PowerCLI : Set Persistent Log on Local datastore

Here’s a quick a powerCLI script to set local datastore as persistent log location on ESXi.

This is part of the hardening requirement for vSphere which any security concerned customers are looking at implementing.


[sourcecode language="powershell" padlinenumbers="true"]
function ReturnLocalDatastore  ($vmhost)
	$data = $VMHost | Get-Datastore | Get-View | Select-Object  @{n="Name";e={$_.Name}}, @{n="Multi-Access";e={$_.Summary.MultipleHostAccess}} |  where {$_."Multi-Access" -eq $false} 
	return $data.Name

foreach ($VMHost in Get-VMHost)
	$currentSetting =  Get-AdvancedSetting -Entity $VMHost -Name "Syslog.global.logDir"
	if ($currentSetting.value -eq "[] /scratch/log")
		$VMHostName = $VMHost.Name.Split('.')
		$localDS = ReturnLocalDatastore -VMHost $vmhost
		$VMHostDatastore = "[$localDS] /systemlogs"
		Write-Host " Setting  [ $vmhost ]  persistent log to: [ $VMHostDatastore ]"
		Get-AdvancedSetting -Entity $VMHost -Name "Syslog.global.logDir" | Set-AdvancedSetting -Value $VMHostDatastore -Confirm:$false

