国产探花免费观看_亚洲丰满少妇自慰呻吟_97日韩有码在线_资源在线日韩欧美_一区二区精品毛片,辰东完美世界有声小说,欢乐颂第一季,yy玄幻小说排行榜完本

首頁 > 開發 > PowerShell > 正文

Powershell小技巧之從文件獲取系統日志

2020-05-30 20:18:04
字體:
來源:轉載
供稿:網友

有時你可能會需要分析系統文件將他們傳輸到硬盤,或你想直接從“evtx”讀取系統日志。

你可以這樣做:

代碼如下:
$path = "$env:windir/System32/Winevt/Logs/Setup.evtx"
Get-WinEvent -Path $path

另附上一段獲取系統日志的代碼

代碼如下:
$StartTime = (get-date).Date + (new-timespan -Hours 6 -Minutes 35)
$EndTime = (get-date).Date + (new-timespan -Hours 6 -Minutes 36)
$global:TaskStart
$Global:TaskComplete
$Global:events
$Global:event
$Global:TimeSpent
$Global:events = get-winevent -FilterHashtable @{logname = "Microsoft-Windows-TaskScheduler/Operational"; ID=107;StartTime=$StartTime;EndTime=$EndTime}
Foreach($Global:event in $Global:events)
{
    cls
    $StartLogs=get-winevent -FilterHashtable @{logname = "Microsoft-Windows-TaskScheduler/Operational";ID=100;StartTime=$StartTime}
    $CompleteLogs=get-winevent -FilterHashtable @{logname = "Microsoft-Windows-TaskScheduler/Operational";id=102;StartTime=$StartTime}
    $global:TaskStart=$StartLogs | where {$_.ActivityId -eq $Global:event.ActivityId}
    $Global:TaskComplete=$CompleteLogs | where {$_.ActivityId -eq $Global:event.ActivityId}
    $global:TimeSpent=($global:TaskComplete.timeCreated-$global:TaskStart.timeCreated).TotaLMinutes
    if(($global:TaskStart -ne $NULL) -and ($Global:TaskComplete -ne $null) -and ($Global:TimeSpent -gt 1)){
          
        $Messagebody="Sync task started at:  "+$global:TaskStart.TimeCreated.DateTime+"`r`n"
        $Messagebody=$Messagebody+"`r`nSync task completed at:  "+$global:TaskComplete.timeCreated.DateTime+"`r`n"
        $Messagebody=$Messagebody+"`r`nTask lasted for "+("{0:N2}" -f ($Global:TimeSpent) )+" minutes"
          
        Send-MailMessage -From "CustomerLog@avepoint.com" -To "Zhijie.bai@avepoint.com","Infrastructure_cn@avepoint.com" -Subject "Customer Logs Sync Report:Success" -Body $Messagebody -SmtpServer "10.100.100.153" -Encoding UTF8
    }
    else{
        $Messagebody="########################################################################`r`n"
        $Messagebody=$Messagebody+"`r`nCustom logs Sync failed, please login 10.2.0.125 to check and sync again`r`n"
        $Messagebody=$Messagebody+"`r`n########################################################################`r`n"
        Send-MailMessage -From "CustomerLog@avepoint.com" -To "Zhijie.bai@avepoint.com","Infrastructure_cn@avepoint.com" -Subject "Customer Logs Sync Report:Failed" -Body $Messagebody -SmtpServer "10.100.100.153" -Encoding UTF8 -Priority High

發表評論 共有條評論
用戶名: 密碼:
驗證碼: 匿名發表
主站蜘蛛池模板: 奈曼旗| 新野县| 海淀区| 原阳县| 丰都县| 麻城市| 游戏| 莫力| 宁陕县| 和平县| 宝山区| 梅州市| 岳普湖县| 白河县| 治多县| 建湖县| 云南省| 桐梓县| 大丰市| 抚松县| 苍南县| 武宣县| 临安市| 昂仁县| 广州市| 介休市| 嘉峪关市| 潜山县| 武功县| 肥城市| 梅州市| 玛沁县| 泸定县| 旅游| 攀枝花市| 封丘县| 尉犁县| 延吉市| 凌海市| 思茅市| 基隆市|