Get-AzureVmManagementSolutionOnboardingState

1.0.6

Get-AzureVmManagementSolutionOnboardingState.ps1

                                
<#PSScriptInfo

.VERSION 1.0.6

.GUID 3268e204-99af-4846-8aa6-1a210e011bce

.AUTHOR Stas Kuvshinov

.COMPANYNAME Microsoft Corporation

.COPYRIGHT Microsoft Corporation

.TAGS Automation Management

.LICENSEURI 

.PROJECTURI 

.ICONURI 

.EXTERNALMODULEDEPENDENCIES LogAnalyticsQuery

.REQUIREDSCRIPTS 

.EXTERNALSCRIPTDEPENDENCIES 

.RELEASENOTES

The LogAnalyticsQuery module is available on https://dev.loganalytics.io/documentation/Tools/PowerShell-Cmdlets

.PRIVATEDATA 

#> 

#Requires -Module @{ ModuleName = 'AzureRM.Profile'; ModuleVersion = '3.1.0' }

#Requires -Module @{ ModuleName = 'AzureRM.Compute'; ModuleVersion = '3.1.0' }

#Requires -Module @{ ModuleName = 'AzureRM.Resources'; ModuleVersion = '3.1.0' }

#Requires -Module @{ ModuleName = 'AzureRM.OperationalInsights'; ModuleVersion = '3.4.1' }

<# 

.Parameter vmResourceId

Full resource identifier of an Azure VM

.Parameter solutionType

Type of the management solution. Possible values: 'updates', 'changeTracking'

.EXAMPLE

.\Get-AzureVmManagementSolutionOnboardingState.ps1 -vmResourceId /subscriptions/6c098ac2-6c43-4fd8-875c-6d089beb2ef5/resourceGroups/RG1/providers/Microsoft.Compute/virtualMachines/stas-ubuntu-1604-x -solutionType updates

.Example

.\Get-AzureVmManagementSolutionOnboardingState.ps1 -vmResourceId /subscriptions/6c098ac2-6c43-4fd8-875c-6d089beb2ef5/resourceGroups/RG1/providers/Microsoft.Compute/virtualMachines/ws-2012r2-a4 -solutionType changeTracking

.DESCRIPTION 

 The script gets management solution onboarding information for an Azure VM.

 Most of the script dependencies are available at the PowerShell Gallery with the only exception of the LogAnalyticsQuery.psm1 module that you need to manually download from https://dev.loganalytics.io/documentation/Tools/PowerShell-Cmdlets.

#> 

Param(

    [string]

    [Parameter(Mandatory = $true)]

    $vmResourceId,

    [string]

    [Parameter(Mandatory = $true)]

    [ValidateSet("updates", "changeTracking")]$solutionType

)

$information = [pscustomobject] [ordered] @{

    'AzureVMFound'=$false

    'AzureVMHasManagementExtensionInstalled'='n/a'

    'AzureVMManagementExtensionHasManagementWorkspaceInformation'='n/a'

    'ManagementWorkspaceFoundInSubscription'='n/a'

    'VmHeartbeatDataIngestedIntoWorkspace'='n/a'

    'VmHeartbeatDataIndicatesThatVmHasSolutionEnabled'='n/a'

    'SolutionDataIngestedIntoWorkspace'='n/a'

}

$vmDiscriminator = New-Object -Type PSObject -Proper @{'id'=$vmResourceId}

$vm = $vmDiscriminator | Get-AzureRmResource

if($vm -ne $null){

    $information.AzureVMFound = $true

    $vmMmaExtensionResourceId = "$($vmResourceId)/extensions/MMAExtension"

    $vmMmaExtensionDiscriminator = New-Object -Type PSObject -Proper @{'id'=$vmMmaExtensionResourceId}

    $vmMmaExtensionResource = $vmMmaExtensionDiscriminator | Get-AzureRmResource

    $information.AzureVMHasManagementExtensionInstalled = $false

    if($vmMmaExtensionResource -ne $null){

        $information.AzureVMHasManagementExtensionInstalled = $true

        $vmManagementWorkspaceId = $vmMmaExtensionResource.Properties.settings.workspaceId

        $information.AzureVMManagementExtensionHasManagementWorkspaceInformation = $false

        if($vmManagementWorkspaceId -ne $null){

            $information.AzureVMManagementExtensionHasManagementWorkspaceInformation = $true

            $vmManagementWorkspace = Get-AzureRmOperationalInsightsWorkspace | where-object {$_.CustomerId -eq $vmManagementWorkspaceId}

            $information.ManagementWorkspaceFoundInSubscription = $false

            if($vmManagementWorkspace -ne $null){

                $information.ManagementWorkspaceFoundInSubscription = $true

                $vmManagementWorkspaceResourceDiscriminator = New-Object -Type PSObject -Proper @{'id'=$vmManagementWorkspace.ResourceId}

                $vmManagementWorkspaceResource = $vmManagementWorkspaceResourceDiscriminator | Get-AzureRmResource

                $vmManagementWorkspaceSearchVersion = @{'0'='OQL';'1'='KQL'}[$vmManagementWorkspaceResource.Properties.features.searchVersion.ToString()]

                $queryVmHeartbeatDataIngestedIntoWorkspace = [String]::Format(@{

                'OQL'='Type=Heartbeat and (ResourceId="{0}" or Computer="{1}") | top 1'

                'KQL'='Heartbeat | where (ResourceId=~"{0}" or Computer=~"{1}") | take 1'

                }[$vmManagementWorkspaceSearchVersion], $vmResourceId, $vm.Name, $solutionType)

                $solutionTableName = @{'updates'='Update';'changeTracking'='ConfigurationChange'}[$solutionType]

                if($vmManagementWorkspaceSearchVersion -eq 'OQL'){

                    $queryVmHeartbeatDataIngestedIntoWorkspace = [String]::Format('Type=Heartbeat and (ResourceId="{0}" or Computer="{1}") | top 1', $vmResourceId, $vm.Name, $solutionType)

                    $information.VmHeartbeatDataIngestedIntoWorkspace = ($vmManagementWorkspace | Get-AzureRmOperationalInsightsSearchResults -Query $queryVmHeartbeatDataIngestedIntoWorkspace).Value.Count -eq 1                    

                    $queryVmHeartbeatDataIndicatesThatVmHasSolutionEnabled = [String]::Format('Type=Heartbeat and (ResourceId="{0}" or Computer="{1}") and Solutions:contains("{2}") | top 1', $vmResourceId, $vm.Name, $solutionType)

                    $information.VmHeartbeatDataIndicatesThatVmHasSolutionEnabled = ($vmManagementWorkspace | Get-AzureRmOperationalInsightsSearchResults -Query $queryVmHeartbeatDataIndicatesThatVmHasSolutionEnabled).Value.Count -eq 1

                    $querySolutionDataIngestedIntoWorkspace = [String]::Format('Type={0} and Computer="{1}" | top 1', $solutionTableName, $vm.Name)

                    $information.SolutionDataIngestedIntoWorkspace = ($vmManagementWorkspace | Get-AzureRmOperationalInsightsSearchResults -Query $querySolutionDataIngestedIntoWorkspace).Value.Count -eq 1

                }

                elseif($vmManagementWorkspaceSearchVersion -eq 'KQL'){

                    if(-not (Get-Command Invoke-LogAnalyticsQuery -ErrorAction SilentlyContinue)) {

                        Write-Error 'The VM is managed by a workspace with enhanced log analytics capabilities. Please, import the LogAnalyticsQuery module from https://dev.loganalytics.io/documentation/Tools/PowerShell-Cmdlets to verify if the solution data is being ingested into search.'

                        return $information

                    } 

                    $queryVmHeartbeatDataIngestedIntoWorkspace = [String]::Format('Heartbeat | where (ResourceId=~"{0}" or Computer=~"{1}") | take 1', $vmResourceId, $vm.Name, $solutionType)

                    $information.VmHeartbeatDataIngestedIntoWorkspace = (Invoke-LogAnalyticsQuery -WorkspaceName $vmManagementWorkspace.Name -ResourceGroup $vmManagementWorkspaceResource.ResourceGroupName -SubscriptionId $vmManagementWorkspaceResource.SubscriptionId -Query $queryVmHeartbeatDataIngestedIntoWorkspace).Results -ne $null

                    $queryVmHeartbeatDataIndicatesThatVmHasSolutionEnabled = [String]::Format('Heartbeat | where (ResourceId=~"{0}" or Computer=~"{1}") and Solutions has "{2}" | take 1', $vmResourceId, $vm.Name, $solutionType)

                    $information.VmHeartbeatDataIndicatesThatVmHasSolutionEnabled = (Invoke-LogAnalyticsQuery -WorkspaceName $vmManagementWorkspace.Name -ResourceGroup $vmManagementWorkspaceResource.ResourceGroupName -SubscriptionId $vmManagementWorkspaceResource.SubscriptionId -Query $queryVmHeartbeatDataIndicatesThatVmHasSolutionEnabled).Results -ne $null

                    $querySolutionDataIngestedIntoWorkspace = [String]::Format('{0} | where Computer=~"{1}" | take 1', $solutionTableName, $vm.Name)

                    $information.SolutionDataIngestedIntoWorkspace = (Invoke-LogAnalyticsQuery -WorkspaceName $vmManagementWorkspace.Name -ResourceGroup $vmManagementWorkspaceResource.ResourceGroupName -SubscriptionId $vmManagementWorkspaceResource.SubscriptionId -Query $querySolutionDataIngestedIntoWorkspace).Results -ne $null

                }                    

            }

        }

    }

}

return $information