Advertisement
opexxx

eventAudit.ps1

Nov 7th, 2018
404
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #################################################################################################
  2. # This Powershell script includes three options for EPS data collection:
  3. #
  4. # Option 1) Scan the event log(s) of the local Windows host to determine the Events Per Second
  5. #           (EPS) rate.
  6. # Option 2) Scan a list of IP addresses provided by the user. The remote systems Event Log(s) are
  7. #           scanned to determine the Events Per Second (EPS) rate of each host in the list.
  8. # Option 3) Scan the local domain where the script is run to determine the Events Per Second (EPS)
  9. #           rate of all Windows hosts within the domain.
  10. #
  11. # Note: PowerShell must be run as local admin & users must run Set-ExecutionPolicy RemoteSigned
  12. #       To use Option 3 for domain scans, Powershell domain cmdlets need to be installed.
  13. #
  14. # Pre-requisites: This script requires Powershell 3.0 or 4.0. Powershell is the property of
  15. #                Microsoft. For more information on Powershell or downloads, see the following
  16. #                website: https://technet.microsoft.com/en-us/scriptcenter/dd742419.aspx
  17. #
  18. #
  19. # Authors:  Jamie Wheaton // William Delong
  20. #
  21. #
  22. #################################################################################################
  23. #
  24. #
  25. #################################################################################################
  26. #Function will scan the Event Log(s) & determine the Events Per Second (EPS).
  27. #
  28. #@param $Agent          ->  The Computer / IP
  29. #@param $LogName        ->  The Event Log that will be evaluated (Security, Application, System)
  30. #@param $RemoteComputer ->  The value to tell if the computer is remote or local  
  31. #
  32. #################################################################################################
  33.  
  34. function Get-EventLogInfo { param($Agent, $LogName, $RemoteComputer, $OS)
  35.  
  36.     $LogInfo = @{}        
  37.  
  38.      try {    
  39.                          
  40.         # Just localhost
  41.         If (!$RemoteComputer) {        
  42.  
  43.             $TotalLogEvents = (Get-WinEvent -ListLog $LogName).RecordCount
  44.  
  45.             $LogSize = (Get-WinEvent -ListLog $LogName).FileSize / 1000000 # Set to MB
  46.            
  47.             $LogSize = [math]::Round(($LogSize), 1)
  48.      
  49.             $OldestEventTime = (Get-WinEvent $LogName -Oldest -maxevents 1).TimeCreated        
  50.  
  51.             $NewestEventTime = (Get-WinEvent $LogName -maxevents 1).TimeCreated
  52.        
  53.             $TotalTime = (Get-Date).Subtract($OldestEventTime).TotalSeconds
  54.  
  55.             $AvgEventsPerSecond = $TotalLogEvents / $TotalTime      
  56.        
  57.             $AvgEventsPerSecond = [math]::Round($AvgEventsPerSecond, 5)
  58.                                                  
  59.         }
  60.        
  61.         # Remote box
  62.         Else {
  63.  
  64.             if ($OS -like "*Server 2003*" -or $OS -like "*Windows XP*"){
  65.  
  66.                 Write-Host "$OS is an old Operating System, Collecting $LogName Event Log Information via WMI, this may take some time"
  67.  
  68.                 $wmi_eventlogsummary = Get-WmiObject -Class Win32_NTEventLogFile -computername $Agent -Credential $Global:Cred -filter "LogFileName = '$LogName'"
  69.                
  70.                 $TotalLogEvents = $wmi_eventlogsummary.NumberOfRecords
  71.  
  72.                 $LogSize = ($wmi_eventlogsummary.FileSize / 1MB)
  73.      
  74.                 $wmi_eventlogdata = Get-WMIobject -ComputerName $computer -Credential $cred -query "Select * from Win32_NTLogEvent Where Logfile = 'application'"
  75.  
  76.                 $getwmioldevent =  $wmi_eventlogdata| select -last 1
  77.  
  78.                 $getwminewest = $wmi_eventlogdata | select -first 1
  79.                
  80.                 $OldestEventTime = [management.managementDateTimeConverter]::ToDateTime($getwmioldevent.TimeGenerated)        
  81.  
  82.                 $NewestEventTime = [management.managementDateTimeConverter]::ToDateTime($getwminewest.TimeGenerated)
  83.  
  84.  
  85.                 }
  86.  
  87.             else {
  88.  
  89.             $TotalLogEvents = (Get-WinEvent -ListLog $LogName -ComputerName $Agent -Credential $Global:Cred).RecordCount
  90.  
  91.             $LogSize = ((Get-WinEvent -ListLog $LogName -ComputerName $Agent -Credential $Global:Cred).FileSize / 1MB) # Set to MB
  92.            
  93.             #$LogSize = [math]::Round(($LogSize), 1)
  94.      
  95.             if ($TotalLogEvents -eq 0) {
  96.            
  97.                 Write-Log $ERROR_LOG "There are 0 $LogName Events"
  98.              
  99.                    $OldestEventTime = 0
  100.                    $NewestEventTime = 0
  101.                    $TotalTime = 0
  102.                    $AvgEventsPerSecond = 0
  103.                    $AvgEventsPerSecond = 0
  104.  
  105.                 }
  106.  
  107.                 else {
  108.  
  109.                         $OldestEventTime = (Get-WinEvent $LogName -ComputerName $Agent -Credential $Global:Cred -Oldest -Maxevents 1).TimeCreated        
  110.    
  111.                         $NewestEventTime = (Get-WinEvent $LogName -ComputerName $Agent -Credential $Global:Cred -Maxevents 1).TimeCreated
  112.                                                
  113.                         $TotalTime = (Get-Date).Subtract($OldestEventTime).TotalSeconds
  114.                        
  115.                         $AvgEventsPerSecond = $TotalLogEvents / $TotalTime      
  116.        
  117.                         $AvgEventsPerSecond = [math]::Round($AvgEventsPerSecond, 5)
  118.                
  119.  
  120.                      }
  121.  
  122.             }
  123.  
  124.                              
  125.         }
  126.        
  127.        
  128.  
  129.         $LogInfo.Add("StartTime", $OldestEventTime)
  130.         $LogInfo.Add("EndTime", $NewestEventTime)
  131.  
  132.         $LogInfo.Add("LogSize", $LogSize)
  133.         #$LogInfo.Add("OSVersion", $OSVersion)
  134.  
  135.         $LogInfo.Add("TotalEvents", $TotalLogEvents)
  136.  
  137.         $LogInfo.Add("AverageEvents", $AvgEventsPerSecond)
  138.  
  139.         Return $LogInfo
  140.                                
  141.      }
  142.      
  143.      catch {
  144.  
  145.         Write-Log $ERROR_LOG "Unable to scan $Agent event logs"
  146.  
  147.         Write-Log $ERROR_LOG $Error[0]
  148.  
  149.         $ErrorLineNumber = $Error[0].InvocationInfo.scriptlinenumber
  150.  
  151.         Write-Log $ERROR_LOG "Caught on line number: $ErrorLineNumber"
  152.  
  153.         continue
  154.     }
  155. }
  156.  
  157.  
  158. #################################################################################################
  159. #Function will generate output info for the given log events per second
  160.  
  161. #@param $TotalLogEvents ->  The total # of events for the given log
  162.  
  163. #################################################################################################
  164.  
  165. function Get-ProfileSuggestion { param($AvgEventsPerSecond)
  166.  
  167.     try {
  168.  
  169.          #Profile sugestion
  170.          $LogStatsAndInfo = ""
  171.  
  172.  
  173.         If ($AvgEventsPerSecond -GE 0 -and $AvgEventsPerSecond -LE 100) {
  174.          
  175.             $LogStatsAndInfo += "MSRPC (0-100) EPS or WinCollect Default (Endpoint) (0-50) EPS`n"        
  176.          }
  177.          
  178.         # Above High Hate
  179.          If ($AvgEventsPerSecond -GT 625) {
  180.            
  181.             $LogStatsAndInfo += "Suggested Profile: High Event Rate Server (251-625) EPS"
  182.             #$LogStatsAndInfo += "NOTE: Log Event Rate Higher Then Profile Range`n"
  183.              
  184.          }
  185.          
  186.          #- High Event Rate Server 1250-1875 (416-625)
  187.          ElseIf  ($AvgEventsPerSecond -GE 250) {
  188.          
  189.             $LogStatsAndInfo += "High Event Rate Server (251-625) EPS"
  190.          }
  191.          
  192.          #- Typical Server 500-750 (166-250)
  193.          ElseIf  ($AvgEventsPerSecond -GE 50) {
  194.          
  195.             $LogStatsAndInfo += "Typical Server (51-250) EPS"
  196.          }
  197.          
  198.          #- Default (Endpoint) 100-150 (33-50)
  199.          ElseIf  ($AvgEventsPerSecond -GE 0) {
  200.  
  201.             $LogStatsAndInfo += "WinCollect Default (Endpoint) (0-50) EPS"
  202.          }
  203.          
  204.          # Negitive or unreadble and cant be determined
  205.          Else {
  206.          
  207.             Write-Log $ERROR_LOG "Unable to Suggest Profile"
  208.            
  209.             exit
  210.          }        
  211.  
  212.          
  213.          $LogStatsAndInfo
  214.  
  215.    
  216.     }
  217.  
  218.     catch {
  219.  
  220.         Write-Log $ERROR_LOG "Unable to get profile suggestion"
  221.  
  222.         Write-Log $ERROR_LOG $Error[0]
  223.  
  224.         $ErrorLineNumber = $Error[0].InvocationInfo.scriptlinenumber
  225.  
  226.         Write-Log $ERROR_LOG "Caught on line number: $ErrorLineNumber"
  227.  
  228.         exit
  229.     }
  230. }
  231.  
  232. #################################################################################################
  233. #Function will test connection
  234.  
  235. #@param $Cred     ->  The Event Log
  236. #@param $Computer ->  The avg events per second for the given log
  237.  
  238. #################################################################################################
  239.  
  240. function Test-HostConnection { param($Computer)    
  241.  
  242.     try {
  243.  
  244.         if ((Test-Connection -ComputerName $Computer -count 1 -quiet)) {
  245.  
  246.             return $true
  247.         }
  248.  
  249.         else {
  250.  
  251.  
  252.             Write-Log $ERROR_LOG "Unable to contact $Computer. Please verify its network connectivity and try again"
  253.  
  254.             $Global:ConnectionIssues = $Global:ConnectionIssues + 1
  255.  
  256.             return $false
  257.         }        
  258.     }
  259.  
  260.     catch {
  261.  
  262.         Write-Log $ERROR_LOG "Unable conect to Host"
  263.  
  264.         Write-Log $ERROR_LOG $Error[0]
  265.  
  266.         $ErrorLineNumber = $Error[0].InvocationInfo.scriptlinenumber
  267.  
  268.         Write-Log $ERROR_LOG "Caught on line number: $ErrorLineNumber"
  269.  
  270.         exit
  271.  
  272.     }
  273. }
  274.  
  275.  
  276. #################################################################################################
  277. #Function Create a log report for the each computer in the computer list
  278.  
  279. #@param $LogName            ->  The Event Log
  280. #@param $AvgEventsPerSecond ->  The avg events per second for the given log
  281. #@param $TotalLogEvents     ->  The total # of events for the given log
  282.  
  283. #################################################################################################
  284.  
  285. function Create-LogReport { param($Computerlist, $ComputerCount, $ComputerListType, $OS)    
  286.  
  287.     try {
  288.        
  289.         $Report = @{}
  290.         $ProgressCount = 0;        
  291.  
  292.         if ($ComputerListType -NE $LOCALHOST_OPT) {
  293.  
  294.             $Global:Cred = Get-Credential -Message "Enter an account which has access to the Windows Event Logs"
  295.         }
  296.  
  297.                                  
  298.         ForEach ($Computer in $Computerlist) {
  299.            
  300.             $ProgressCount = $ProgressCount + 1
  301.  
  302.             $RemoteComputer = $false
  303.  
  304.             if($ProgressCount -EQ 1) {
  305.                
  306.                 Write-Log $INFO_LOG "Calculating & Processing Log EPS For Computer List"
  307.             }
  308.  
  309.             if ($ComputerListType -NE $LOCALHOST_OPT) {
  310.  
  311.                 $RemoteComputer = $true
  312.            
  313.                 $Login = Test-HostConnection $Computer
  314.  
  315.                 if (!$Login) {
  316.                     continue                
  317.                 }
  318.             }
  319.            
  320.             # Get Server OS if not already gathered
  321.             if ($ComputerListType -eq $FILE_OPT) {
  322.                 Write-Log $INFO_LOG "Getting OS Information for $Computer"
  323.                 $OS = (Get-WmiObject Win32_OperatingSystem -computername $Computer -Credential $Global:Cred).Caption
  324.                 Write-Log $INFO_LOG "$OS"
  325.             }
  326.            
  327.             if ($ComputerListType -eq $LOCALHOST_OPT) {
  328.                 Write-Log $INFO_LOG "Getting OS Information for $Computer"
  329.                 $OS = (Get-WmiObject Win32_OperatingSystem).Caption
  330.                 Write-Log $INFO_LOG "$OS"
  331.             }
  332.            
  333.             if ($ComputerListType -eq $DOMAIN_OPT) {
  334.                 Write-Log $INFO_LOG "Getting OS Information for $Computer"
  335.                 #$OS = (Get-WmiObject Win32_OperatingSystem -computername $Computer -Credential $Global:Cred).Caption
  336.  
  337.                 $GetADComputerList = Get-ADComputer -Credential $Global:Cred -Filter {enabled -eq "true"} -Properties OperatingSystem | Select DNSHostname, OperatingSystem
  338.  
  339.                 #$GetADOS = Get-ADComputer -Credential $Global:Cred -Filter {enabled -eq "true"} -Properties OperatingSystem | Select
  340.                
  341.                 #$ComputerList = $GetADComputerList.DNSHostName
  342.  
  343.  
  344.                 $OS = ($GetADComputerList -match $Computer).OperatingSystem
  345.                 Write-Log $INFO_LOG "$OS"
  346.             }
  347.                                                                              
  348.            
  349.             # Retrieve the Application Event log info
  350.             $ApplicationInfo = Get-EventLogInfo $Computer Application $RemoteComputer $OS
  351.             $ApplicationEPS = $ApplicationInfo.AverageEvents
  352.             $ApplicationFirstEventTime = $ApplicationInfo.StartTime
  353.             $ApplicationLastEventTime = $ApplicationInfo.EndTime
  354.             $ApplicationTotalEvents = $ApplicationInfo.TotalEvents
  355.             $ApplicationEventLogSize = $ApplicationInfo.LogSize
  356.            
  357.  
  358.             # Retrieve the Security Event log info
  359.             $SecurityInfo = Get-EventLogInfo $Computer Security $RemoteComputer $OS
  360.             $SecurityEPS = $SecurityInfo.AverageEvents
  361.             $SecurityFirstEventTime = $SecurityInfo.StartTime
  362.             $SecurityLastEventTime = $SecurityInfo.EndTime
  363.             $SecurityTotalEvents = $SecurityInfo.TotalEvents
  364.             $SecurityEventLogSize = $SecurityInfo.LogSize
  365.            
  366.  
  367.             # Retrieve the System Event log info
  368.             $SystemInfo = Get-EventLogInfo $Computer System $RemoteComputer $OS
  369.             $SystemEPS = $SystemInfo.AverageEvents
  370.             $SystemFirstEventTime = $SystemInfo.StartTime
  371.             $SystemLastEventTime = $SystemInfo.EndTime
  372.             $SystemTotalEvents = $SystemInfo.TotalEvents
  373.             $SystemEventLogSize = $SystemInfo.LogSize
  374.  
  375.  
  376.             $TotalEPS = [math]::Round(($ApplicationEPS + $SecurityEPS + $SystemEPS), 5)
  377.             $ProfileSuggestion = Get-ProfileSuggestion $TotalEPS
  378.             #$ComputerOS = (Get-ADComputer -Filter *).OperatingSystem
  379.             $ComputerOS = "$OS"
  380.  
  381.  
  382.             $Box = @{"ProfileSuggestion" = $ProfileSuggestion; "TotalEPS" = $TotalEPS; "OSVersion" = $ComputerOS;
  383.                      "ApplicationEPS" = $ApplicationEPS; "ApplicationFirstEventTime" = $ApplicationFirstEventTime; "ApplicationLastEventTime" = $ApplicationLastEventTime; "ApplicationTotalEvents" = $ApplicationTotalEvents; "ApplicationEventLogSize" = $ApplicationEventLogSize;
  384.                      "SecurityEPS" = $SecurityEPS; "SecurityFirstEventTime" = $SecurityFirstEventTime; "SecurityLastEventTime" = $SecurityLastEventTime; "SecurityTotalEvents" = $SecurityTotalEvents; "SecurityEventLogSize" = $SecurityEventLogSize;
  385.                      "SystemEPS" = $SystemEPS; "SystemFirstEventTime" = $SystemFirstEventTime; "SystemLastEventTime" = $SystemLastEventTime; "SystemTotalEvents" = $SystemTotalEvents; "SystemEventLogSize" = $SystemEventLogSize;}
  386.            
  387.             $Report.Add($Computer, $Box)                          
  388.  
  389.             $PercentComplete = $ProgressCount / $ComputerCount * 100
  390.             $PercentComplete = [math]::Round($PercentComplete, 0)
  391.  
  392.             Write-Progress -Activity "Processing Computer List -  $PercentComplete% Complete" -status "Calculating EPS for Computer: $Computer" -percentComplete $PercentComplete
  393.         }
  394.  
  395.         Write-Log $INFO_LOG "Event Log ESP Report Calculations Complete"
  396.  
  397.         Return $Report
  398.      
  399.     }
  400.  
  401.     catch {
  402.  
  403.         Write-Log $ERROR_LOG "Unable to Create Log Report"
  404.  
  405.         Write-Log $ERROR_LOG $Error[0]
  406.  
  407.         $ErrorLineNumber = $Error[0].InvocationInfo.scriptlinenumber
  408.  
  409.         Write-Log $ERROR_LOG "Caught on line number: $ErrorLineNumber"
  410.  
  411.         exit
  412.     }
  413. }
  414.  
  415.  
  416. #################################################################################################
  417. #Function will generate output info for the given log. Avg, Suggested Profile, etc...
  418.  
  419. #@param $LogName            ->  The Event Log
  420. #@param $AvgEventsPerSecond ->  The avg events per second for the given log
  421. #@param $TotalLogEvents     ->  The total # of events for the given log
  422.  
  423. #################################################################################################
  424.  
  425. function Export-LogReport { param($Computerlist, $ComputerCount, $ComputerListType)    
  426.  
  427.     try {
  428.        
  429.         $Report = Create-LogReport $Computerlist $ComputerCount $ComputerListType
  430.  
  431.         $OutputTable = foreach ($box in $Report.GetEnumerator()) {
  432.  
  433.             New-Object PSObject -Property ([ordered]@{
  434.             "Server" = $box.Name; "OS Version" = $box.Value.OSVersion;
  435.             "Application (EPS)" = $box.Value.ApplicationEPS; "Application 1st Event" = $box.Value.ApplicationFirstEventTime; "Application last Event" = $box.Value.ApplicationLastEventTime; "Application total events" = $box.Value.ApplicationTotalEvents; "Application Log Size (MB)" = $box.Value.ApplicationEventLogSize;
  436.             "Security (EPS)" = $box.Value.SecurityEPS; "Security 1st Event" = $box.Value.SecurityFirstEventTime; "Security last Event" = $box.Value.SecurityLastEventTime; "Security total events" = $box.Value.SecurityTotalEvents; "Security Log Size (MB)" = $box.Value.SecurityEventLogSize;
  437.             "System (EPS)" = $box.Value.SystemEPS; "System 1st Event" = $box.Value.SystemFirstEventTime; "System last Event" = $box.Value.SystemLastEventTime; "System total events" = $box.Value.SystemTotalEvents; "System Log Size (MB)" = $box.Value.SystemEventLogSize;
  438.             "Total (EPS)" = $box.Value.TotalEPS; "Profile Suggestion (3 Sec Polling Interval)" = $box.Value.ProfileSuggestion;})
  439.  
  440.         }
  441.  
  442.  
  443.         Write-Log $INPUT_LOG "Select Event Log Export Location..."
  444.  
  445.         $ExportFolder = Select-ExportLocation "Event Log Summary Report Export Location" "Desktop"
  446.        
  447.         $ExportLocation = $ExportFolder + "\Event-Log-Summary-Report-" + $(get-date -f yyyyMMddhhmmss) + ".csv"            
  448.                
  449.         Write-Log $INFO_LOG "Exporting Log Events to: $ExportLocation"
  450.  
  451.         $OutputTable | Export-CSV $ExportLocation -NoTypeInformation -Force
  452.    
  453.     }
  454.  
  455.     catch {
  456.  
  457.         Write-Log $ERROR_LOG "Unable to Export Log Report"
  458.  
  459.         Write-Log $ERROR_LOG $Error[0]
  460.  
  461.         $ErrorLineNumber = $Error[0].InvocationInfo.scriptlinenumber
  462.  
  463.         Write-Log $ERROR_LOG "Caught on line number: $ErrorLineNumber"
  464.  
  465.         exit
  466.     }
  467. }
  468.  
  469.  
  470. #################################################################################################
  471. #Function will generate a Folder Select Dialog
  472.  
  473. #@param $Description ->  The Description of the Dialog
  474. #@param $RootFolder  ->  The location that the folder selection begins
  475.  
  476. #################################################################################################
  477.  
  478. function Get-FileName { param($RootFolder)
  479.    
  480.     try {
  481.    
  482.          $OpenFileDialog = New-Object System.Windows.Forms.OpenFileDialog
  483.          $OpenFileDialog.initialDirectory = $RootFolder
  484.          $OpenFileDialog.Title = "Select Computer List"
  485.          $OpenFileDialog.filter = "All files (*.*)| *.*"
  486.          $OpenFileDialog.ShowDialog() | Out-Null
  487.          $OpenFileDialog.filename
  488.    
  489.     }
  490.    
  491.     catch {
  492.      
  493.         Write-Log $ERROR_LOG "Unable to Select File"
  494.  
  495.         Write-Log $ERROR_LOG $Error[0]
  496.  
  497.         $ErrorLineNumber = $Error[0].InvocationInfo.scriptlinenumber
  498.  
  499.         Write-Log $ERROR_LOG "Caught on line number: $ErrorLineNumber"
  500.  
  501.         exit
  502.        
  503.      }
  504. }          
  505.        
  506.  
  507. #################################################################################################
  508. #Function will generate a Folder Select Dialog
  509.  
  510. #@param $Description ->  The Description of the Dialog
  511. #@param $RootFolder  ->  The location that the folder selection begins
  512.  
  513. #################################################################################################
  514.  
  515. function Select-ExportLocation { param($Description, $RootFolder)
  516.  
  517.      try {
  518.      
  519.         $objForm = New-Object System.Windows.Forms.FolderBrowserDialog
  520.         $objForm.Rootfolder = $RootFolder
  521.         $objForm.Description = $Description        
  522.         $Show = $objForm.ShowDialog()
  523.  
  524.         if ($Show -EQ "OK") {
  525.            
  526.             return $objForm.SelectedPath
  527.         }
  528.        
  529.         else {          
  530.            
  531.             Write-Log $ERROR_LOG "Operation cancelled by user"
  532.  
  533.             Write-Log $ERROR_LOG $Error[0]
  534.  
  535.             $ErrorLineNumber = $Error[0].InvocationInfo.scriptlinenumber
  536.  
  537.             Write-Log $ERROR_LOG "Caught on line number: $ErrorLineNumber"
  538.  
  539.             exit
  540.            
  541.         }
  542.  
  543.        
  544.      }
  545.      
  546.      catch {
  547.      
  548.         Write-Log $ERROR_LOG "Unable to Select Folder"
  549.  
  550.         Write-Log $ERROR_LOG $Error[0]
  551.  
  552.         $ErrorLineNumber = $Error[0].InvocationInfo.scriptlinenumber
  553.  
  554.         Write-Log $ERROR_LOG "Caught on line number: $ErrorLineNumber"
  555.  
  556.         exit
  557.        
  558.      }
  559. }
  560.  
  561.  
  562. #################################################################################################
  563. #Function will generate a Drop Down Menu based on the given Drop Down Options
  564.  
  565. #@param $DropDownOptions ->  The Event Log that will be evaluated (Security, Application, System)
  566. #@param $Title           ->  The Title of the Drop Down Menu
  567.  
  568. #################################################################################################
  569.  
  570. function Get-InputFromDropDown { param($DropDownOptions, $Title)
  571.  
  572.      try {
  573.      
  574.         function Return-DropDown {
  575.             $script:Choice = $DropDown.SelectedItem.ToString()
  576.             $Form.Close()
  577.         }
  578.  
  579.         $Form = New-Object System.Windows.Forms.Form
  580.  
  581.         $Form.width = 300
  582.         $Form.height = 150
  583.         $Form.Text =Select $Title
  584.  
  585.         $DropDown = new-object System.Windows.Forms.ComboBox
  586.         $DropDown.Location = new-object System.Drawing.Size(100,10)
  587.         $DropDown.Size = new-object System.Drawing.Size(130,30)
  588.  
  589.         ForEach ($Item in $DropDownOptions) {
  590.          [void] $DropDown.Items.Add($Item)
  591.         }
  592.  
  593.         $Form.Controls.Add($DropDown)
  594.  
  595.         $DropDownLabel = new-object System.Windows.Forms.Label
  596.         $DropDownLabel.Location = new-object System.Drawing.Size(10,10)
  597.         $DropDownLabel.size = new-object System.Drawing.Size(100,20)
  598.         $DropDownLabel.Text = "Options:"
  599.         $Form.Controls.Add($DropDownLabel)
  600.  
  601.         $Button = new-object System.Windows.Forms.Button
  602.         $Button.Location = new-object System.Drawing.Size(100,50)
  603.         $Button.Size = new-object System.Drawing.Size(100,20)
  604.         $Button.Text = "Submit"
  605.         $Button.Add_Click({Return-DropDown})
  606.         $form.Controls.Add($Button)
  607.  
  608.         $DropDown.SelectedIndex =  0
  609.        
  610.         $Form.Add_Shown({$Form.Activate()})
  611.         [void] $Form.ShowDialog()
  612.  
  613.         $Choice
  614.      }
  615.      
  616.     catch {
  617.  
  618.         Write-Log $ERROR_LOG "Unable to generate input drop down"
  619.  
  620.         Write-Log $ERROR_LOG $Error[0]
  621.  
  622.         $ErrorLineNumber = $Error[0].InvocationInfo.scriptlinenumber
  623.  
  624.         Write-Log $ERROR_LOG "Caught on line number: $ErrorLineNumber"
  625.  
  626.         exit
  627.  
  628.     }
  629. }
  630.  
  631.  
  632. #########################################################################################
  633. #Function will get the list of computers based on the users selected list type
  634.  
  635. #@param $ComputerListType   -> The type of computer list  
  636.  
  637. #########################################################################################
  638.  
  639. function Get-ComputerList { param($ComputerListType)
  640.  
  641.  
  642.     try {
  643.  
  644.         $ComputerList = @{};
  645.  
  646.         switch($ComputerListType) {
  647.  
  648.             $DOMAIN_OPT {
  649.            
  650.                 $GetADComputerList = Get-ADComputer -Credential $Global:Cred -Filter {enabled -eq "true"} -Properties OperatingSystem | Select DNSHostname, OperatingSystem
  651.                
  652.                 $ComputerList = $GetADComputerList.DNSHostName
  653.  
  654.                 break
  655.                
  656.             }
  657.          
  658.             $FILE_OPT {
  659.                
  660.                 $ComputerList = Get-FileName "Desktop"
  661.                 $ComputerList = Get-Content $ComputerList
  662.  
  663.                 break
  664.             }
  665.  
  666.             $LOCALHOST_OPT {
  667.                
  668.                 $ComputerList = "localhost"
  669.  
  670.                 break
  671.             }
  672.         }
  673.  
  674.         Return $ComputerList
  675.  
  676.     }
  677.  
  678.     catch {
  679.    
  680.         Write-Log $ERROR_LOG "Unable to determine computer list"
  681.  
  682.         Write-Log $ERROR_LOG $Error[0]
  683.  
  684.         $ErrorLineNumber = $Error[0].InvocationInfo.scriptlinenumber
  685.  
  686.         Write-Log $ERROR_LOG "Caught on line number: $ErrorLineNumber"
  687.  
  688.         exit
  689.  
  690.     }
  691. }
  692.  
  693.  
  694.  
  695. #########################################################################################
  696. #Function will log messages throughout the script execution
  697.  
  698. #@param $severity   -> How severe of the input message to log  
  699. #@param $logMessage -> The message that will be logged cast to a string
  700.  
  701. #########################################################################################
  702.  
  703. function Write-Log { param($severity, [string]$logMessage)
  704.    
  705.     try {
  706.        
  707.         if ($logMessage.length -GT 200) {
  708.             $logMessage = $logMessage.Substring(0,200) + "..."
  709.  
  710.         }
  711.  
  712.         $output = $logMessage + "`n"
  713.  
  714.         switch($Severity) {
  715.        
  716.             $INFO_LOG {Write-Host $output -Fore Green; break}
  717.            
  718.             $INPUT_LOG {Write-Host $output -Fore Cyan; break}
  719.  
  720.             $WARN_LOG {Write-Host $output -Fore Cyan; break}
  721.  
  722.             $ERROR_LOG {Write-Host $output -Fore Red; break}
  723.  
  724.             Default {Write-Host "Unable to log based on sererity: $Severity" -Fore Cyan; break}
  725.         }
  726.  
  727.     }
  728.  
  729.     catch {
  730.        
  731.         Write-Host "Unable to log`n" -Fore Red
  732.  
  733.         Write-Host $Error[0] -Fore Red
  734.  
  735.         $ErrorLineNumber = $Error[0].InvocationInfo.scriptlinenumber
  736.  
  737.         Write-Host "Caught on line number: $ErrorLineNumber" -Fore Red
  738.  
  739.         exit
  740.  
  741.     }
  742. }
  743.  
  744.  
  745. # Imports the forms
  746. [System.Reflection.Assembly]::LoadWithPartialName("System.windows.forms") | Out-Null
  747.  
  748. #Set severities
  749. $INFO_LOG = "Info"
  750. $INPUT_LOG = "Input"
  751. $WARN_LOG = "Warn"
  752. $ERROR_LOG = "Error"
  753.  
  754. #Set Computer List Options
  755. #$hostdomain = (Get-ADDomain).DNSRoot
  756. $FILE_OPT = "IP List"
  757. $DOMAIN_OPT = "Domain"
  758. $LOCALHOST_OPT = "Local Host"
  759.  
  760.  
  761. Write-Log $INFO_LOG "Starting Script"
  762.  
  763. # Drop Down Options
  764. [array]$ComputerListTypeOptions = $FILE_OPT, $LOCALHOST_OPT, $DOMAIN_OPT
  765.  
  766.  
  767. #Set the function variables
  768. $ComputerListType  = Get-InputFromDropDown $ComputerListTypeOptions "IP List Type"
  769.  
  770.  
  771. #Set the function variables
  772. Write-Log $INPUT_LOG "Select Computer List..."
  773.  
  774. $ComputerList = Get-ComputerList $ComputerListType
  775. $ComputerCount = $ComputerList.Count
  776. $Global:Cred = $Null
  777. $Global:ConnectionIssues = 0
  778.  
  779. #Set all errors to terminating
  780. $ErrorActionPreference = "Stop"
  781.  
  782. Write-Log $INFO_LOG "Selected: $ComputerListType ($ComputerCount Computer(s) Found)"
  783.  
  784. #Call function
  785. $Time = Measure-Command -Expression {
  786.     $LogReport = Export-LogReport $Computerlist $ComputerCount $ComputerListType
  787. }
  788.  
  789. $Time = [math]::Round($Time.TotalMinutes, 1)
  790.  
  791. Write-Log $INFO_LOG "Event Log Report Successfully Calculated & Exported - $ComputerCount Computers - $Time Minutes - $Global:ConnectionIssues Connection Issue(s)"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement