This repository has been archived by the owner on Feb 28, 2019. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
GetLogs_Mk3.ps1
112 lines (98 loc) · 3.43 KB
/
GetLogs_Mk3.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
# Global Vairables
$scriptName = "GetLogs_Mk2"
$remoteName = ""
$startTime = ""
$stopTime = ""
$logType = "System" #Options: System,application,Hardwareevents,security
$currentDate = (Get-Date -Format "MM-dd-yyyy_HH_mm")
# END - Global variables
#---------------------------------------------------------
# Functions
#---------------------------------------------------------
function Pull-Errors {
Get-EventLog $script:logType -ComputerName $script:remoteName -After $script:startTime -Before $script:stopTime |format-table |select -Property TimeWritten,EntryType,Message |where {($_.EntryType -eq "Error") -or ($_.EntryType -eq "Warning")}| ConvertTo-Html |Out-File "C:\users\$env:USERNAME\desktop\$script:remoteName $(get-date -f MM-dd-yyyy)_EventLog.html"
$script:filePath = "C:\users\$env:USERNAME\desktop\$script:remoteName $(get-date -f MM-dd-yyyy)_EventLog.html"
}
function Pause {
Read-Host 'Press Enter to continue…' | Out-Null
}
function Set-remoteName{
$dnsFail = 0
#Loop to check the DNS record of the given entry
DO{
write-host "Please enter a remote computer's domain name: " -nonewline
$global:remoteName = Read-Host
#Checks and catches the domain name if an error is found.
try {
Resolve-DnsName $remoteName -erroraction stop | Out-Null
$dnsFail = 0
} catch {
echo "That DNS name did not resolve. Please try again."
$dnsFail = 1
start-sleep 2
cls
}
}until($dnsFail -eq 0)
echo "DNS name check OK."
start-sleep 2
cls
}
Function set-Logtype{
DO{
$exit = 0
echo "What type of log would you like to pull? Valid Options are: application, security, setip, or system"
$logType = Read-Host
if ($logType -eq "application" -or $logType -eq "security" -or $logType -eq "setup" -or $logType -eq "system"){
$exit = 1
$script:logType = $logType
break
}
echo "Invalid selection, please try again"
sleep 2
cls
}until($exit -eq 1)
}
#---------------------------------------------------------
# END Functions
#---------------------------------------------------------
#---------------------------------------------------------
# Main Script
#---------------------------------------------------------
cls
Echo "$scriptname - This script is used to pull errors & warning event logs from remote mahcines."
Echo "......................"
echo ""
Set-remoteName
#Gets the start time from user, or uses default of 12 hours ago if no entry is needed.
echo "Enter a start date/time, or press 'RETURN' to use the default:"
(Get-Date).addhours(-12)
echo ""
$startTime = Read-host
if (!$startTime){
$startTime = (Get-Date).addhours(-12)}
$startTime = Get-Date($startTime)
cls
#Gets the stop time from user, or uses default of current time
Echo "Enter an end date/time, or press 'RETURN' to use the default:"
echo ""
Get-Date
echo ""
$stopTime = Read-host
if (!$stopTime){
$stopTime = (Get-Date)}
$stopTime = Get-Date($stopTime)
cls
set-logtype
Echo "Connecting to $remoteName..."
Pull-Errors
echo "Export complete."
sleep 3
echo "Remote Name $remoteName"
echo "Log Path: $filePath"
echo "Log Start: $startTime"
echo "Log Stop: $stopTime"
echo "Log Type: $logType"
#Invoke-Item $filePath
#---------------------------------------------------------
# END - Main Script
#---------------------------------------------------------