我正在PowerShell中编写一个脚本,以便在我们的Windows Server环境中自动执行安全基线扫描,并将其输出到我们的票务系统(ServiceNow)所需的特定格式的文本文件中。我几乎完美了,但是当我输出PSObject的NoteProperty的值时,它在我需要的数据之间输入一个冒号。我不想从文本文件中删除冒号,因为在其他地方使用了格式化所必需的时间戳和冒号。是否可以从NoteProperty的文本输出中删除冒号?
以下是我写的脚本:
$OutputFile = "C:\Temp\outputfile.txt"
Remove-Item -Path $OutputFile -Force
$ServerList = Get-Content "C:\Temp\test.txt"
$ScriptName = $MyInvocation.MyCommand.Name
$Date = Get-Date
$Preamble = @"
---
Generated: $Date
Script: $ScriptName
---
Systems in scope
----------------
$($ServerList | Out-String)
Reports per server
------------------
"@ | Out-File $OutputFile
foreach ($Server in $ServerList)
{
$reg1 = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey("LocalMachine", $Server)
$key1 = "SYSTEM\CurrentControlSet\services\eventlog"
$key2 = "SYSTEM\CurrentControlSet\services\SamSs"
$key3 = "SYSTEM\CurrentControlSet\services\MpsSvc"
$key4 = "SYSTEM\CurrentControlSet\services\W32Time"
$key5 = "Software\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole"
$key6 = "System\CurrentControlSet\Control\Lsa\MSV1_0"
$key7 = "Software\Microsoft\Windows NT\CurrentVersion\Winlogon"
$key8 = "Software\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole"
$key9 = "System\CurrentControlSet\Control\Lsa"
$key10 = "Software\Microsoft\Windows\CurrentVersion\Policies\System"
$regkey1 = $reg1.opensubkey($key1)
$regkey2 = $reg1.opensubkey($key2)
$regkey3 = $reg1.opensubkey($key3)
$regkey4 = $reg1.opensubkey($key4)
$regkey5 = $reg1.opensubkey($key5)
$regkey6 = $reg1.opensubkey($key6)
$regkey7 = $reg1.opensubkey($key7)
$regkey8 = $reg1.opensubkey($key8)
$regkey9 = $reg1.opensubkey($key9)
$regkey10 = $reg1.opensubkey($key10)
$keyValue1 = $regKey1.GetValue('Start')
$keyValue2 = $regKey2.GetValue('Start')
$keyValue3 = $regKey3.GetValue('Start')
$keyValue4 = $regKey4.GetValue('Start')
$keyValue5 = $regKey5.GetValue('setcommand')
$keyValue6 = $regKey6.GetValue('allownullsessionfallback')
$keyValue7 = $regKey7.GetValue('AllocateDASD')
$keyValue8 = $regKey8.GetValue('securitylevel')
$keyValue9 = $regKey9.GetValue('TurnOffAnonymousBlock')
$keyValue10 = $regKey10.GetValue('DontDisplayLockedUserId')
if ($keyvalue1 -ne 2) {$keyvalue1 = "NOK"} else {$keyvalue1 = "OK"}
Write-Output "Server Name : $Server" | Out-File $OutputFile -Append
Write-Output "Date Generated : $Date" | Out-File $OutputFile -Append
$TXT = New-Object PSObject
$TXT | Add-Member NoteProperty "5.1 - Set Windows Event Log to 'Automatic'" "$keyvalue1"
$TXT | Add-Member NoteProperty "5.2 - Set Security Accounts Manager to 'Automatic'" $keyvalue2
$TXT | Add-Member NoteProperty "5.3 - Set Windows Firewall to 'Disabled'" $keyvalue3
$TXT | Add-Member NoteProperty "5.4 - Set Windows time to Automatic" $keyvalue4
$TXT | Add-Member NoteProperty "6.1 - Set 'Recovery Console: Allow Floppy Copy and Access to All Drivers and All Folders' to 'Disabled'" $keyvalue5
$TXT | Add-Member NoteProperty "6.2 - Set 'Network Security: Allow LocalSystem NULL Session Fallback' to 'Disabled'" $keyvalue6
$TXT | Add-Member NoteProperty "6.3 - Set 'Devices: Allowed to Format and Eject Removable Media' to 'Administrators'" $keyvalue7
$TXT | Add-Member NoteProperty "6.4 - Set 'Recovery Console: Allow Automatic Administrative Logon' to 'Disabled'" $keyvalue8
$TXT | Add-Member NoteProperty "6.5 - Set 'Network Access: Allow Anonymous SID/Name Translation' to 'Disabled'" $keyvalue9
$TXT | Add-Member NoteProperty "6.6 - Configure 'Interactive Logon: Display User Information When the Session is Locked'" $keyvalue10
$TXT | Out-File $OutputFile -Append
}
然后创建以下文本文件输出:
--- Generated: 10/04/2016 11:16:09 Script: Baseline Check - Notepad Version.ps1 --- Systems in scope ---------------- TestServer Reports per server ------------------ Server Name : TestServer Date Generated : 10/04/2016 11:16:09 5.1 - Set Windows Event Log to 'Automatic' : OK 5.2 - Set Security Accounts Manager to 'Automatic' : 2 5.3 - Set Windows Firewall to 'Disabled' : 2 5.4 - Set Windows time to Automatic : 3 6.1 - Set 'Recovery Console: Allow Floppy Copy and Access to All Drivers and All Folders' to 'Disabled' : 0 6.2 - Set 'Network Security: Allow LocalSystem NULL Session Fallback' to 'Disabled' : 6.3 - Set 'Devices: Allowed to Format and Eject Removable Media' to 'Administrators' : 6.4 - Set 'Recovery Console: Allow Automatic Administrative Logon' to 'Disabled' : 0 6.5 - Set 'Network Access: Allow Anonymous SID/Name Translation' to 'Disabled' : 6.6 - Configure 'Interactive Logon: Display User Information When the Session is Locked' :
我只需要注册表检查和状态(OK)之间的冒号即可。该脚本尚未完成,因为在我完成时,所有值都将读取OK或NOK。只是想在继续之前解决这个问题。
答案 0 :(得分:0)
插入冒号是因为您创建了一个具有4个以上属性的对象并输出该对象。 PowerShell会自动以列表格式显示此内容(就像您$TXT | Format-List一样)。
如果您只想将格式化文本附加到文件中,请不要打扰创建对象。请改用:
@"
5.1 - Set Windows Event Log to 'Automatic' $keyvalue1
5.2 - Set Security Accounts Manager to 'Automatic' $keyvalue2
5.3 - Set Windows Firewall to 'Disabled' $keyvalue3
5.4 - Set Windows time to Automatic $keyvalue4
6.1 - Set 'Recovery Console: Allow Floppy Copy and Access to All Drivers and All Folders' to 'Disabled' $keyvalue5
6.2 - Set 'Network Security: Allow LocalSystem NULL Session Fallback' to 'Disabled' $keyvalue6
6.3 - Set 'Devices: Allowed to Format and Eject Removable Media' to 'Administrators' $keyvalue7
6.4 - Set 'Recovery Console: Allow Automatic Administrative Logon' to 'Disabled' $keyvalue8
6.5 - Set 'Network Access: Allow Anonymous SID/Name Translation' to 'Disabled' $keyvalue9
6.6 - Configure 'Interactive Logon: Display User Information When the Session is Locked' $keyvalue10
"@ | Out-File $OutputFile -Append
如果您需要对输出格式进行更细粒度的控制,请考虑使用format operator(-f)。