0

这是一个初步脚本,它有点难看,需要一些工作(尤其是 pop3 日志部分),但我会定期使用它来让我的生活更轻松。它旨在用于 Powershell ISE,因此我在底部包含了 Easy Rerun 部分。如果您觉得有用,请随时提供建议、修复和清理。

确保更新 MailServerName 和日志文件夹以匹配您的环境。

    # == 从设置这些开始 ==
    $SearchFilter = "sonic.net"
    $StartDate = (Get-Date).AddDays(-1) #(Get-Date 10/01/2012)
    $EndDate = (Get-Date).AddDays(-0) #(Get-Date 11/01/2012)
    $mailserver = "邮件服务器名称"
    $OutputFolder = "$env:userprofile\Desktop\ExchangeLogs\"
    $IISLogsFolder = "\\$mailserver\c$\inetpub\logs\LogFiles\W3SVC1"
    $POP3LogsFolder = "\\$mailserver\c$\Program Files\Microsoft\Exchange Server\V14\Logging\POP3" # 未经测试
    $SMTPLogsFolder = "\\$mailserver\c$\Program Files\Microsoft\Exchange Server\V14\TransportRoles\Logs\MessageTracking"
    $POP3OutFile = "$OutputFolder\ExchangePOP3Logs.csv"
    $IISOutFile = "$OutputFolder\ExchangeIISLogs (owa、exchange 和 activesync).csv"
    $SMTPOutFile = "$OutputFolder\ExchangeSMTPLogs.csv"

    # == 初始化 ==
    功能检查-IISLogs {
        $IISFiles = Get-ChildItem $IISLogsFolder *.log|Where-Object {($_.CreationTime -gt $StartDate) -and ($_.CreationTime -lt $EndDate)}
        $IISHeader = ($IISFiles|Select-Object -First 1|Get-Content|select-string "#fields"|Select-Object -First 1).ToString().Substring(9).split(" ")
        $IISLogs = $IISFiles|Get-Content|Select-String $SearchFilter # 可能能够进行正则表达式搜索(未经测试)
        $IISLogsCsv = $IISLogs|ConvertFrom-Csv -Delimiter " " -header $IISHeader
        $IISLogsCSV|Export-Csv -Path "$IISOutFile"
        #start excel "$IISOutFile"
    }

    函数 Check-Pop3Logs { # !!!UNTESTED!!!
        $POP3Files = Get-ChildItem $POP3LogsFolder *.log|Where-Object {($_.CreationTime -gt $StartDate) -and ($_.CreationTime -lt $EndDate)}
        $POP3Header = ($POP3Files|Select-Object -First 1|Get-Content|select-string "#fields"|Select-Object -First 1).ToString().Substring(9).split(" ") #ToDo :更新选择字符串、子字符串和拆分([分隔符])
        $POP3Logs = $POP3Files|Get-Content|Select-String $SearchFilter # 可能能够进行正则表达式搜索(未经测试)
        $POP3LogsCsv = $POP3Logs|ConvertFrom-Csv -Delimiter " " -header $POP3Header #ToDo: update Delimiter
        $POP3LogsCSV|Export-Csv -Path "$POP3OutFile"
        #start excel "$POP3OutFile"
    }

    功能检查-SMTPLogs {
        $SMTPFiles = Get-ChildItem $SMTPLogsFolder *.log|Where-Object {($_.CreationTime -gt $StartDate) -and ($_.CreationTime -lt $EndDate)}
        $SMTPHeader = ($SMTPFiles|Select-Object -First 1|Get-Content|select-string "#fields"|Select-Object -First 1).ToString().Substring(9).split(",")
        $SMTPLogs = $SMTPFiles|Get-Content|Select-String $SearchFilter # 可能能够进行 RegEx 搜索(未经测试
        $SMTPLogsCsv = $SMTPLogs|ConvertFrom-Csv -Delimiter "," -header $SMTPHeader
        $SMTPLogsCSV|Export-Csv -Path "$SMTPOutFile"
        #start excel "$SMTPOutFile"
    }


    # == 运行 ==

    检查 IISLogs
    #Check-Pop3Logs # 还不行
    检查-SMTPLogs
    New-Item -Type Directory $OutputFolder -ErrorAction 静默继续

    开始 $OutputFolder


    <# -- 轻松重新运行
    $SearchFilter = "用户名"
    #$StartDate = (Get-Date).AddDays(-1) #(Get-Date 10/01/2012)
    #$EndDate = (Get-Date).AddDays(-0) #(Get-Date 11/01/2012)
    检查 IISLogs
    #Check-Pop3Logs # 还不行
    检查-SMTPLogs
    开始 $OutputFolder
    #>
4

0 回答 0