实际上我想在Master.bat文件中实现以下3项内容:
1. Collect and redirect all the entries of ‘Application’ event log to an output file.
2. Search for a specific error message “The system cannot find the file specified” in Application event log and append the whole error message line to a log file.
3. Send an Email notification to alert me about the error message found on daily basis.
Master.bat
wevtutil qe Application >D:\test\Applog.txt
findstr /i /c:"The system cannot find the file specified" "D:\test\Applog.txt" > "D:\test\errorlog.txt"
PowerShell.exe -file D:\test\Mail.ps1 %1 %2
Mail.ps1
if (Select-String -Path D:\test\Applog.txt -pattern "The system cannot find the file specified")
{
function sendMail{
Write-Host "Sending Email"
$smtpServer = "smtp.domain.com"
$msg = new-object Net.Mail.MailMessage
$smtp = new-object Net.Mail.SmtpClient($smtpServer)
$msg.From = "No-reply@domain.com"
$msg.To.Add("sunny@domain.com ")
$msg.subject = "Error found in log"
$msg.body = "please check there is a known error in Application log."
$smtp.Send($msg)
}
sendMail
}
else
{write-host "nothing to process"}
我面临的问题是,不幸的是,Applog.txt日志留下了大量数据需要查看,当我调度Master.bat时,我收到的错误消息的电子邮件通知已经发生了很多几天前,我不想要。我希望仅在今天的当前日期收到错误消息通知电子邮件。
有人可以帮帮我吗?
答案 0 :(得分:1)
通过转移到V3并使用Get-WinEvent在PowerShell脚本中执行整个任务,您可以简化这一过程,例如:
$date = (Get-Date).AddDays(-2)
$pattern = 'The system cannot find the file specified'
$events = Get-WinEvent -LogName Application |
Where {$_.TimeCreated -gt $date -and $_.Message -match $pattern} |
Out-String -Width 110
if ($events) {
Send-MailMessage -SmtpServer smtp.domain.com -From No-reply@bt.com -To sunny@domain.com -Subject 'Error found in log' -Body $events
}