I just wrote a little function to get out Flow Stats out of NSX … hopefully this might be useful to someone else.

If you appreciated the function, please check out a few of the sponsored Ad’s to help with my hosting

Function GetNSXFlow([String]$SearchObj, [String]$NSXMGR, $crds, $StartDate, $EndDate){

[int64]$StartDateEpoc = Get-Date -Date $StartDate.ToUniversalTime() -UFormat %s
[int64]$EndDateEpoc = Get-Date -Date $EndDate.ToUniversalTime() -UFormat %s

#Generate Basic authorization encoding
$User = $crds.GetNetworkCredential().Username
$pass = $crds.GetNetworkCredential().Password
$pair = "$($user):$($pass)"
$encodedCreds = [System.Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes($pair))

$ContentType = "application/xml;charset=utf-8"
$header = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$header.Add("Accept", "application/xml")
$header.Add("authorization", "Basic $encodedCreds")

$url = "https://$NSXMGR/api/2.1/app/flow/flowstats?contextId=$SearchObj&flowType=TCP_UDP&startTime=$StartDateEpoc&endTime=$EndDateEpoc&startIndex=0&pageSize=1024"

[xml]$Data = Invoke-RestMethod -Method GET -uri $url -ContentType $ContentType -Headers $header -Body $body

$FlowReport = @()

ForEach ($Flow in $Data.FlowStatsPage.flowStatsTcpUdp){

$FlowReport += New-Object PsObject -Property @{

        startTime = ([TimeZone]::CurrentTimeZone.ToLocalTime(([datetime]'1/1/1970').AddMilliSeconds([int64]$Flow.startTime))).tostring("dd/MM/yyyy HH:mm:ss")
        endTime = ([TimeZone]::CurrentTimeZone.ToLocalTime(([datetime]'1/1/1970').AddMilliSeconds([int64]$Flow.endTime))).tostring("dd/MM/yyyy HH:mm:ss")
        ruleId = $Flow.ruleId
        blocked = $Flow.blocked
        protocol = if ($Flow.protocol -eq 6){'TCP'} else {'UDP'}
        direction = if ($Flow.direction -eq 1){'TX'} else {'RX'}
        sessions = $Flow.sessions
        sourcePackets = $Flow.sourcePackets
        destinationPackets = $Flow.destinationPackets
        sourceBytes = $Flow.sourceBytes
        destinationBytes = $Flow.destinationBytes
        source = $Flow.source
        destination = $Flow.destination
        destinationPort = $Flow.destinationPort
    }

}

Return $FlowReport
}

Here is a sample of the output:

nsxflowreport

Example usage:

So that I don’t keep being prompted for credentials I save the service account user and password with the powershell Get-Credential command.

$cred = Get-Credential
$cred | Export-Clixml -Path "d:\NSX\Config\NSXCreds.xml"

 

Get the objectID by using the following methods…

vCenter

Powershell PowerCLI

vRops API…

vropsobjid

 

to the function…

$ScriptPath = (Get-Item -Path ".\" -Verbose).FullName
$NSXcred = Import-Clixml -Path "$ScriptPath\config\$NSXcreds.xml"


$Report = GetNSXFlow ObjectID $NSXMGRAddress $NSXcred '2016/09/23 22:00' '2016/09/23 23:00'
$Report | Sort-Object { $_.startTime -as [datetime] } | Select startTime, endTime, source, destination, destinationPort, sourcePackets, destinationPackets, sourceBytes, destinationBytes, ruleId, blocked, protocol, direction, sessions  | export-csv D:\NSX\NSXFlowReport.csv -NoTypeInformation