我正在搜索特定事件的计算机事件日志列表。此列表是7,000多个系统。我很想拥有这个利用运行空间。我有以下代码,但它不起作用。看起来返回为null,当然会导致CSV导出失败。
有什么建议吗?
谢谢!
# Max Runspaces
$Throttle = 5 #threads
# What is the total number of events to pull?
$eventMax = 10
# Which event log do we want to pull from?
$eventLog = "System"
$eventEntryID = "7023"
$eventMessage = "The Windows Modules Installer service terminated with the following error:
The configuration registry database is corrupt."
# What is our source file, the one with ll the file names.
$computers = Get-Content "c:\temp\Louis\hostsins.txt"
# What is our CSV file
$outFile = "c:\temp\Louis\SearchEventLogResultsINS.csv"
$ScriptBlock = {
Param (
[string]$sComputer
)
$RunResult = Get-WinEvent -Oldest -ComputerName $sComputer -FilterHashtable @{LogName = $eventLog; ID = $eventEntryID;} |
where{$_.Message -eq $eventMessage} |
Select machinename, TimeCreated, ID, LevelDisplayname, Message
write-host $RunResult
Return $RunResult
}
$RunspacePool = [RunspaceFactory]::CreateRunspacePool(1, $Throttle)
$RunspacePool.Open()
$Jobs = @()
$computers | % {
write-host $_
$Job = [powershell]::Create().AddScript($ScriptBlock).AddArgument($_)
$Job.RunspacePool = $RunspacePool
$Jobs += New-Object PSObject -Property @{
RunNum = $_
Pipe = $Job
Result = $Job.BeginInvoke()
}
}
Write-Host "Running.." -NoNewline
Do {
Write-Host "." -NoNewline
Start-Sleep -Seconds 1
} While ( $Jobs.Result.IsCompleted -contains $false)
Write-Host "All jobs completed!"
$Results = @()
ForEach ($Job in $Jobs){
$Results += $Job.Pipe.EndInvoke($Job.Result)
}
$Results | Export-Csv $outFile
答案 0 :(得分:1)
看起来您在运行空间之外声明变量并尝试在运行空间中使用它们。
我看到你用.addargument($ _)传入每台计算机。没什么别的。 Runspaces非常适合速度,但由于这样的问题而不太方便。
如需更多阅读,请查看Dave Wyatt's post,其中包含其他参考资料。请务必翻阅initialsessionstate,runspacefactory,runspacepool和powershell上的MSDN文档,并在提示符下探索和试验各种属性和方法。
我尝试重新编写代码,但尚未对其进行测试,但这应该为您解释一个解决方法:
# Max Runspaces
$Throttle = 5 #threads
#Throw the stuff you want to pass in into a hashtable or whatever vehicle meets your needs
$params = @{
eventMax = 10
eventLog = "System"
eventEntryID = "7023"
eventmessage = "The Windows Modules Installer service terminated with the following error:
The configuration registry database is corrupt."
computer = $_
}
# What is our source file, the one with ll the file names.
$computers = Get-Content "c:\temp\Louis\hostsins.txt"
# What is our CSV file
$outFile = "c:\temp\Louis\SearchEventLogResultsINS.csv"
$ScriptBlock = {
Param (
[System.Collections.Hashtable]$hash
)
$RunResult = Get-WinEvent -Oldest -ComputerName $hash.computer -FilterHashtable @{LogName = $hash.eventLog; ID = $hash.eventEntryID;} |
where{$_.Message -eq $hash.eventMessage} |
Select machinename, TimeCreated, ID, LevelDisplayname, Message
write-host $RunResult
Return $RunResult
}
$RunspacePool = [RunspaceFactory]::CreateRunspacePool(1, $Throttle)
$RunspacePool.Open()
$Jobs = @()
$computers | % {
$params = @{
eventLog = "System"
eventEntryID = "7023"
eventmessage = "The Windows Modules Installer service terminated with the following error:
The configuration registry database is corrupt."
computer = $_
}
write-host $_
$Job = [powershell]::Create().AddScript($ScriptBlock).AddArgument($params)
$Job.RunspacePool = $RunspacePool
$Jobs += New-Object PSObject -Property @{
RunNum = $_
Pipe = $Job
Result = $Job.BeginInvoke()
}
}
Write-Host "Running.." -NoNewline
Do {
Write-Host "." -NoNewline
Start-Sleep -Seconds 1
} While ( $Jobs.Result.IsCompleted -contains $false)
Write-Host "All jobs completed!"
$Results = @()
ForEach ($Job in $Jobs){
$Results += $Job.Pipe.EndInvoke($Job.Result)
}
$Results | Export-Csv $outFile
干杯!