A quick post on using Powershell & PowerCLI to email you a list of VMs that are not getting backed up.
Also functionality to exclude certain VMs from the check (those that you do not want to backup and be alerted on)
Note that this is just a quick post, I have not made variables for changing the environment specific aspects but if you want to adapt the script (I’m sure there are better ways to write it) please feel free – If you paste your changes as a comment below, I’d be happy to incorporate them into this post
The idea
The script does the following:
- Gets all VMs managed by the connected vCenter Server, unless they have a tag named “Do Not Backup”
- Searches the last 7 days of the event logs for the VM for any event triggered by a specific user account. The idea being that if a backup server uses an account named backup@vsphere.local and this is only used by the backup server, then this is a fairly reliable way to see if the VM is actually in a backup job or not.
- If there are no results returned then the VM name is added to an array
- Once all VMs are processed the array is output to a file
- An email is then sent out, only is there were VMs output to the file. Otherwise no email is sent. You can change this functionality to send an email regardless if required
- You get the email or you have it sent to your ticket system which can then be allocated to an engineer to resolve
- Just add the tag to any VMs that dont need a backup and the script will ignore them
You can add the script as a scheduled task to run daily / weekly if required or just run manually
Important notes
This script will work with any backup software that adds entries against VMs in vCenter server events while backing up the VM only
The script searches the events of a VM (the last 1000 events only – for speed) for any entries made by a specific user account in the last 7 days. This account can be an LDAP domain account or local vSphere SSO account but it must be only used by the backup software.
If your backup software uses this account for other non-backup tasks then this script is not for you.
The script does not work out if the VM has been backed up, it simply means that a specific user account has executed something on the VM object. In this case we are trying to catch when a backup account takes a snapshot for example.
I have tested with Backup Exec and Veeam on vSphere 6.5
Pre requisites
Creating the tag
- First, you need to create a new tag category, a tag and assign to a VM that does not need backing up
- Login with the administrator@vsphere.local account to the Web Client / the procedure is similar for the HTML5 client
- Home > Tags & Custom Attributes
- Go to Categories
- Add icon (Just above the headings of the table)
- Category Name: I called my one “Backups”
- Description: Backup Category
- Cardinality: One tag per object
- Associate Object Types: Virtual Machine
- Go to Tags
- Add icon
- Name: I called my tag “Do Not Backup”
- Description: VM does not need backing up
- Category: Backups
- Go to a VM that does not need backing up
- Summary
- Scroll down to Tags
- Assign
- Select the “Do Not Backup” tag
- Assign
The script
[sourcecode language=”plain”] Connect-VIServer -Server vcenter.domain.local -username USERNAME -password PASSWORD ##Change vCenter server address & change USERNAME and PASSWORD accordingly$VMsNotBackedUp = @();
$start = (Get-Date).AddDays(-7); ##Change the number of days to go back through the events, searching for entries by the username below
$sendEmail = $false;
$GetVM = Get-VM | where{(Get-TagAssignment -Entity $_).Tag.Name -notcontains ‘Do Not Backup’} ##Change ‘Do Not Backup’ to the name of your tag if different
Foreach ($vm in $GetVM){
$output = Get-VIEvent -Start $start -Entity $vm.name -UserName "username@vsphere.local" -MaxSamples 1000 | Select CreatedTime,UserName,FullFormattedMessage ##Change username@vsphere.local to the account that your backup server uses to create snapshots to backup the VM
if ($output.Count -eq 0){
$VMsNotBackedUp += $vm.name;
$sendEmail = $true;
}
}
if($sendEmail){
$VMsNotBackedUp | Out-File "C:\Backups\VMs-Not-Backed-Up.txt" ##Change this path to where the output is to be stored
Send-MailMessage -SmtpServer SMTPSERVER -To "Me <me@domain.com>" -From "Alerts <alerts@domain.com>" -Subject "VMs Not Backed Up" -Body "Report attached. Please review and add tags to VMs that do not need backing up" -Attachments "C:\Backups\VMs-Not-Backed-Up.txt" ##You will need to change your SMTP server address, the email addresses & file path here as a minimum
}
Disconnect-ViServer vcenter.domain.local -Force -Confirm:$false ##Change vCenter server address
[/sourcecode]
To add this as a scheduled task on Windows Server 2012R2, install VMware’s PowerCLI & follow this guide: https://virtualg.uk/running-powercli-powershell-scripts-as-a-scheduled-task/