0

实际上我想在我的 Master.bat 文件中实现以下 3 件事:

1.  Collect and redirect all the entries of ‘Application’ event log to an output file.
2.  Search for a specific error message “The system cannot find the file specified” in Application event log and append the whole error message line to a log file.
3.  Send an Email notification to alert me about the error message found on daily basis.

大师.bat

wevtutil qe Application >D:\test\Applog.txt 
findstr /i /c:"The system cannot find the file specified" "D:\test\Applog.txt" > "D:\test\errorlog.txt"
PowerShell.exe -file D:\test\Mail.ps1 %1 %2

邮件.ps1

if (Select-String -Path D:\test\Applog.txt -pattern "The system cannot find the file specified") 
{
 function sendMail{
Write-Host "Sending Email"
$smtpServer = "smtp.domain.com"
$msg = new-object Net.Mail.MailMessage
 $smtp = new-object Net.Mail.SmtpClient($smtpServer)
 $msg.From = "No-reply@domain.com"
 $msg.To.Add("sunny@domain.com ") 
 $msg.subject = "Error found in log"
 $msg.body = "please check there is a known error in Application log."
$smtp.Send($msg)
 }
sendMail
}
else
{write-host "nothing to process"}

我在这里面临的问题是,不幸的是,Applog.txt 日志留下了大量数据需要查看,当我安排 Master.bat 时,我收到了许多天前发生的错误消息的电子邮件通知,我不想要。我只想在今天的当前日期接收错误消息通知电子邮件。

有人可以帮我吗?

4

1 回答 1

1

您可以通过迁移到 V3 并使用Get-WinEvent在 PowerShell 脚本中完成整个任务来简化此操作,例如:

$date = (Get-Date).AddDays(-2)
$pattern = 'The system cannot find the file specified'
$events = Get-WinEvent -LogName Application | 
              Where {$_.TimeCreated -gt $date -and $_.Message -match $pattern} | 
              Out-String -Width 110
if ($events) {
    Send-MailMessage -SmtpServer smtp.domain.com -From No-reply@bt.com -To sunny@domain.com -Subject 'Error found in log' -Body $events
}
于 2013-11-27T05:48:09.517 回答