« VMworld 2013 | Main | vSphere Research Project »
Monday
Sep192011

vSphere Research Project - Security Update

Several readers (ok, more than several) pointed out some security concerns about releasing esxtop data with hostname and VM name in it. Click through for a simple perl script that will strip out all the names from your data. They are replaced with server1 ... serverN. It is not pretty, but it gets the job done. Run the script with the name of the csv file from esxtop. This was a giant oversight on my part, and I should have put this up with the original request. 

This post refers to a paid vSphere research survey here

 

#!/usr/bin/perl -w

#
# clean.pl
#
# Usage:
#   clean.pl *.csv
#
# clean.pl will parse the file given on the command line and write the
# structure to a matching .clean file in the current working directory.
#

use strict;
use warnings;

for my $file (@ARGV) {

  print "Processing $file...\n";

    my $outfile = $file . ".clean";

    open my $fh, ">", $outfile
      or die "couldn't open $outfile: $!";

    open my $inf, "<", $file
      or die "couldn't open $file: $!";

    my $header = <$inf>;
    my $vmList = discoverVMs($header);

    my $i = 1;

    foreach my $my_vm (@$vmList) {
        $header =~ s/$my_vm/system$i/g;
        $i++;
    }

    print $fh $header;    

    while (<$inf>) {
        print $fh $_;
    }

    close $fh; 
    close $inf;
}



sub discoverVMs {
  my (@keyRow) = split(/\,/, $_[0]);
  my $columnCount = 0;
  my %vmMap;

  shift @keyRow;

  for my $column (@keyRow) {

    $columnCount++;

    my $header = parseColumnHeader($column);
    
    if (defined $header) {
      my $vm = checkGroupForVM($header->{group}, $columnCount);
      
      if (defined $vm) {
        $vmMap{$vm}++;
        $vmMap{$header->{host}}++;
      }
      
    }
  
  }
  
  return [keys %vmMap];
}

sub checkGroupForVM {

  my ($group, $columnNumber) = @_;
  my $rv = undef;

  if ($group !~ /VirtualRouter/ and $group =~ /\(([^)]+)\)/) {
  
    my $content = $1;
  
    my @token = split(":", $content);
    
    if (($token[-1] eq "vmware-vmx") or
        ($token[-1] eq "vmx")) {
    
      if (scalar @token == 4) {
        $rv = $token[1];
      } else {
        die "I expected four tokens and only got " . scalar(@token) . " when looking for a VM in column " . $columnNumber;
      }
    }    
  }  
  return $rv;
}

sub parseColumnHeader {
  my ($columnHeader) = @_;
  my $rv;

  if ($columnHeader =~ /^"\\\\([^\\]+)\\([^\\]+)\\([^\\]+)"$/x) {
    $rv->{host} = $1;
    $rv->{group} = $2;
  }
  return $rv;
}

PrintView Printer Friendly Version

EmailEmail Article to Friend

References (4)

References allow you to track sources for this article, as well as articles that were written in response to this article.
  • Response
    Response: qns
    l8n
  • Response
    Response: carpenter's fort
    Jesse St. Laurent
  • Response
    Response: bitcoin
    Jesse St. Laurent
  • Response
    Jesse St. Laurent

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>