Cybersylum

Using Aria Automation APIs with PowerShell

byArron King 07.15.2023 Aria Automation

I needed to update a few bits of information for the networks in my on-prem Aria Automation deployment. It would have been pretty easy to update via the GUI. I thought this was a great opportunity to start learning about using Aria Automation APIs with PowerShell.

I thought I would share what I found to hopefully help someone new to APIs. This could also be useful if someone needed to make these changes in bulk. Let’s take a look!

Figuring things out

I started by reviewing the Aria Automation API Documentation (also known as the Swagger UI) built into each vRA install (in your environment go to https://your-vra-fqdn.com/automation-us/api/docs).

The Swagger UI will help describe how to use the APIs and even provides an interface to test them out.

Continue reading “Using Aria Automation APIs with PowerShell”

vToobelt – July 2023

byArron King 07.05.2023 vToolBelt

End of Technical Guidance for vSphere 6.5 and 6.7

These two versions of vSphere have served us well; but on November 15, 2023, all technical support for vSphere 6.5 and 6.7 will end as the products leave Technical Guidance. If you are still running these versions please upgrade now. If you have questions about the planning or upgrade process let us know!

Security Advisories

VMSA-2023-0007 – Aria Operations for Logs (Log Insight) – update to existing advisory to indicate code to exploit this vulnerability has been published.
VMSA-2023-0012 – Aria Operations for Networks (vRealize Network Insight) addresses multiple issues
VMSA-2023-0013 – VMware Tools Authentication Bypass
VMSA-2023-0014 – vCenter Server Memory Corruption

Upcoming Events

VMware Explore 2023
Las Vegas, Nevada
August 21-24 2023

The Content Catalog and Schedule Builder are available

Registration is open now!
You can use PSO credits to purchase a conference pass (full pricing information)

Continue reading “vToobelt – July 2023”

SMTP Forwarding in a Home Lab

byArron King 06.26.2023 Home Lab Linux

I use a small Linux VM in my environment to relay outbound SMTP using my e-mail provider. This is primarily used to get alerts and notifications from my Home Lab systems to my inbox.

My Ubuntu version was at end-of-life so it was time to rebuild with the latest version. I thought this was a good time to publish my notes to help myself – and anyone else!

Acknowledgements

I relied on 3 different blog articles to get this setup. I am sure there are other ways to accomplish this task; but these worked for me:

Goals

SMTP host capable of relaying emails from internal systems to my e-mail provider.
- No inbound SMTP is needed or desired
- SMTP had to send email using specific username/credentials
Initially it had to work with Gmail. I had the legacy free version of Google Apps since 2010. When that was initially announced to be shuttered, I moved all of my email services to Apple. Shortly after I had moved everything. Google announced it had changed its mind and was not shutting down Legacy G Suite after all; but that was too late for me. The steps below work for both Gmail and Apple mail.

Continue reading “SMTP Forwarding in a Home Lab”

vToolbelt – June 2023

byArron King 06.01.2023 vToolBelt

End of Technical Guidance for vSphere 6.5 and 6.7

Security Advisories

VMSA-2023-0007 and VMSA-2023-0009 – Aria Operations for Logs (aka Log Insight) – vulnerabilities fixed by version 8.12
VMSA-2023-0008 – Updates to VMware Workstation and Fusion address vulnerabilities
VMSA-20230-0010 – NSX-T XSS Vulnerability
VMSA-2023-0011 – VMware Identity Manager (vIDM) Insecure Redirect – this can affect vIDM deployments in Workspace ONE, Horizon, and vRealize/Aria Suite

Upcoming Events

VMware Innovation and Technology Showcase – Northeastern Ohio
Date: June 7, 2023
Time: 10:00am – 2:00-pm
Location: Akron, Ohio – The LeBron James Family Foundation House Three Thirty Event Center

Join your VMware Account team as they bring Subject Matter Experts to Akron for an in-person event to discuss how you can Simplify Disaster Recovery & Ransomware Recovery, Zero Trust in the Datacenter, as well as Threat Protection.

Full Agenda and Registration

Continue reading “vToolbelt – June 2023”

Log Insight Custom SSL Cert Upgrade Issue

byArron King 04.20.2023 Aria Operations for Logs Certificates

Notes:

If you are reading this after 4/30/23 and the SSL Certificates on your Log Insight deployment have expired – check out KB 92080. It contains the steps to replace the expired certificate in Log Insight.
As of 4/25 – the documentation in the release notes and KB articles have been updated to clarify steps to help identify custom SSL Certificates that may need to be recreated for Log Insight 8.12.

I ran into an issue applying the 8.12 version update to my Log Insight deployment. The upgrade failed fairly quickly and only sent a vague email that didn’t really provide any details.

The Log Insight upgrades I have done in the past have always gone smoothly and I haven’t had to really troubleshoot before, so I jumped onto the appliance via SSH to have a look. After I bit of poking around I found what I needed in the following file: /var/log/vmware/loginsight/upgrade.log

It contained an entry right before the errors:

Custom Certificate lacks “SSL client” purpose

I had replaced the self-signed certificates with custom certificates generated from the Microsoft CA in my environment but thought I had followed the the steps in the Log Insight Documentation for SSL Certificates to generate the certificate properly.

Continue reading “Log Insight Custom SSL Cert Upgrade Issue”

vToolbelt – May 2023

byArron King 04.20.2023 vToolBelt

Important Updates

This edition of the newsletter is being sent a few days early to deliver important news on Log Insight.

If you operate Log Insight 8– there is an important update you should review, test, and deploy immediately. This new version (8.12) will resolve 2 issues.

VMSA-2023-0007 – There are multiple CVEs included in this advisory and it has an elevated CVSSv3 base score. Escalated review and testing is recommended
KB 91441 – The current version of Log Insight has SSL certificates that expire on 4/30/23
If you haven’t updated the certificate prior to 4/30/23 – check out KB 92080 which has steps to replace the certificate after it expires
If you use Custom SSL Certificates, check out my post on new SSL Certificate requirements for Aria Operations for Logs/LogInsight.

You can download the upgrade pack (PAK) for the new version (8.12) from VMware Customer Connect.

Please note – Log Insight is now known as Aria Operations for Logs. This is part of the re-branding of the vRealize Suite to Aria Suite that was announced at VMware Explore last year. You can read more about this later in the newsletter.

Continue reading “vToolbelt – May 2023”

vToolbelt – April 2023

byArron King 04.01.2023 vToolBelt

Welcome to April!

Upcoming Events

VMware Explore 2023
Las Vegas, Nevada
August 21-24 2023

Registration opens April 25th!

You can use PSO credits to purchase a conference pass (full pricing information)

Save the Date!

Product Support Watch

The following products are nearing the End of General Support. You can find the full list on the VMware Lifecycle Product Matrix.

vSphere – vCenter and ESXi

General support for versions 6.5 and 6.7 has ended. You can still upgrade to Version 7

Skyline– Free to upgrade – learn how. This tool is free, easy, and useful. If you are not using Skyline yet, check it out !

Skyline Collector 3.2 – 8/25/23

Continue reading “vToolbelt – April 2023”

vToolbelt – March 2023

byArron King 03.01.2023 vToolBelt

Welcome to March!

VMware Security Advisories

VMSA-2022-0027 – This existing advisory on NSX-V vulnerability has been updated to advise that there are active exploits in the wild. If you are still running NSX-V and cannot migrate to NSX-T – please review – a patch has been made available.
VMSA-2023-0004 -Carbon Black App Control addresses injection vulnerability
VMSA-2023-0005 – vRealize Orchestrator update addresses XML External Entity vulnerability
VMSA-2023-0003 – Workspace ONE Content Update addresses passcode bypass vulnerability

Upcoming Events

VMware Explore 2023
Las Vegas, Nevada
August 21-24 2023

That’s right – VMware Explore is heading back to Las Vegas! Save the Date!

Product Support Watch

The following products are nearing the End of General Support. You can find the full list on the VMware Lifecycle Product Matrix.

vSphere – vCenter and ESXi

General support for versions 6.5 and 6.7 has ended. You can still upgrade to Version 7

Skyline– Free to upgrade – learn how. If you are not using Skyline yet, check it out ! This tool is free, easy, and useful

Skyline Collector 3.1 – 2/10/23
Skyline Collector 3.2 – 8/25/23

Continue reading “vToolbelt – March 2023”

VMUG Advantage – An essential tool to help you upgrade your skills

byArron King 02.10.2023 Education Home Lab VMUG

One of the necessities of working in IT is the need to continually learn and upgrade your skills. Change is constant and can happen quickly. Time is also limited – so I try to make the most of the time I spend learning. I have found VMUG Advantage to be essential to helping me upgrade my skills and make the most of my time in the lab.

The Home Lab

I have worked at many companies in my career spanning multiple verticals, starting as a customer and then moving to a partner. This path lead me to where I currently work – VMware. Unfortunately, too few organizations are willing to invest the money or time to provide safe places for their people to learn.

A long time ago I decided to invest in myself. I would not have been able to progress as I have without taking the time to learn and grow. That is where VMUG Advantage comes in!

My home lab started small; but has grown as my needs have changed (and funds allowed). The one thing that has always been a constant for me is time. We all have the same amount of time. I have rarely had too much time my hands; but do try to use it wisely 😉

Most products usually come with short term evaluation licenses that let the curious explore product features and functionality. The challenge is that when that license runs out in 30 or 60 days, I had to spend time tearing it all down just to re-install it again to get another free license.

Benefits of VMUG Advantage

VMUG Advantage provides 365 day evaluation licenses for over 15 different VMware solutions. This helps me stop wasting time. If I still need to work with a product after the evaluation license expires, I simply download a new key from the subscription and immediately resume what I was doing. No rebuild needed!

VMUG Advantage also includes VMware TestDrive. This is a cloud based service that allows you to try out features by spinning up a lab that is already set up and ready to go. This can be very useful in a number of situations:

Quick Evaluations – perhaps even test out specific features without manually setting up an entire environment
Try out SaaS Products that you cannot setup in a home lab
Work with products which have significant hardware requirements – If your home lab is small or doesn’t have all of the right hardware needed for vSAN, NSX, or Tanzu you can work with it in TestDrive

Additional Discounts

Official VMware Training – You can get an additional 20-35% off from a number of official VMware courses

VMware Explore – VMUG Advantage members also get an exclusive discount for VMware Explore passes.

Invest in yourself

I absolutely believe that the investments I have made in my own career have had tremendous impact on my life. Tools like VMUG Advantage allow you to get the most out of the time you spend learning and growing. If you work with VMware products and are looking to grow your skillset, I highly recommend you check out the VMUG Advantage Difference today!

vToolbelt – February 2023

byArron King 02.06.2023 vToolBelt

Let’s talk Ransomware

I am sure most everyone has heard about the latest ransomware attack called “ESXiArgs”. If you haven’t, two sites I follow have coverage [BleepingComputer and HackerNews].Ransomware uses a software exploit to gain access to a system and block access to that system until a sum of money is paid. There are instances where this exploit is unknown (also known as a Zero Day exploit). In the case of ESXiArgs, the attackers are targeting an exploit found in OpenSLP. A patch for this issue was released in February 2022 via VMSA 2019-0022. That date is not a typo – the patch has been available for about a year.

Please take a moment and review the VMSA above to ensure you are have applied the patch. If you cannot patch immediately, KB 76372 has steps on disabling the OpenSLP service on your ESXi hosts until you are able to find a patch window.

Protecting against Ransomware

One of the best general ways to protect your organization is to apply the relevant security patches. VMware publishes Security Advisories about it’s products. You can sign up to be notified when any new security advisory is published.

Continue reading “vToolbelt – February 2023”