国产探花免费观看_亚洲丰满少妇自慰呻吟_97日韩有码在线_资源在线日韩欧美_一区二区精品毛片,辰东完美世界有声小说,欢乐颂第一季,yy玄幻小说排行榜完本

首頁 > 開發 > PowerShell > 正文

Powershell小技巧之從文件獲取系統日志

2020-05-30 20:18:04
字體:
來源:轉載
供稿:網友

有時你可能會需要分析系統文件將他們傳輸到硬盤,或你想直接從“evtx”讀取系統日志。

你可以這樣做:

代碼如下:
$path = "$env:windir/System32/Winevt/Logs/Setup.evtx"
Get-WinEvent -Path $path

另附上一段獲取系統日志的代碼

代碼如下:
$StartTime = (get-date).Date + (new-timespan -Hours 6 -Minutes 35)
$EndTime = (get-date).Date + (new-timespan -Hours 6 -Minutes 36)
$global:TaskStart
$Global:TaskComplete
$Global:events
$Global:event
$Global:TimeSpent
$Global:events = get-winevent -FilterHashtable @{logname = "Microsoft-Windows-TaskScheduler/Operational"; ID=107;StartTime=$StartTime;EndTime=$EndTime}
Foreach($Global:event in $Global:events)
{
    cls
    $StartLogs=get-winevent -FilterHashtable @{logname = "Microsoft-Windows-TaskScheduler/Operational";ID=100;StartTime=$StartTime}
    $CompleteLogs=get-winevent -FilterHashtable @{logname = "Microsoft-Windows-TaskScheduler/Operational";id=102;StartTime=$StartTime}
    $global:TaskStart=$StartLogs | where {$_.ActivityId -eq $Global:event.ActivityId}
    $Global:TaskComplete=$CompleteLogs | where {$_.ActivityId -eq $Global:event.ActivityId}
    $global:TimeSpent=($global:TaskComplete.timeCreated-$global:TaskStart.timeCreated).TotaLMinutes
    if(($global:TaskStart -ne $NULL) -and ($Global:TaskComplete -ne $null) -and ($Global:TimeSpent -gt 1)){
          
        $Messagebody="Sync task started at:  "+$global:TaskStart.TimeCreated.DateTime+"`r`n"
        $Messagebody=$Messagebody+"`r`nSync task completed at:  "+$global:TaskComplete.timeCreated.DateTime+"`r`n"
        $Messagebody=$Messagebody+"`r`nTask lasted for "+("{0:N2}" -f ($Global:TimeSpent) )+" minutes"
          
        Send-MailMessage -From "CustomerLog@avepoint.com" -To "Zhijie.bai@avepoint.com","Infrastructure_cn@avepoint.com" -Subject "Customer Logs Sync Report:Success" -Body $Messagebody -SmtpServer "10.100.100.153" -Encoding UTF8
    }
    else{
        $Messagebody="########################################################################`r`n"
        $Messagebody=$Messagebody+"`r`nCustom logs Sync failed, please login 10.2.0.125 to check and sync again`r`n"
        $Messagebody=$Messagebody+"`r`n########################################################################`r`n"
        Send-MailMessage -From "CustomerLog@avepoint.com" -To "Zhijie.bai@avepoint.com","Infrastructure_cn@avepoint.com" -Subject "Customer Logs Sync Report:Failed" -Body $Messagebody -SmtpServer "10.100.100.153" -Encoding UTF8 -Priority High

發表評論 共有條評論
用戶名: 密碼:
驗證碼: 匿名發表
主站蜘蛛池模板: 三台县| 汶上县| 闸北区| 中山市| 呼图壁县| 北京市| 原阳县| 厦门市| 灵武市| 常德市| 海林市| 镇安县| 乐清市| 烟台市| 奉节县| 武清区| 溧水县| 称多县| 晋州市| 宁都县| 康马县| 延吉市| 浦北县| 兴化市| 米泉市| 尼勒克县| 双柏县| 哈尔滨市| 平乐县| 梅河口市| 邹城市| 米林县| 通江县| 仪陇县| 同德县| 新晃| 集贤县| 凤冈县| 陵川县| 德庆县| 云和县|