- Mar 31, 2003
- 11,679
- 0
- 81
This script will be run on one of my servers via scheduled task. I am trying to accomplish 3 things with this script:
1. Export the System, Application, and Security logs from each system on the domain and clear them.
2. Parse the logs for any errors
3. Generate an E-Mail containing all aforementioned errors
I; however, have run into some problems. I haven't started the code for #3 yet because I cannot get 1 or 2 to work properly.
So the first problem I have is wevtutil returns an "Access Denied" error anytime I try to connect to a machine other than the local machine. Windows Firewall service is not enabled on any of these machines.
When I try to supply /u:[Username] it simply hangs and does nothing. I have tried /p:[Password] with that and, again, it hangs and does nothing.
The second problem is that the
doesn't work when I try to go over any path other than a local drive (C
. I want all the logs stored on my File Server. I have tried a UNC path as well as a path using a mapped network drive for the path to no avail.
Any suggestions are more than welcome.
Thanks,
-GP
1. Export the System, Application, and Security logs from each system on the domain and clear them.
2. Parse the logs for any errors
3. Generate an E-Mail containing all aforementioned errors
I; however, have run into some problems. I haven't started the code for #3 yet because I cannot get 1 or 2 to work properly.
Code:
# Log Backup Script and Analysis
# Defines the root directory for all systems and date directories for individual systems
$rootDirectory = "\\FS1\AdminShare$\[System Logs]"
$dateDirectory = Get-Date -UFormat "%m%d%Y"
# Gets the names of all computers on the domain
$objSearcher = New-Object DirectoryServices.DirectorySearcher([adsi]"")
$objSearcher.filter = "(objectclass=computer)"
$DOMAIN_Domain = $objSearcher.findall()
Foreach($DOMAIN_Computer in $DOMAIN_Domain)
{
# Sets the working directory based on the computer name
$DOMAIN_Computer_Name = $Domain_Computer.properties.cn
$workingDirectory = $rootDirectory + "\" + "PC-01" + "\" + $dateDirectory + "\"
# Creates directory if it doesn't already exist
if (!(Test-Path -LiteralPath $workingDirectory))
{
New-Item $workingDirectory -type directory
}
# Exports the Application, System, and Security Logs to the working directory
# and clears the logs on the machine.
wevtutil /r:PC-01 /ow:True epl Application $workingDirectory`Application.evtx
#wevtutil /r:PC-01 /ow:True epl System$workingDirectory`System.evtx
#wevtutil /r:PC-01 /ow:True epl Security$workingDirectory`Security.evtx
Get-WinEvent -Path $workingDirectory
break
}So the first problem I have is wevtutil returns an "Access Denied" error anytime I try to connect to a machine other than the local machine. Windows Firewall service is not enabled on any of these machines.
When I try to supply /u:[Username] it simply hangs and does nothing. I have tried /p:[Password] with that and, again, it hangs and does nothing.
The second problem is that the
Code:
Get-WinEvent -Path $workingDirectoryAny suggestions are more than welcome.
Thanks,
-GP
Facebook
Twitter