We have a situation where some physical machine is echoing back packets from a virtual machine. We want to capture the VM name since it usually has a job number that will give us a clue on what task might be doing this. These VMs get set up, tests run, and torn down; so they don't stick around for us to find them later.
The PowerShell / PowerCLI script would include this line:
Get-VM | Get-NetworkAdapter | Where {$_.MacAddress -eq $MACADDRESS_FROM_NCM} | Select-Object Parent,Name,MacAddress
What I'm stuck on is how to get the MAC address from the syslog message parsed and sent to the script.
Example syslog message:
Oct 13 15:09:27 SE1PDTSTB0201 PortSec: %ETH-4-HOST_FLAPPING: Host 00:50:56:b7:53:96 in VLAN 3655 is flapping between interface Port-Channel12 and interface Ethernet26/1 (message repeated 1 times in 770140 secs)
