.SYNOPSIS PowerCLI script:For spectre vulnerability : "How to confirm whether vCenter server, ESXi hypervisor & CPU microcode patches are applied or not?"
.NOTES Author: Vikas Shitole
.NOTES Site:
.NOTES Reference:
.NOTES Please add the vCenter server IP/credetails as per your environment
.NOTES Relese notes:
VC 6.5 U1g:
VC 6.0 U3e:
VC 5.5 U3h:
#vCenter Connection, please modify as per your env.
Connect-VIServer -Server -Protocol https -User administrator@vsphere.local -Password VMware!32
function Get-VMLog{
<# .SYNOPSIS Retrieve the virtual machine logs .DESCRIPTION The function retrieves the logs from one or more virtual machines and stores them in a local folder .NOTES Author: Luc Dekens .PARAMETER VM The virtual machine(s) for which you want to retrieve the logs. .PARAMETER Path The folderpath where the virtual machines logs will be stored. The function creates a folder with the name of the virtual machine in the specified path. .EXAMPLE PS> Get-VMLog -VM $vm -Path "C:\VMLogs"
PS> Get-VM | Get-VMLog -Path "C:\VMLogs"
foreach($obj in $VM){
if($obj.GetType().Name -eq "string"){
$obj = Get-VM -Name $obj
$logPath = $obj.Extensiondata.Config.Files.LogDirectory
$dsName = $logPath.Split(']')[0].Trim('[')
$vmPath = $logPath.Split(']')[1].Trim(' ')
$ds = Get-Datastore -Name $dsName
$drvName = "MyDS" + (Get-Random)
New-PSDrive -Location $ds -Name $drvName -PSProvider VimDatastore -Root '\' | Out-Null
Copy-DatastoreItem -Item ($drvName + ":" + $vmPath + "vmware.log") -Destination ($Path + "\" + $obj.Name + "\") -Force:$true
Remove-PSDrive -Name $drvName -Confirm:$false
$report = @()
#Location where vmware.log file gets downloaded
# Any of below lines must be found in vmware.log file to confirm microcode & VMware hypervisor patch
$pat1='Capability Found: cpuid.IBRS'
$pat2='Capability Found: cpuid.IBPB'
$pat3='Capabliity Found: cpuid.STIBP'
$clusterName="EVCCluster" #Your cluster name, script assumes that cluster is available
$cluster= Get-Cluster -Name $clusterName
#Get connected hosts from above cluster
$esxhosts = Get-Cluster $cluster | Get-VMHost -State Connected
#Counter used to give unique name to dummyvm, you can use any number of your choice.
#Iterating through each host for VM creation and scanning vmware.log file
Foreach ($ESXHost in ($esxhosts)){
#Creating dummy vm with below configuration
New-VM -Name $vm -VMHost $ESXHost -ResourcePool $cluster -DiskGB 1 -MemoryGB 1 -DrsAutomationLevel Disabled -DiskStorageFormat Thin
Start-VM -VM $vm -RunAsync -Confirm:$false #DRS may powerON this VM on some other host inside the cluster
Get-VMLog -VM $vm -Path "C:\"
if (Get-ChildItem -Path $dest -Filter "*.log" | Where {Get-Content -Path $_.FullName | Select-String -Pattern $pat1}){
$row = '' | select HostName, Status
$row.HostName = $($
$report += $row
Write-Host "Matched pattern:"+$pat1+":"+$vm+":"+$($
ElseIf (Get-ChildItem -Path $dest -Filter "*.log" | Where {Get-Content -Path $_.FullName | Select-String -Pattern $pat2}){
$row = '' | select HostName, Status
$row.HostName = $($
$row.Status ="Patched"
$report += $row
Write-Host "Matched pattern:"+$pat2+":"+$vm+":"+$($
ElseIf (Get-ChildItem -Path $dest -Filter "*.log" | Where {Get-Content -Path $_.FullName | Select-String -Pattern $pat3}){
$row = '' | select HostName, Status
$row.HostName = $($
$row.Status ="Patched"
$report += $row
Write-Host "Matched pattern:"+$pat3+":"+$vm+":"+$($
$row = '' | select HostName, Status
$row.HostName = $($
$row.Status ="Un-Patched"
$report += $row
Write-Host "Nothing matched on for VM on host:"$($
Stop-VM -VM $vm -RunAsync -Confirm:$false
#you can delete this VM as well to avoid any disk space consumption or minimize the disk size
#Log the report into this CSV file, you can provide your name
$report | Sort HostName | Export-Csv -Path "D:PatchStatus.csv"
#Disconnect the vCenter server
Disconnect-VIServer -Confirm:$false