这是一个初步的脚本,它有点难看,需要一些工作(特别是pop3日志),但我会定期使用它来让我的生活更轻松。它打算在Powershell ISE中使用,所以我在底部包含了Easy Rerun部分。如果您觉得有用,请随时提供建议,修复和清理。
确保更新MailServerName和日志文件夹以匹配您的环境。
# == Begin by setting these ==
$SearchFilter = "sonic.net"
$StartDate = (Get-Date).AddDays(-1) #(Get-Date 10/01/2012)
$EndDate = (Get-Date).AddDays(-0) #(Get-Date 11/01/2012)
$mailserver = "MailServerName"
$OutputFolder = "$env:userprofile\Desktop\ExchangeLogs\"
$IISLogsFolder = "\\$mailserver\c$\inetpub\logs\LogFiles\W3SVC1"
$POP3LogsFolder = "\\$mailserver\c$\Program Files\Microsoft\Exchange Server\V14\Logging\POP3" # Untested
$SMTPLogsFolder = "\\$mailserver\c$\Program Files\Microsoft\Exchange Server\V14\TransportRoles\Logs\MessageTracking"
$POP3OutFile = "$OutputFolder\ExchangePOP3Logs.csv"
$IISOutFile = "$OutputFolder\ExchangeIISLogs (owa, exchange, and activesync).csv"
$SMTPOutFile = "$OutputFolder\ExchangeSMTPLogs.csv"
# == Initialization ==
function Check-IISLogs {
$IISFiles = Get-ChildItem $IISLogsFolder *.log|Where-Object {($_.CreationTime -gt $StartDate) -and ($_.CreationTime -lt $EndDate)}
$IISHeader = ($IISFiles|Select-Object -First 1|Get-Content|select-string "#fields"|Select-Object -First 1).ToString().Substring(9).split(" ")
$IISLogs = $IISFiles|Get-Content|Select-String $SearchFilter # might be able to do RegEx search (untested)
$IISLogsCsv = $IISLogs|ConvertFrom-Csv -Delimiter " " -header $IISHeader
$IISLogsCSV|Export-Csv -Path "$IISOutFile"
#start excel "$IISOutFile"
}
function Check-Pop3Logs { # !!!UNTESTED!!!
$POP3Files = Get-ChildItem $POP3LogsFolder *.log|Where-Object {($_.CreationTime -gt $StartDate) -and ($_.CreationTime -lt $EndDate)}
$POP3Header = ($POP3Files|Select-Object -First 1|Get-Content|select-string "#fields"|Select-Object -First 1).ToString().Substring(9).split(" ") #ToDo: update select-string, substring, and split([delimiter])
$POP3Logs = $POP3Files|Get-Content|Select-String $SearchFilter # might be able to do RegEx search (untested)
$POP3LogsCsv = $POP3Logs|ConvertFrom-Csv -Delimiter " " -header $POP3Header #ToDo: update Delimiter
$POP3LogsCSV|Export-Csv -Path "$POP3OutFile"
#start excel "$POP3OutFile"
}
function Check-SMTPLogs {
$SMTPFiles = Get-ChildItem $SMTPLogsFolder *.log|Where-Object {($_.CreationTime -gt $StartDate) -and ($_.CreationTime -lt $EndDate)}
$SMTPHeader = ($SMTPFiles|Select-Object -First 1|Get-Content|select-string "#fields"|Select-Object -First 1).ToString().Substring(9).split(",")
$SMTPLogs = $SMTPFiles|Get-Content|Select-String $SearchFilter # might be able to do RegEx search (untested
$SMTPLogsCsv = $SMTPLogs|ConvertFrom-Csv -Delimiter "," -header $SMTPHeader
$SMTPLogsCSV|Export-Csv -Path "$SMTPOutFile"
#start excel "$SMTPOutFile"
}
# == Run ==
Check-IISLogs
#Check-Pop3Logs # doesn't work yet
Check-SMTPLogs
New-Item -Type Directory $OutputFolder -ErrorAction silentlycontinue
start $OutputFolder
<# -- Easy rerun
$SearchFilter = "username"
#$StartDate = (Get-Date).AddDays(-1) #(Get-Date 10/01/2012)
#$EndDate = (Get-Date).AddDays(-0) #(Get-Date 11/01/2012)
Check-IISLogs
#Check-Pop3Logs # doesn't work yet
Check-SMTPLogs
start $OutputFolder
#>