opexxx
2/9/2017 - 8:49 PM
This script searches for a given EventID from servers.txt and output a HTML report. excluding the duplicates.
This script searches for a given EventID from servers.txt and output a HTML report. excluding the duplicates.
cls
# #############################################################################
# NAME: GetEventLogsFromServers.ps1
#
# AUTHOR: ANDRE BARBOSA DE AMARAL
# DATE: 2016/10/05
# EMAIL: bcn.andre@gmailcom
#
# COMMENT: This script generates a report of the Event IDs specified below.
#
# VERSION HISTORY
# 1.0 2016.10.05 Initial Version.
#
# TO ADD OR IMPROVE
#
# #############################################################################
Function onlineCheck {
param($InputObject = $null)
BEGIN {$status = $True}
PROCESS {
if ($InputObject -and $_) {
throw 'ParameterBinderStrings\AmbiguousParameterSet'
} elseif ($InputObject -or $_) {
$processObject = $(if ($InputObject) {$InputObject} else {$_})
write-host "Ping [$processObject]"
if( (Test-Connection $processObject -Quiet -count 1)) {
write-host "Ping response OK" -ForegroundColor DarkGreen
}
else {
write-host "Ping failed - host not found" -ForegroundColor red
$status = $False
}
}
else {throw 'ParameterBinderStrings\InputObjectNotBound'}
# next processObject
}
# Return True if pings to all machines succeed:
END {return $status}
}
$inputfilepath = "C:\Scripts\PS\EventLog"
$inputfilename = "servers.txt"
$serverlistinput = $inputfilepath + "\" + $inputfilename
Write-host "Check Input File" -Foregroundcolor Yellow -Backgroundcolor Black
$checkinputexist = test-path $serverlistinput
if ($checkinputexist -ne $True)
{
Write-host "Please Generate Servers.txt on the desktop. This should contain all the servers you wish to connect to" -Foregroundcolor Red -BackgroundColor Black
write-host "One Entry per line" -Foregroundcolor Red -Backgroundcolor Black
Exit 1
}
cls
write-host "Input File Exists!" -Foregroundcolor Green -backgroundcolor Black
Write-Host "`nReading in server list, Please wait..." -foregroundcolor Yellow -backgroundcolor Black
$serverlist = Get-Content $serverlistinput
if ($serverlist.count -gt 0)
{
Write-Host "`nWe have read " $serverlist.count " servers from the file" -Foregroundcolor Green -backgroundcolor Black
Write-Host "The following servers will be scanned `n" $serverlist -Foregroundcolor Green -backgroundcolor Black
}
else
{
cls
write-host "Servers.txt is either empty or corrupt please re-create or add server names to the list" -foregroundcolor red -backgroundcolor black
exit 1
}
#test for results directory if does not exist create it!
$resultsdirexist = Test-Path "C:\Scripts\PS\EventLog\Reports\"
$resultsdirparent = "C:\Scripts\PS\EventLog\"
$resultsdirname = "Reports"
$testpath = $resultsdirparent + $resultsdirname
$resultsdirexist = Test-Path $testpath
if ($resultsdirexist -ne "True")
{
Write-Host "Directory Does not exist."
Write-Host "Creating...."
Set-Location $resultsdirparent
New-Item -path $resultsdirparent -Name $resultsdirname -type directory
Write-Host $testpath " has been created"
Write-Host "This is where all output from the files will be stored"
}
$report = $testpath + "\$(get-date -f yyyy-MM-dd-HHmmss)_reports.htm"
Clear-Content $report -EA SilentlyContinue
[array]$eventlogs = $null
$eventlogs += "Application"
#$eventlogs += "Security"
#$Eventlogs += "System"
$countarr = $eventlogs.count
$eventid = "9217"
$events = "200"
Foreach ($s in $serverlist)
{
$progress = "."
Add-Content $report "<html>"
Add-Content $report "<head>"
Add-Content $report "<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'>"
Add-Content $report '<title>Event Log Report for Server $s</title>'
add-content $report '<STYLE TYPE="text/css">'
add-content $report "<!--"
add-content $report "td {"
add-content $report "font-family: Tahoma;"
add-content $report "font-size: 11px;"
add-content $report "border-top: 1px solid #999999;"
add-content $report "border-right: 1px solid #999999;"
add-content $report "border-bottom: 1px solid #999999;"
add-content $report "border-left: 1px solid #999999;"
add-content $report "padding-top: 0px;"
add-content $report "padding-right: 0px;"
add-content $report "padding-bottom: 0px;"
add-content $report "padding-left: 0px;"
add-content $report "}"
add-content $report "body {"
add-content $report "margin-left: 5px;"
add-content $report "margin-top: 5px;"
add-content $report "margin-right: 0px;"
add-content $report "margin-bottom: 10px;"
add-content $report ""
add-content $report "table {"
add-content $report "border: thin solid #000000;"
add-content $report "}"
add-content $report "-->"
add-content $report "</style>"
Add-Content $report "</head>"
Add-Content $report "<body>"
add-content $report "<table width='100%'>"
add-content $report "<tr bgcolor='#CCCCCC'>"
add-content $report "<td colspan='7' height='25' align='center'>"
add-content $report "<font face='tahoma' color='#003399' size='4'><strong>EventID $eventid Report of the last $events events From Server $s</strong></font>"
add-content $report "</td>"
add-content $report "</tr>"
add-content $report "</table>"
add-content $report "<table width='100%'>"
Add-Content $report "<tr bgcolor=#CCCCCC>"
Add-Content $report "<td width='5%' align='center'>Index</td>"
Add-Content $report "<td width='5%' align='center'>Time</td>"
Add-Content $report "<td width='5%' align='center'>EntryType</td>"
Add-Content $report "<td width='5%' align='center'>Source</td>"
Add-Content $report "<td width='5%' align='center'>InstanceID</td>"
Add-Content $report "<td width='5%' align='center'>TimeSpan (Days)</td>"
Add-Content $report "<td width='70%' align='center'>Message</td>"
Add-Content $report "</tr>"
For ($count = 0; $count -lt $countarr;$count++)
{
if (onlineCheck "$s"){
write-host "`n`nCollection Event Logs" $eventlogs[$count] "from Computer $s" -foregroundcolor yellow -backgroundcolor black
#$logs = get-eventlog -logname $eventlogs[$count] -computername $s -newest 100
$logs = Get-EventLog -LogName $eventlogs[$count] -Source "MSExchangeTransport" -Computername $s -Newest $events | Where-Object {$_.EventID -eq $eventid} | Unique
Write-host "Processing" -foregroundcolor yellow -backgroundcolor black
Foreach ($l in $logs)
{
write-host $progress -nonewline -Foregroundcolor Green -backgroundcolor Black
$index = $l.index
$time = $l.timegenerated
$Entrytype = $l.entrytype
$Source = $l.source
$InstanceID = $l.instanceID
$mytimespan = new-timespan ($l.timegenerated) (Get-Date)
$TimeSpan = [math]::Round($mytimespan.TotalDays)
$Message = $l.message
if ($entrytype -eq "Error")
{
Add-Content $report "<tr>"
Add-Content $report "<td bgcolor='#FF0000'>$index</td>"
Add-Content $report "<td bgcolor='#FF0000' align=center>$time</td>"
Add-Content $report "<td bgcolor='#FF0000' align=center>$entrytype</td>"
Add-Content $report "<td bgcolor='#FF0000' align=center>$source</td>"
Add-Content $report "<td bgcolor='#FF0000' align=center>$InstanceID</td>"
Add-Content $report "<td bgcolor='#FF0000' align=center>$TimeSpan</td>"
Add-Content $report "<td bgcolor='#FF0000' align=center>$Message</td>"
Add-Content $report "</tr>"
}
<#
if ($entrytype -eq "Warning" -and $InstanceID -eq "865" -and $TimeSpan - "7")
{
Add-Content $report "<tr>"
Add-Content $report "<td bgcolor='#FFFFFF'>$index</td>"
Add-Content $report "<td bgcolor='#FFFFFF' align=center>$time</td>"
Add-Content $report "<td bgcolor='#FFFFFF' align=center>$entrytype</td>"
Add-Content $report "<td bgcolor='#FFFFFF' align=center>$source</td>"
Add-Content $report "<td bgcolor='#FFFFFF' align=center>$InstanceID</td>"
Add-Content $report "<td bgcolor='#FFFFFF' align=center>$TimeSpan</td>"
Add-Content $report "<td bgcolor='#FFFFFF' align=center>$Message</td>"
Add-Content $report "</tr>"
}
#>
#if ($entrytype -eq "Information")
#{
#Add-Content $report "<tr>"
#Add-Content $report "<td>$index</td>"
#Add-Content $report "<td>$time</td>"
#Add-Content $report "<td>$entrytype</td>"
#Add-Content $report "<td>$source</td>"
#Add-Content $report "<td>$InstanceID</td>"
#Add-Content $report "<td>$Message</td>"
#Add-Content $report "</tr>"
#}
$progess++
}
Add-content $report "</table>"
Add-Content $report "</body>"
Add-Content $report "</html>"
}
write-host "`n" #I put this in here because by default there was no return after the green dots.
}#end psp function
}