Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
T
T
Typ6o_CycJIuk2015-09-13 15:36:17
PowerShell
Typ6o_CycJIuk, 2015-09-13 15:36:17

How to make PowerShell script work in WinSrv 2008?

Good day friends! There is a task to carry out audit of an input/exit of users on the server. After searching the open spaces, I realized that it is better to implement this with a Powershell script. There is an "almost" finished script:

param ($key1,$val1,$val2,$val3,$val4,$val5,$val6)
if ($val1 -eq $null) {$val1=0};
$mydate = Get-date -hour 0 -minute 0 -second 0;
if ($key1 -eq "year") { $mydate = (Get-date -hour 0 -minute 0 -second 0 -day 1 -month 1); $mydate = $mydate.addyears(-$val1); };
if ($key1 -eq "month") { $mydate = (Get-date -hour 0 -minute 0 -second 0 -day 1); $mydate = $mydate.addmonths(-$val1); };

if ($key1 -eq "day") { $mydate = $mydate.adddays(-$val1) };

if ($key1 -eq "date") { $mydate = (Get-date -hour 0 -minute 0 -second 0 -day $val1 -month $val2 -year $val3); }; # здесь реализуем возможность задания интервала

if ($val4 -eq $null) {$Events = Get-EventLog security -message "*Тип входа:?10*" -after ($mydate) | ?{$_.eventid -eq 4624 }} 
if ($val4 -ne $null) {$Events = Get-EventLog security -message "*Тип входа:?10*" -after ($mydate) -before (get-date -hour 0 -minute 0 -second 0 -day $val4 -month $val5 -year $val6) | ?{$_.eventid -eq 528 }}
$Data = New-Object System.Management.Automation.PSObject
$Data | Add-Member NoteProperty Time ($null)
$Data | Add-Member NoteProperty UserName ($null)
$Data | Add-Member NoteProperty Address ($null)

$Events | %{

$Data.time = $_.TimeGenerated

$message = $_.message.split("`n") | %{$_.trimstart()} | %{$_.trimend()}

$Data.UserName = ($message | ?{$_ -like "Пользователь:*"} | %{$_ -replace "^.+:."} ) 
$Data.Address = ($message | ?{$_ -like "Адрес сети источника:*"} | %{$_ -replace "^.+:."}) 

$textcolor = $host.ui.rawui.foregroundcolor

$host.ui.rawui.foregroundcolor = "red"

if ($data.address -like "192.168.222*") {$host.ui.rawui.foregroundcolor = "DarkGreen"}

$data

$host.ui.rawui.foregroundcolor = $textcolor

}

Which, when executed, should give something like this: 1c11e9027a494eeab720c97e584c45f6.JPG
But unfortunately this script was written under WinSrv 2003 and refuses to work on my machine, giving a lot of errors, I need to make it work in Win2008...

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
T
Typ6o_CycJIuk, 2015-09-13
@Typ6o_CycJIuk

At the moment, I have fixed errors in starting the script, but now it does not work correctly, displays the time but does not display two more data fields c9b34d93546c486eab00b563dda26907.jpg:

Similar questions
B
Bannana_fish2022-04-14 17:08:31
How to set up sending command output to Telegram? 4Reply
S
StenMarsh13372020-11-27 15:59:00
Pull string with PowerShell? 3Reply
N
numb72014-10-06 10:39:04
Where can I find a good book on command line or powershell? 3Reply
C
chief2020-12-02 13:15:19
How to force PC to update group policies via AD? 5Reply
A
Alexander Kovalevich2016-10-24 16:51:39
Forward port range through NAT in windowsserver 20012r2 using powershell? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question