Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
T
T
Typ6o_CycJIuk2015-09-13 15:36:17
PowerShell
Typ6o_CycJIuk, 2015-09-13 15:36:17

How to make PowerShell script work in WinSrv 2008?

Good day friends! There is a task to carry out audit of an input/exit of users on the server. After searching the open spaces, I realized that it is better to implement this with a Powershell script. There is an "almost" finished script:

param ($key1,$val1,$val2,$val3,$val4,$val5,$val6)
if ($val1 -eq $null) {$val1=0};
$mydate = Get-date -hour 0 -minute 0 -second 0;
if ($key1 -eq "year") { $mydate = (Get-date -hour 0 -minute 0 -second 0 -day 1 -month 1); $mydate = $mydate.addyears(-$val1); };
if ($key1 -eq "month") { $mydate = (Get-date -hour 0 -minute 0 -second 0 -day 1); $mydate = $mydate.addmonths(-$val1); };

if ($key1 -eq "day") { $mydate = $mydate.adddays(-$val1) };

if ($key1 -eq "date") { $mydate = (Get-date -hour 0 -minute 0 -second 0 -day $val1 -month $val2 -year $val3); }; # здесь реализуем возможность задания интервала

if ($val4 -eq $null) {$Events = Get-EventLog security -message "*Тип входа:?10*" -after ($mydate) | ?{$_.eventid -eq 4624 }} 
if ($val4 -ne $null) {$Events = Get-EventLog security -message "*Тип входа:?10*" -after ($mydate) -before (get-date -hour 0 -minute 0 -second 0 -day $val4 -month $val5 -year $val6) | ?{$_.eventid -eq 528 }}
$Data = New-Object System.Management.Automation.PSObject
$Data | Add-Member NoteProperty Time ($null)
$Data | Add-Member NoteProperty UserName ($null)
$Data | Add-Member NoteProperty Address ($null)

$Events | %{

$Data.time = $_.TimeGenerated

$message = $_.message.split("`n") | %{$_.trimstart()} | %{$_.trimend()}

$Data.UserName = ($message | ?{$_ -like "Пользователь:*"} | %{$_ -replace "^.+:."} ) 
$Data.Address = ($message | ?{$_ -like "Адрес сети источника:*"} | %{$_ -replace "^.+:."}) 

$textcolor = $host.ui.rawui.foregroundcolor

$host.ui.rawui.foregroundcolor = "red"

if ($data.address -like "192.168.222*") {$host.ui.rawui.foregroundcolor = "DarkGreen"}

$data

$host.ui.rawui.foregroundcolor = $textcolor

}

Which, when executed, should give something like this: 1c11e9027a494eeab720c97e584c45f6.JPG
But unfortunately this script was written under WinSrv 2003 and refuses to work on my machine, giving a lot of errors, I need to make it work in Win2008...

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
T
Typ6o_CycJIuk, 2015-09-13
@Typ6o_CycJIuk

At the moment, I have fixed errors in starting the script, but now it does not work correctly, displays the time but does not display two more data fields c9b34d93546c486eab00b563dda26907.jpg:

Similar questions
I
Ilya bow2017-01-09 17:55:24
Powershell command outputs multiple columns. How can I select (catch in a file) one of them? Is there a Powershell book for easier? 2Reply
I
ivanfrolp2019-06-04 16:43:17
Is it possible to organize the following functionality only by using the command line or powershell? 1Reply
T
TechNOIR2019-06-10 09:42:34
Powershell. How to correctly get Cyrillic in Invoke-RestMethod response? 2Reply
T
twid2017-01-25 18:08:47
How to copy a file from windows to ubuntu with a non-ssh script? 4Reply
T
TechNOIR2017-03-02 14:09:01
selenium. How to get a link (img src) to an image? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question