Client doesn't want to upgrade, because they don't want anything to
break.
The code that I need to work on their machine is below. Right now
this script will not work because it's made to work for PowerShell 3.0 and above
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12; (new-object Net.WebClient).DownloadString("https://api.agent.alienvault.cloud/osquery-api/us-east-1/bootstrap?flavor=powershell") | iex; install_agent -controlnodeid <Agent ID>
How can this be rewritten to accomplish the same thing?
Now if you know of a simpler way to work around this issue, that will help greatly.
new-module -name install_agent -scriptblock {
function AgentDoStart() {
$kServiceName = "osqueryd"
$osquerydService = Get-WmiObject -Class Win32_Service -Filter "Name='$kServiceName'"
if ($osquerydService) {
Start-Service $kServiceName
Write-Host "'$kServiceName' system service is started." -foregroundcolor Cyan
return 1
} else {
Write-Host "'$kServiceName' is not an installed system service." -foregroundcolor Yellow
return 0
}
}
function AgentDoStop() {
$kServiceName = "osqueryd"
$osquerydService = Get-WmiObject -Class Win32_Service -Filter "Name='$kServiceName'"
if ($osquerydService) {
Stop-Service $kServiceName
Start-Sleep -s 1
$proc = Get-Process osqueryd -ErrorAction SilentlyContinue
if ($proc) {
Write-Host "osqueryd still running, killing processes"
Stop-Process -Force -Name osqueryd
}
Write-Host "'$kServiceName' system service is stopped." -foregroundcolor Cyan
return 1
} else {
Write-Host "'$kServiceName' is not an installed system service." -foregroundcolor Yellow
return 0
}
}
Function Install-Project() {
param(
[string]$apikey="",
[string]$controlnodeid="",
[string]$hostid="",
[string]$assetid=""
)
Install-Project-Internal -apikey $apikey -controlnodeid $controlnodeid -hostid $hostid -assetid $assetid
Write-Host "See install.log for details" -ForegroundColor Cyan
}
Function Download-And-Install-Sysmon() {
#===================================================
#1. Download Sysmon
#===================================================
$source = "https://download.sysinternals.com/files/Sysmon.zip"
Write-Host "Downloading Sysmon from $source" -ForegroundColor Cyan
$file = "$($env:TEMP)\Sysmon.zip"
Invoke-WebRequest $source -OutFile $file
#===================================================
#2. Clean & Prepare Sysmon installation target
#===================================================
$targetondisk = "$($env:USERPROFILE)\Documents\Sysmon\"
Write-Host "Preparing Sysmon target path $($targetondisk)" -ForegroundColor Cyan
Remove-Item $targetondisk -Recurse -ErrorAction Ignore
# Suppress output, but not errors:
[void](New-Item -ItemType Directory -Force -Path $targetondisk)
If (-Not (Test-Path -Path $targetondisk)) {
Write-Error "Skipping Sysmon... Destination path $($targetondisk) does not exist."
} Else {
#===================================================
#3. Unzip Sysmon
#===================================================
Unblock-File -Path $file
Write-Host "Uncompressing the Zip file to $($targetondisk)" -ForegroundColor Cyan
$FoundExtractionAssembly = 0
try {
# Load preferred extraction method's assembly (.NET 4.5 or later)
# Write-Host "Using preferred extraction method..."
Add-Type -As System.IO.Compression.FileSystem -ErrorAction Stop
$FoundExtractionAssembly = 1
}
catch [System.Exception] {
# Write-Host "Preferred extraction method not found. Attempting fall-back method..."
}
If ($FoundExtractionAssembly) {
[IO.Compression.ZipFile]::ExtractToDirectory($file, $targetondisk)
} Else {
# Fall-back method, may fail in sessions lacking access to interactive shell
$continue_flag = 1
try {
$shell_app = New-Object -COMObject "Shell.Application"
} catch {
Write-Error "Could not create Shell.Application object"
$continue_flag = 0
}
if ($continue_flag) {
$zip_file = $shell_app.namespace($file)
$destination = $shell_app.namespace($targetondisk)
if ($destination -ne $null) {
$destination.Copyhere($zip_file.items(), 0x10)
}
}
}
}
#===================================================
#3. Download Sysmon Config File
#===================================================
$source = "https://www.alienvault.com/documentation/resources/downloads/sysmon_config_schema4_0.xml"
Write-Host "Downloading Sysmon config file from $source" -ForegroundColor Cyan
$destination = [System.IO.Path]::GetTempFileName()
Invoke-WebRequest $source -OutFile $destination
#===================================================
#3. Install Sysmon
#===================================================
Write-Host "Installing Sysmon from $source" -ForegroundColor Cyan
If ( (get-childitem $destination).length -eq 0 ) {
$command = "& '$targetondisk\sysmon' -accepteula -h md5 -n -l -i"
Write-Host "Not using an additional Sysmon configuration file" -ForegroundColor Cyan
}
Else {
$command = "& '$targetondisk\sysmon' -accepteula -h md5 -n -l -i '$destination'"
Write-Host "Sysmon configuration file to use $destination" -ForegroundColor Cyan
}
Write-Host "Installing Sysmon with command $command" -ForegroundColor Cyan
iex $command
}
Function Install-Project-Internal() {
param(
[string]$apikey="",
[string]$controlnodeid="",
[string]$hostid="",
[string]$assetid=""
)
If (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) {
Write-Error "You do not have Administrator rights to run this script!`nPlease re-run this script as an Administrator!"
Return
}
If ($PSVersionTable.PSVersion.Major -lt 3) {
Write-Error "This script must be run using Powershell version 3 or higher. You have version $PSVersionTable.PSVersion.Major installed"
Return
}
$kServiceName = "osqueryd"
$BASE = "$($env:SYSTEMDRIVE)\Program Files\osquery"
$OLDBASE = "$($env:SYSTEMDRIVE)\ProgramData\osquery"
$secretfile = $(Join-Path $BASE "secret")
$flagfile = $(Join-Path $BASE "osquery.flags")
if ([string]::IsNullOrEmpty($hostid)) {
$hostid = $assetid
}
if ([string]::IsNullOrEmpty($apikey)) {
$apikey = $controlnodeid
}
if ([string]::IsNullOrEmpty($apikey)) {
if ([System.IO.File]::Exists("$secretfile")) {
$apikey = [IO.File]::ReadAllText("$secretfile").Trim()
}
}
if ([string]::IsNullOrEmpty($apikey)) {
# check old location in ProgramData
$oldsecretfile = $(Join-Path $OLDBASE "secret")
if ([System.IO.File]::Exists("$oldsecretfile")) {
$apikey = [IO.File]::ReadAllText("$oldsecretfile").Trim()
}
}
if ([string]::IsNullOrEmpty($apikey)) {
Write-Warning "You must supply either the -apikey or -controlnodeid parameters to identify your agent account"
return
}
# use TLS 1.2
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Download-And-Install-Sysmon
#===================================================
#4. Download and install osquery
#===================================================
try {
AgentDoStop
} catch {
Write-Error "Did not stop osqueryd service. Hopefully, this is fine."
}
Write-Host "Downloading installer"
$webclient = New-Object System.Net.WebClient
$webclient.DownloadFile("https://prod-usm-saas-agent-config.s3.amazonaws.com/repo/windows/alienvault-agent-20.01.0203.0301.msi", "$env:TEMP\alienvault-agent.msi")
Write-Host "Installing"
try {
Start-Process C:\Windows\System32\msiexec.exe -ArgumentList "/i $env:TEMP\alienvault-agent.msi ALLUSERS=1 /qn /l*v .\install.log" -wait
echo "INSTALLATION SUCCESSFULLY COMPLETED" >> .\install.log
} catch {
echo "INSTALLATION ERROR (ERRORLEVEL=%ERRORLEVEL%)" >> .\install.log
Write-Error "INSTALLATION ERROR (ERRORLEVEL=%ERRORLEVEL%)"
Return
}
# If the install directory doesn't exist, bail
if (![System.IO.Directory]::Exists("$BASE")) {
echo "Installation directory does not exist: $BASE" >> .\install.log
Write-Error "Installation directory does not exist: $BASE"
Return
}
# $osquerydService = Get-WmiObject -Class Win32_Service -Filter "Name='osqueryd'"
# if ($osquerydService) {
# Write-Host "Service exists, uninstalling"
# try {
# Stop-Service $kServiceName
# AgentDoStop
#
# Write-Host "Found '$kServiceName', stopping the system service..."
# Start-Sleep -s 5
# Write-Host "System service should be stopped."
# $osquerydService.Delete()
# Write-Host "System service '$kServiceName' uninstalled." -foregroundcolor Cyan
# } catch {
# Write-Error "Did not uninstall osqueryd service. Hopefully, it's not already installed."
# }
# }
Write-Host "Writing secret"
[IO.File]::WriteAllLines("$secretfile", $apikey)
# if hostid is not specified, try to extract from flag file
if ([string]::IsNullOrEmpty($hostid)) {
if ([System.IO.File]::Exists($flagfile)) {
$match = (Select-String -Path $flagfile -Pattern "specified_identifier=(.*)")
if ($match.Matches.Groups.success) {
$hostid = $match.Matches.Groups[1].Value.Trim()
Write-Host "Detected and re-using previously selected host id from ${flagfile}: $hostid"
} else {
Write-Host "Existing host id not found in ${flagfile}"
}
}
}
# if still not found, check old ProgramData location
if ([string]::IsNullOrEmpty($hostid)) {
$oldflagfile = $(Join-Path $OLDBASE "osquery.flags")
if ([System.IO.File]::Exists($oldflagfile)) {
$match = (Select-String -Path $oldflagfile -Pattern "specified_identifier=(.*)")
if ($match.Matches.Groups.success) {
$hostid = $match.Matches.Groups[1].Value.Trim()
Write-Host "Detected and re-using previously selected host id from ${oldflagfile}: $hostid"
} else {
Write-Host "Existing host id not found in ${oldflagfile}"
}
}
}
echo "Creating flag file"
copy $BASE\osquery.flags.example $flagfile
Write-Host "Setting host identifier"
# if still no hostid, use generated default
if ([string]::IsNullOrEmpty($hostid)) {
$hostid="00000000-8019-46ae-b324-685a63cb327a"
}
$output = "--tls_hostname=api.agent.alienvault.cloud/osquery-api/us-east-1", "--host_identifier=specified", "--specified_identifier=$hostid"
[IO.File]::AppendAllLines([string]$flagfile, [string[]]$output)
# add customer certs if present
$custpem = "$($env:SYSTEMROOT)\System32\drivers\etc\osquery_customer_certs.pem"
if ([System.IO.File]::Exists($custpem)) {
Write-Host "Adding customer certs"
type "$custpem" >> "$BASE\certs\certs.pem"
}
# start service
if (-NOT (AgentDoStop)) {
return
}
AgentDoStart
Write-Host "Deleting installer"
del $env:TEMP\alienvault-agent.msi
if (($BASE -ne $OLDBASE) -And [System.IO.Directory]::Exists($OLDBASE)) {
Write-Host "renaming old ProgramData/osquery directory"
move "$OLDBASE" "$($OLDBASE).renamed"
}
}
set-alias install_agent -value Install-Project
export-modulemember -alias 'install_agent' -function 'Install-Project'
}
If you remove this from "Function Install-Project-Internal"
If ($PSVersionTable.PSVersion.Major -lt 3) {
Write-Error "This script must be run using Powershell version 3 or higher. You have version $PSVersionTable.PSVersion.Major installed"
Return
}
Does it work? And if not, what is the error?
I've got this script that connects to Sharepoint Online, indexes all the files and folders, downloads them all in a systematic fashion and churns out a .csv with the name of file, folders, size, path, etc.
For various reasons I've ended up in a situation where I've got all the data, but the metadata is corrupted (the .csv file aforementioned).
Unfortunately re running the whole script just for that isn't really an option, as that would require around 90 hours.
I've been trying to break the code down in order to remove the "download files" functions and just keep the part that generates the .csv, but so far without luck.
I've found the Function that seem to be in charge of it (WriteLog), but I'm struggling to separate it from the rest.
P.S. The code is not mine, I've inherited it from a developer I haven't got access to (unfortunately)
Please find the code below:
param(
[Parameter(Mandatory = $true)]
[string]$srcUrl,
[Parameter(Mandatory = $true)]
[string]$username,
[Parameter(Mandatory = $false,HelpMessage = "From Date: (dd/mm/yyyy)")]
[string]$fromDate,
[Parameter(Mandatory = $false,HelpMessage = "To Date: (dd/mm/yyyy)")]
[string]$toDate,
[Parameter(Mandatory = $true)]
[string]$folderPath,
[Parameter(Mandatory = $true)]
[string]$csvPath
) #end param
cls
#Load SharePoint CSOM Assemblies
Add-Type -Path "C:\Program Files\SharePoint Online Management Shell\Microsoft.Online.SharePoint.PowerShell\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\SharePoint Online Management Shell\Microsoft.Online.SharePoint.PowerShell\Microsoft.SharePoint.Client.Runtime.dll"
$global:OutFilePath = -join ($csvPath,"\Documents.csv")
$global:OutFilePathError = -join ($csvPath,"\ErrorLog_GetDocuments.csv")
$header = "Title,Type,Parent,Name,Path,FileSize(bytes),Created,Created by,Modified,Modified by,Matterspace title,Matterspace url"
$srcLibrary = "Documents"
$securePassword = Read-Host -Prompt "Enter your password: " -AsSecureString
$credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials ($username,$securePassword)
$sUrl = [System.Uri]$srcUrl
$domainUrl = -join ("https://",$sUrl.Host)
function WriteLog
{
param(
[Parameter(Mandatory = $true)] $title,$type,$folderName,$name,$path,$fileSize,$created,$createdby,$modifed,$modifiedby,$matterspacetitle,$materspaceUrl
)
$nowTime = Get-Date -Format "dd-MMM-yy,HH:mm:ss"
$folderName = $folderName.Replace(",","|") ### sometime folder / file name has comma so replace it with something
$name = $name.Replace(",","|")
#$path = $path.Replace(",","|")
$title=[System.String]::Concat("""""""$title""""""")
$type=[System.String]::Concat("""""""$type""""""")
$folderName=[System.String]::Concat("""""""$folderName""""""")
$name=[System.String]::Concat("""""""$name""""""")
$path=[System.String]::Concat("""""""$path""""""")
$fileSize=[System.String]::Concat("""""""$fileSize""""""")
$created=[System.String]::Concat("""""""$created""""""")
$createdby=[System.String]::Concat("""""""$createdby""""""")
$modified=[System.String]::Concat("""""""$modified""""""")
$modifiedby=[System.String]::Concat("""""""$modifiedby""""""")
$matterspacetitle=[System.String]::Concat("""""""$matterspacetitle""""""")
$materspaceUrl=[System.String]::Concat("""""""$materspaceUrl""""""")
$lineContent = "$("$title"),$($type),$($folderName),$($name),$($path),$($fileSize),$($created),$($createdby),$($modified),$($modifiedby),$($matterspacetitle),$($materspaceUrl)"
Add-Content -Path $global:OutFilePath -Value "$lineContent"
}
#Function to get all files of a folder
Function Get-FilesFromFolder([Microsoft.SharePoint.Client.Folder]$Folder,$SubWeb,$MTitle)
{
Write-host -f Yellow "Processing Folder:"$Folder.ServerRelativeUrl
$folderItem = $Folder.ListItemAllFields
#$srcContext.Load($f)
$Ctx.Load($folderItem)
$Ctx.ExecuteQuery()
#Get All Files of the Folder
$Ctx.load($Folder.files)
$Ctx.ExecuteQuery()
$authorEmail = $folderItem["Author"].Title
$editorEmail = $folderItem["Editor"].Title
$filepath = $folderItem["FileDirRef"]
if([string]::IsNullOrEmpty($filepath))
{
$filepath=$Folder.ServerRelativeUrl
}
$created = $folderItem["Created"]
$modified = $folderItem["Modified"]
$title = $folderItem["Title"]
if ([string]::IsNullOrEmpty($title))
{
$title = "Not Specified"
}
#$fileSize = $fItem["File_x0020_Size"]
$fileName = $Folder.Name
#list all files in Folder
write-host $Folder.Name
$splitString=$Folder.ServerRelativeUrl -split('/')
$dirUrl="";
write-host $splitString.Length
$parentUrl=""
For($i=3; $i -le $splitString.Length;$i++)
{
if($splitString[$i] -notcontains('.'))
{
Write-Host $i
Write-Host $splitString[$i]
$dirUrl=-join($dirUrl,"\",$splitString[$i])
$parentUrl=-join($parentUrl,"\",$splitString[$i+1])
}
}
$dirPath = -join ($folderPath,$dirUrl)
WriteLog $title "Folder" $parentUrl.TrimEnd('\') $fileName $filepath 0 $created $authorEmail $modified $editorEmail $MTitle $SubWeb
write-host $dirPath
if (-not (Test-Path -Path $dirPath))
{
New-Item -ItemType directory -Path $dirPath
}
ForEach ($File in $Folder.files)
{
try{
$remarkDetail = ""
$replacedUser = ""
$fItem = $File.ListItemAllFields
#$srcContext.Load($f)
$Ctx.Load($fItem)
$Ctx.ExecuteQuery()
$authorEmail = $fItem["Author"].Email
$editorEmail = $fItem["Editor"].Email
$filepath = $fItem["FileDirRef"]
$fileSizeBytes = $fItem["File_x0020_Size"];
$fileSize = ($fileSizeBytes) / 1MB
$fileName = $fItem["FileLeafRef"]
$title = $fItem["Title"]
$filecreated = $fitem["Created"]
$fileModified = $fitem["Modified"]
$FileUrl = $fItem["FileRef"]
$Fname=$File.Name
if ([string]::IsNullOrEmpty($title))
{
$title = "Not Specified"
}
#$title,$type, $folderName,$name,$path,$fileSize,$created,$createdby,$modifed,$modifiedby,$matterspacetitle,$materspaceUrl
$dateToCompare = Get-Date (Get-Date -Date $fileModified -Format 'dd/MM/yyyy')
#Get the File Name or do something
if (($dateToCompare -ge $startDate -and $dateToCompare -le $endDate) -or ($startDate -eq $null -and $endDate -eq $null))
{
$downloadUrl = -join ($dirPath,$File.Name)
$fromfile = -join ($domainUrl,$FileUrl)
Write-Host "Downloading the file from " $fromfile -ForegroundColor Cyan
try{
$webclient = New-Object System.Net.WebClient
$webclient.Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials ($username,$securePassword)
$webclient.Headers.Add("X-FORMS_BASED_AUTH_ACCEPTED","f")
$webclient.DownloadFile($fromfile,$downloadUrl)
$webclient.Dispose()
}
catch{
$ErrorMessage=$_.Exception.Message
$ErrorMessage = $ErrorMessage -replace "`t|`n|`r",""
$ErrorMessage = $ErrorMessage -replace " ;|; ",";"
$lineContent = "$($Fname),$($fromfile ),$($ErrorMessage)"
Add-Content -Path $global:OutFilePathError -Value "$lineContent"
Write-Host "Skipping the file and recalling the function" -ForegroundColor Blue
}
WriteLog $title "File" $Folder.Name $fileName $FileUrl $fileSize $created $authorEmail $modified $editorEmail $MTitle $SubWeb
Write-host -f Magenta $File.Name
}
else
{
Write-Host "Skipping the matterspace :" $title " as the matterspace was not in the date range" -ForegroundColor Blue
}
}
catch{
$ErrorMessage=$_.Exception.Message
$ErrorMessage = $ErrorMessage -replace "`t|`n|`r",""
$ErrorMessage = $ErrorMessage -replace " ;|; ",";"
$lineContent = "$($Fname),$($fromfile ),$($ErrorMessage)"
Add-Content -Path $global:OutFilePathError -Value "$lineContent"
}
}
#Recursively Call the function to get files of all folders
$Ctx.load($Folder.Folders)
$Ctx.ExecuteQuery()
#Exclude "Forms" system folder and iterate through each folder
ForEach($SubFolder in $Folder.Folders | Where {$_.Name -ne "Forms"})
{
Get-FilesFromFolder -Folder $SubFolder -SubWeb $SubWeb -Mtitle $MTitle
}
}
Function Get-SPODocLibraryFiles()
{
param
(
[Parameter(Mandatory=$true)] [string] $SiteURL,
[Parameter(Mandatory=$true)] [string] $LibraryName
)
#Setup the context
$Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
$Ctx.Credentials = $credentials
$srcWeb = $Ctx.Web
$childWebs = $srcWeb.Webs
$Ctx.Load($childWebs)
$Ctx.ExecuteQuery()
foreach ($childweb in $childWebs)
{
try
{
#Get the Library and Its Root Folder
$Library=$childweb.Lists.GetByTitle($LibraryName)
$Ctx.Load($Library)
$Ctx.Load($Library.RootFolder)
$Ctx.ExecuteQuery()
#Call the function to get Files of the Root Folder
if($childweb.Url.ToLower() -notlike "*ehcontactus*" -and $childweb.Url.ToLower() -notlike "*ehfaqapp*" -and $childweb.Url.ToLower() -notlike "*ehquicksearch*" -and $childweb.Url.ToLower() -notlike "*ehsiteapps*" -and $childweb.Url.ToLower() -notlike "*ehsitelist*" -and $childweb.Url.ToLower() -notlike "*ehwelcomeapp*" -and $childweb.Url.ToLower() -notlike "*ehimageviewer*")
{
Get-FilesFromFolder -Folder $Library.RootFolder -SubWeb $childweb.Url -MTitle $childweb.Title
}
}
catch{
write-host "Skipping the matterpsace as the library does not exists" -ForegroundColor Blue
}
}
}
#Config Parameters
#$SiteURL= "https://impigerspuat.sharepoint.com/sites/ELeave/Eleave1/adminuat#impigerspuat.onmicrosoft.com"
$LibraryName="Documents"
#$securePassword = Read-Host -Prompt "Enter your password: " -AsSecureString
#Call the function to Get All Files from a document library
if (-not ([string]::IsNullOrEmpty($fromDate)))
{
$startDate = Get-Date (Get-Date -Date $fromDate -Format 'dd/MM/yyyy')
}
else
{
$startDate = $null;
}
if (-not ([string]::IsNullOrEmpty($toDate)))
{
$endDate = Get-Date (Get-Date -Date $toDate -Format 'dd/MM/yyyy')
}
else
{
$endDate = $null
}
Get-SPODocLibraryFiles -SiteURL $srcUrl -LibraryName $LibraryName
Have you tried running just that function and giving it the parameters it's requesting in the function?
Copy the code into a WriteLog.ps1 file and then call the script file with the parameters.
ie.
Writelog.ps1 $srcUrl $username $fromDate $toDate $folderPath $csvPath
Obviously, inputting data in place of the variables.
FWIW, pulling relevant pieces of code out of someone else's scripts is a great skill to practice. Everything you want to do has been done before, but you might have to break down someone else's work before it fits your exact enviornment.
Unfortunately it looks like you have to do this the old fashion way. The problem is the author is outputting to the log (csv) as the files are being downloaded. As opposed to downloading to a staging area first...
I suggest setting an early break-point in the code then stepping through to see exactly how it's flowing. That should give you a general idea, and enough info to start writing refactored code.
Reverse engineering is always tough, be prepared it will be methodical exercise so say the least.
Bad news: this will be an iterative process, not a single 'solve'. Nothing "wrong" with that code, but there are a few design choices that make this a challenge. It's not indented consistently and it weaves through all the variable assignments in slightly different ways. Looks better than most of my code, I'm just telling you what makes it a challenge.
Good news: At least that WriteLog function is separate. And it's really just adding content to the .csv file defined in this variable assigned here:
$global:OutFilePath = -join ($csvPath,"\Documents.csv")
(line 20 in my copy)
*
RECOMMENDATION: (this is an approach, just a guide to your final solution)
Take that existing code and drop it in an IDE to help you visually. The Windows Powershell ISE is adequate, but I would highly recommend VSCode.
Comment out that last line:
Get-SPODocLibraryFiles -SiteURL $srcUrl -LibraryName $LibraryName
So you can retain any of the other context from the script you actually want to keep.
Create a separate function named something like:
function Get-FilesFromLocalFolder ($localdir, $SubWeb, $MTitle)
to use instead of the existing function Get-FilesFromFolder. That way you can iterate through whatever directories you need, get the files, and assign variables to pass as parameters. Then when you call WriteLog, it will look very similar. Those last two parameters ($SubWeb, $MTitle) are passed just because WriteLog needs them. You could make them your own labels, or you could remove them and make them optional in WriteLog.
You could start by hard-coding values in each of required parameters for the function, and then run it to see if the output is working.
It will take you some iterations (agree with #Steven) and it is definitely a valuable exercise (agree with #TheIdesOfMark). :)
I am trying to write a script to find and replace a string in a file. How do I catch an exception if the script fails to replace the string for some reason and log it in an external file? Here is what I have so far.
Write-Host "Checking Execution Policy"
$currentExecutionPolicy = Get-ExecutionPolicy
if( $currentExecutionPolicy -eq "RemoteSigned")
{
Write-Host "Execution policy check passed"
}
else
{
"Setting Execution policy to RemoteSigned as per https://msdn.microsoft.com/powershell/reference/5.1/Microsoft.PowerShell.Core/about/about_Execution_Policies"
Set-ExecutionPolicy Remotesigned
}
Write-Host "Starting Script"
#Recurse through all the file shares and find the file.
$rootPath='\\do.main.name\shared\Information Technology\IT\u.name'
$hotspotFile = Get-ChildItem -Path $rootPath -Recurse -Include "hotspot.mac"
Write-Host "Found file" $hotspotFile
$logstring = "Found file" + $hotspotFile
WriteLog $logstring
try
{
(Get-Content $hotspotFile).Replace("olddomain.com","do.main.name") | Set-Content $hotspotFile
}
catch
{
Write-Host "Failed to replace string -" $file
$logstring = "Failed to replace string -" + $file
WriteLog $logstring
}
#Logging
$Logfile = "F:\u.name\Documents\Logs\SCR_To_Find_And_Replace_Old_Domain_String.log"
Function WriteLog
{
Param ([string]$logstring)
Add-content $Logfile -value $logstring
}
Per the comments, I think a failed replace does not generate an exception so you can't use try catch.
Instead you could use an if test, e.g.:
If ($hotspotfile -notcontains "do.main.name") { }
Or test the file for the presence of the old string. You'd probably be wise to also put in an earlier if statement testing if the string was present in the file in the first place and skipping the replace and check if it wasn't.
I have the below function running in a logon script, which checks whether the user has the current version of IT Self Help.exe. If the current version is not present, then it should be copied onto the desktop from the $appsource folder:
function UrgentSupportApp {
$ErrorActionPreference = "Stop"
trap {Log-Error $_ $MyInvocation.MyCommand; Return}
$desktop = $env:USERPROFILE + '\Desktop\'
$apptarget = $desktop + 'IT Self Help.exe'
$appsource = '\\file\Administration\Unused\Apps\IT Support App\IT Self Help.exe'
# Remove the old version of the app "IT Help Request.exe"
$oldapps = Get-ChildItem $desktop -Filter *"Help Request.exe"
if ($oldapps.count -gt 0) {Remove-Item $oldapps.PSPath -Force}
# Copy the new version over if it is not already present
$currentversion = (Get-Command $appsource).FileVersionInfo.FileVersion
if (Test-Path $apptarget) {
if ((Get-Command $apptarget).FileVersionInfo.FileVersion -ne $currentversion) {
Copy-Item $appsource $desktop -Force ##### Line 981 #####
}
} else {
Copy-Item $appsource $desktop -Force
}
}
function Log-Error {
param (
$error,
[string]$sub,
$detail
)
$ErrorActionPreference = "Stop"
trap {Log-Error $_ $MyInvocation.MyCommand; Return}
$filename = "\\file\administration\Unused\LogonScriptErrors\$username - $sub - $computername - $(Get-Date -Format ddMMyyyy-HHmmss).log"
New-Item $filename -ItemType File -Value "Message: `r`n`t $($error.Exception.Message) `r`n `r`nPosition: `r`n`t $($error.InvocationInfo.PositionMessage) `r`n `r`nSub: `r`n`t $sub `r`n `r`nDetail: `r`n`t $detail"
}
For a couple of users, I am seeing this error come through on line 981, char 22 (see the comment above):
Could not find file 'C:\Users\USER.NAME\Desktop\IT Self Help.exe'.
At \\DC\NETLOGON\mainlogon.ps1:981 char:22
+ Copy-Item <<<< $appsource $desktop -Force
However
The file clearly can be found, as it made it through the fisrt If condition If (Test-Path $apptarget).
If the file couldn't be found, why would the script complain on that line, where we are not even looking for it?
What is this error trying to tell me? If the file could not be found, surely the script would just continue into the Else statement
I recently created a script that's able to create a chosen number of Hyper-V VMs from a "template", by exporting one VM and import it with different ids and names.
Everything is working smoothly, but the export takes quite some time. Is there any way to get an progress output from the export-vm? If I look in the hyper-v command center, I see that my VM is exported after i started the script, and it has a progress value, too, so somehow there seems to be a way to get the current progress...
It would also be nice to have a progress output for Import-VM, too, but that's not really important.
If you are interested, here is my current script. I know that the hard-coded paths and other ascpects aren't really nice, so please don't tell me anything about code style or something like this. First comes a working script, then comes nice code.
param(
[int]$Anzahl = 0,
[string]$BasisVM = 'Schulung',
[string]$ExportDir = 'C:\VMConf\Export\',
[string]$ExportConf = 'Schulung\Virtual Machines\0D444AF2-3E63-4ACF-867E-34440AA99C42.xml',
[string]$VMDir = 'C:\VMs\',
[string]$VMNamePrefix = 'Schulung'
)
if ($Anzahl -eq 0) {
$Anzahl = Read-Host "Bitte Anzahl der benötigten VMs eingeben"
}
"`nStarte Export der Vorlage..."
if (-Not(Test-Path $ExportDir)) {
New-Item -ItemType directory -Path $ExportDir | out-null
}
Export-VM -Name $BasisVM -Path $ExportDir
"Abgeschlossen.`n"
if (Test-Path $VMDir) {
$err = $null
$i = 1
while (-not($err)) {
if ($i -gt 1) {
"Alte VM Nummer $($i - 1) wurde gelöscht."
}
Remove-VM -Name $($VMNamePrefix + ("{0:D2}" -f $i)) -Force -ErrorVariable err -ErrorAction SilentlyContinue
$i++
}
Remove-Item -r $VMDir | out-null
New-Item -ItemType directory -Path $VMDir | out-null
}
"`n$Anzahl VMs werden erstellt..."
for ($i=1; $i -le $Anzahl; $i++) {
"`tErstelle VM Nummer $i..."
$name = ($VMNamePrefix + ("{0:D2}" -f $i))
$path = ($VMDir + $name)
$VM = Import-VM -Path $($ExportDir + $ExportConf) -VhdDestinationPath $($path + "/Virtual Hard Discs") -VirtualMachinePath $path -Copy -GenerateNewId
Rename-VM -VM $VM -NewName $name
"`t$VM Nummer $i wurde erzeugt."
}
"Abgeschlossen.`n"
"Aufräumen..."
if (Test-Path $ExportDir) {
Remove-Item -r $ExportDir | out-null
}
"Abgeschlossen."
You could start the export (and even imports) as a background job and then log the progress of the job. Sample code:
$ExportJob = Export-VM -Name $BasisVM -Path $ExportDir -AsJob;
while( $ExportJob.State -eq "Running" -or $ExportJob.State -eq "NotStarted")
{
Write-Output ("[Export] " + $($ExportJob.Progress.PercentComplete) + "% complete");
sleep(5);
}
if($ExportJob.State -ne "Completed")
{
Write-Error ("Export Job did not complete: " +$ExportJob.State);
throw $ExportJob.Error;
}