. This script will not match aliases but that would be a relatively easy addition.

param(
[Parameter(Mandatory=$true)]
[string]$FileName
)

$addresses = Import-CSV $FileName 

ForEach ($address in $addresses) {
  #couldn't get address.email to work in the filter, so had to work around it
  $email = $address.email
  $aduser = Get-aduser -Filter "emailaddress -eq '$email'"
  try {
    Set-ADUser $aduser -ChangePasswordAtLogon $true
  } catch {
    Write-Host "Failed to update $email : $_"
  }
}