I have a file which is shown as below:
DateTime: 2018-02-09 02:00:12
Database: [master]
Status: ONLINE
Mirroring role: None
Standby: No
Updateability: READ_WRITE
User access: MULTI_USER
Is accessible: Yes
Recovery model: SIMPLE
Differential base LSN: 940000000008500178
Last log backup LSN: NULL
DateTime: 2018-02-09 02:00:12
Command: DECLARE #ReturnCode int EXECUTE #ReturnCode = [master].dbo.xp_create_subdir N'J:\dump_data\sqlserver234\db_dump' IF #ReturnCode 0 RAISERROR('Error creating directory.', 16, 1)
Outcome: Succeeded
Duration: 00:00:00
DateTime: 2018-02-09 02:00:12
DateTime: 2018-02-09 02:00:12
Command: BACKUP DATABASE [master] TO DISK = N'J:\dump_data\sqlserver234\db_dump\master_FULL_20180209_020012.bak' WITH CHECKSUM, COMPRESSION
Processed 512 pages for database 'master', file 'master' on file 1.
Processed 3 pages for database 'master', file 'mastlog' on file 1.
BACKUP DATABASE successfully processed 515 pages in 0.088 seconds (45.693 MB/sec).
Outcome: Succeeded
Duration: 00:00:00
DateTime: 2018-02-09 02:00:12
DateTime: 2018-02-09 02:00:12
Command: RESTORE VERIFYONLY FROM DISK = N'J:\dump_data\sqlserver234\db_dump\master_FULL_20180209_020012.bak'
The backup set on file 1 is valid.
Outcome: Succeeded
Duration: 00:00:00
DateTime: 2018-02-09 02:00:12
DateTime: 2018-02-09 02:00:12
Database: [model]
Status: ONLINE
Mirroring role: None
Standby: No
Updateability: READ_WRITE
User access: MULTI_USER
Is accessible: Yes
Recovery model: SIMPLE
Differential base LSN: 31000001141300037
Last log backup LSN: NULL
DateTime: 2018-02-09 02:00:12
Command: DECLARE #ReturnCode int EXECUTE #ReturnCode = [master].dbo.xp_create_subdir N'J:\dump_data\sqlserver234\db_dump' IF #ReturnCode 0 RAISERROR('Error creating directory.', 16, 1)
Outcome: Succeeded
Duration: 00:00:00
DateTime: 2018-02-09 02:00:12
DateTime: 2018-02-09 02:00:12
Command: BACKUP DATABASE [model] TO DISK = N'J:\dump_data\sqlserver234\db_dump\model_FULL_20180209_020012.bak' WITH CHECKSUM, COMPRESSION
Processed 320 pages for database 'model', file 'modeldev' on file 1.
Processed 2 pages for database 'model', file 'modellog' on file 1.
BACKUP DATABASE successfully processed 322 pages in 0.048 seconds (52.256 MB/sec).
Outcome: Failed
Duration: 00:00:00
DateTime: 2018-02-09 02:00:12
DateTime: 2018-02-09 02:00:12
Command: RESTORE VERIFYONLY FROM DISK = N'J:\dump_data\sqlserver234\db_dump\model_FULL_20180209_020012.bak'
The backup set on file 1 is valid.
Outcome: Failed
Duration: 00:00:00
DateTime: 2018-02-09 02:00:12
I have written a PowerShell file which give me databasename and corresponding outcome:
param(
[Parameter(Mandatory=$True)][string]$path
)
#param([string]$path)
# <context>
# <description>
# Sending output to console
# </description>
# </context>
try
{
foreach($line in [System.IO.File]::ReadLines("E:\utility\TEDM_DBA_M_MNT_BACKUP_System.txt"))
{
$database=$line|select-string -pattern 'Database:'
$outcome=$line|select-string -pattern 'Outcome:'
Write-host $outcome
if($outcome -eq 'Outcome: Failed')
{
Write-Host $outcome
}
}
}
Catch
{
Write-Host -BackgroundColor Red -ForegroundColor White "Fail"
$errText = $Error[0].ToString()
if ($errText.Contains("network-related"))
{
Write-Host "Connection Error. Check server name, port, firewall."
}
Write-Host $errText
continue
}
But when I am comparing string with Outcome: failed it passes for all conditions:
if($outcome -eq 'Outcome: Failed')
What am I doing wrong in the string comparison?
Related
The output from the dump is RawCopy v1.0.0.22
Directory listing for: c:$Extend
Entry number: 1
FileName: $Deleted
MFT Ref: 29
MFT Ref SeqNo: 1
Parent MFT Ref: 11
Parent MFT Ref SeqNo: 0
Flags: hidden+system
File Create Time: 2020-03-27 22:25:39:560:2469
File Modified Time: 2020-03-27 22:25:39:560:2469
MFT Entry modified Time: 2020-03-27 22:25:39:560:2469
File Last Access Time: 2020-03-27 22:25:39:560:2469
Allocated Size: 0
Real Size: 0
NameSpace: POSIX
IndexFlags: 0000
SubNodeVCN:
Entry number: 2
FileName: $ObjId
MFT Ref: 25
MFT Ref SeqNo: 1
Parent MFT Ref: 11
Parent MFT Ref SeqNo: 0
Flags: hidden+system
File Create Time: 2020-03-27 22:25:39:560:2469
File Modified Time: 2020-03-27 22:25:39:560:2469
MFT Entry modified Time: 2020-03-27 22:25:39:560:2469
File Last Access Time: 2020-03-27 22:25:39:560:2469
Allocated Size: 0
Real Size: 0
NameSpace: POSIX
IndexFlags: 0000
SubNodeVCN:
Entry number: 3
FileName: $Quota
MFT Ref: 24
MFT Ref SeqNo: 1
Parent MFT Ref: 11
Parent MFT Ref SeqNo: 0
Flags: hidden+system
File Create Time: 2020-03-27 22:25:39:560:2469
File Modified Time: 2020-03-27 22:25:39:560:2469
MFT Entry modified Time: 2020-03-27 22:25:39:560:2469
File Last Access Time: 2020-03-27 22:25:39:560:2469
Allocated Size: 0
Real Size: 0
NameSpace: POSIX
IndexFlags: 0000
SubNodeVCN:
Entry number: 4
FileName: $Reparse
MFT Ref: 26
MFT Ref SeqNo: 1
Parent MFT Ref: 11
Parent MFT Ref SeqNo: 0
Flags: hidden+system
File Create Time: 2020-03-27 22:25:39:560:2469
File Modified Time: 2020-03-27 22:25:39:560:2469
MFT Entry modified Time: 2020-03-27 22:25:39:560:2469
File Last Access Time: 2020-03-27 22:25:39:560:2469
Allocated Size: 0
Real Size: 0
NameSpace: POSIX
IndexFlags: 0000
SubNodeVCN:
Entry number: 5
FileName: $RmMetadata
MFT Ref: 27
MFT Ref SeqNo: 1
Parent MFT Ref: 11
Parent MFT Ref SeqNo: 0
Flags: hidden+system
File Create Time: 2020-03-27 22:25:39:560:2469
File Modified Time: 2020-03-27 22:25:39:560:2469
MFT Entry modified Time: 2020-03-27 22:25:39:560:2469
File Last Access Time: 2020-03-27 22:25:39:560:2469
Allocated Size: 0
Real Size: 0
NameSpace: POSIX
IndexFlags: 0000
SubNodeVCN:
Entry number: 6
FileName: $UsnJrnl
MFT Ref: 78263
MFT Ref SeqNo: 3
Parent MFT Ref: 11
Parent MFT Ref SeqNo: 0
Flags: hidden+system+sparse_file
File Create Time: 2020-03-27 21:27:31:792:2895
File Modified Time: 2020-03-27 21:27:31:792:2895
MFT Entry modified Time: 2020-03-27 21:27:31:792:2895
File Last Access Time: 2020-03-27 21:27:31:792:2895
Allocated Size: 0
Real Size: 0
NameSpace: POSIX
IndexFlags: 0000
SubNodeVCN:
Job took 3.03 seconds
I am trying to only put '78263' into a variable so I can use it in a command. I am using PowerShell and have tried the following code but I can not get it to pull the string.
Get-Content 'e:filepath\file.txt'
I have also tried using Select-String but can not seem to get that to work either.
Select-String -Path "e:filepath\file.txt" -Pattern 'FileName: $UsnJrnl' -Context 0,1 | Out-File -FilePath 'e:filepath\file2.txt'
I can not seem to get that to work either. Any suggestions?
Here's an example using regular expressions on each line.
Since your input is from file rather than the section I hard-coded, you might want to exclude headers/blank lines before parsing.
I tried to keep it flexible so that you can easily get the other properties of values of other files by changing the regex.
For an explanation of the specific regex characters, plug them into a tool like https://regexr.com/
$Raw = #"
Entry number: 1 FileName: `$Deleted MFT Ref: 29 MFT Ref SeqNo: 1 Parent MFT Ref: 11 Parent MFT Ref SeqNo: 0 Flags: hidden+system File Create Time: 2020-03-27 22:25:39:560:2469 File Modified Time: 2020-03-27 22:25:39:560:2469 MFT Entry modified Time: 2020-03-27 22:25:39:560:2469 File Last Access Time: 2020-03-27 22:25:39:560:2469 Allocated Size: 0 Real Size: 0 NameSpace: POSIX IndexFlags: 0000 SubNodeVCN:
Entry number: 2 FileName: `$ObjId MFT Ref: 25 MFT Ref SeqNo: 1 Parent MFT Ref: 11 Parent MFT Ref SeqNo: 0 Flags: hidden+system File Create Time: 2020-03-27 22:25:39:560:2469 File Modified Time: 2020-03-27 22:25:39:560:2469 MFT Entry modified Time: 2020-03-27 22:25:39:560:2469 File Last Access Time: 2020-03-27 22:25:39:560:2469 Allocated Size: 0 Real Size: 0 NameSpace: POSIX IndexFlags: 0000 SubNodeVCN:
Entry number: 3 FileName: `$Quota MFT Ref: 24 MFT Ref SeqNo: 1 Parent MFT Ref: 11 Parent MFT Ref SeqNo: 0 Flags: hidden+system File Create Time: 2020-03-27 22:25:39:560:2469 File Modified Time: 2020-03-27 22:25:39:560:2469 MFT Entry modified Time: 2020-03-27 22:25:39:560:2469 File Last Access Time: 2020-03-27 22:25:39:560:2469 Allocated Size: 0 Real Size: 0 NameSpace: POSIX IndexFlags: 0000 SubNodeVCN:
Entry number: 6 FileName: `$UsnJrnl MFT Ref: 78263 MFT Ref SeqNo: 3 Parent MFT Ref: 11 Parent MFT Ref SeqNo: 0 Flags: hidden+system+sparse_file File Create Time: 2020-03-27 21:27:31:792:2895 File Modified Time: 2020-03-27 21:27:31:792:2895 MFT Entry modified Time: 2020-03-27 21:27:31:792:2895 File Last Access Time: 2020-03-27 21:27:31:792:2895 Allocated Size: 0 Real Size: 0 NameSpace: POSIX IndexFlags: 0000 SubNodeVCN:
"# -split "`r?`n" #hardcoded raw data, you would have Get-Content here instead
$ParsedEntries = $Raw.ForEach{
#?<MFT> names the match to avoid using index
#[void] is to prevent the output from -match ($true in this case) entering the variable
#$Matches is a special variable holding the results of -match
[void]($_ -match 'FileName: (?<FileName>\S+).+ MFT Ref: (?<MFT>\S+)')
[PSCustomObject]#{
Filename = $Matches.FileName
MFT = $Matches.MFT
}
}
$ParsedEntries.Where{$_.FileName -eq '$UsnJrnl'}
With this, I ran three consecutive commands to finish the issue. It took the input above and output the correct sequence on about half a dozen systems. So I am happy. Thank you for your assistance it definitely steered me in the right direction.
'
((Get-Content -path "${output_dir}:\Triage$UsnJrnl${system_name}\junk\Log-${system_name}-grep-file2.txt" -Raw) -replace '93-MFT','') | Set-Content -Path "${output_dir}:\Triage$UsnJrnl${system_name}\junk\Log-${system_name}-grep-file2.txt"
((Get-Content -path "${output_dir}:\Triage$UsnJrnl${system_name}\junk\Log-${system_name}-grep-file2.txt" -Raw) -replace 'Ref: ','') | Set-Content -Path "${output_dir}:\Triage$UsnJrnl${system_name}\junk\Log-${system_name}-grep-file2.txt"
((Get-Content -path "${output_dir}:\Triage$UsnJrnl${system_name}\junk\Log-${system_name}-grep-file2.txt" -Raw) -replace ' ','') | Set-Content -Path "${output_dir}:\Triage$UsnJrnl${system_name}\junk\Log-${system_name}-grep-file2.txt"
$MFTREF1 = Get-Content "${output_dir}:\Triage$UsnJrnl${system_name}\junk\Log-${system_name}-grep-file2.txt"
'
If I enter date +"%Y/%m/%d %H:%M" -d "20200819T1234" the expected output is 2020/08/19 12:34 when in I actually get 2020/08/19 02:34 that is, exactly 10 hours less. Could someone explain to me why this happens?
At the moment I manage with + 10 hours at the end of the command, but I don't think this is normal. The time zone set on the server is -03 so I am very confused.
This happens in both Ubuntu 16 and Debian 10
The GNU code for parsing dates (parse_datetime2) has this table embedded within it that provides the reason why you're getting the incorrect time (trimmed for conciseness):
/* Military time zone table.
Note 'T' is a special case, as it is used as the separator in ISO
8601 date and time of day representation. */
static table const military_table[] =
{
{ "A", tZONE, -HOUR ( 1) },
{ "B", tZONE, -HOUR ( 2) },
{ "C", tZONE, -HOUR ( 3) },
: : :
{ "Y", tZONE, HOUR (12) },
{ "Z", tZONE, HOUR ( 0) },
{ NULL, 0, 0 }
};
And, indeed, if you run date in debug mode, you can see what's happening (output trimmed for conciseness):
pax> for i in {A..I} {K..Z} ; do
...> date -d $i --debug 2>&1 | awk -vZ=$i '/parsed zone/{print " "Z":"$5}'
...> done
A:UTC-01
B:UTC-02
: :
T:UTC+07
: :
Z:UTC+00
Most letters apply a timezone offset based on military timezones, hence the T that would normally be used to separate date and time in ISO format is being handled differently here, as specifying UTC+7, explaining the ten-hour difference between that and your server at UTC-3.
The bottom line is that you need to use an input format that's acceptable to date. That's as simple as (in this case) replacing the T with a space, as per the following transcript:
pax:~> ### First, the problematic one.
pax:~> date +"%Y/%m/%d %H:%M" -d "20200819T1234" --debug
date: parsed number part: (Y-M-D) 2020-08-19
date: parsed zone part: UTC+07
date: parsed number part: 12:34:00
date: input timezone: parsed date/time string (+07)
date: using specified time as starting value: '12:34:00'
date: starting date/time: '(Y-M-D) 2020-08-19 12:34:00 TZ=+07'
date: '(Y-M-D) 2020-08-19 12:34:00 TZ=+07' = 1597815240 epoch-seconds
date: timezone: system default
date: final: 1597815240.000000000 (epoch-seconds)
date: final: (Y-M-D) 2020-08-19 05:34:00 (UTC)
date: final: (Y-M-D) 2020-08-19 13:34:00 (UTC+08)
2020/08/19 13:34
pax:~> ### Then, the correct one.
pax:~> date +"%Y/%m/%d %H:%M" -d "20200819 1234" --debug
date: parsed number part: (Y-M-D) 2020-08-19
date: parsed number part: 12:34:00
date: input timezone: system default
date: using specified time as starting value: '12:34:00'
date: starting date/time: '(Y-M-D) 2020-08-19 12:34:00'
date: '(Y-M-D) 2020-08-19 12:34:00' = 1597811640 epoch-seconds
date: timezone: system default
date: final: 1597811640.000000000 (epoch-seconds)
date: final: (Y-M-D) 2020-08-19 04:34:00 (UTC)
date: final: (Y-M-D) 2020-08-19 12:34:00 (UTC+08)
2020/08/19 12:34
Your format is mismatch with the time string: try
date +"%Y/%m/%d %H:%M" -d "2020/08/19 12:34"
2020/08/19 12:34
I have a set of logs with a timestamp and needs to group that logs by some non-existent 'virtual session'.
New grouped session begins if there is half of hour between last log in previous session and first log in this.
For example we have following set of data:
[
{
id: "b4f0d0d7-495b-48db-95bf-d5ac0c8c9e9b"
time: 1461872894322
timestamp: "Apr 28, 2016 7:48:14 PM",
},
{
id: "bf55ca2f-b544-406c-bed6-766a1204683d"
time: 1461872937941
timestamp: "Apr 28, 2016 7:48:57 PM"
},
{
id: "7f2ab420-0434-46f8-9444-6e2ffa73aea8"
time: 1461873088155
timestamp: "Apr 28, 2016 7:51:28 PM"
},
{
id: "dd31124c-0375-454a-acca-c239465a2b22"
time: 1461839257257
timestamp: "Apr 28, 2016 10:27:37 AM"
},
{
id: "a4370974-bfea-408f-aa69-973961e9f058"
time: 1461839281324
timestamp: "Apr 28, 2016 10:28:01 AM"
}
]
It should be grouped in two virtual sessions. As a result of grouping i can get min and max time for each group in mongo aggregate $group, but how to write the correct expression?
Expected answer is something like
[
{min: 1461872894322, max: 1461873088155},
{min: 1461839257257, max: 1461839281324}
]
Unfortunately there is no way to do it by mongo query as there is no handle for previous row (like CTE common table expressions).
To solve this problem you need to process data client side (or using javascript in mongo console - like a SP from sql world) and iterate over all documents checking for time gap and adding a grouping indicator to collection.
Then you will be able to group by added grouping indicator.
Was thinking of suing $let as it can access external variable - but this is RO access so we cannot relay on that.
Have a fun!
Any comments welcome.
the default maximum life of a kerberos principal is 1 day. How can i change this to more than a day or any configurable value. I am doing the getprinc testkerb and getting the following:
kadmin.local: getprinc testkerb
Principal: testkerb#EXAMPLE.COM
Expiration date: [never] Last
password change: Tue Nov 18 09:55:08 IST 2014
Password expiration date: [none]
Maximum ticket life: 1 day 00:00:00
Maximum renewable life: 0 days 00:00:00
Last modified: Tue Nov 18 09:55:08 IST 2014 (factory/admin#EXAMPLE.COM)
Last successful authentication: [never]
Last failed authentication: [never]
Failed password attempts: 0
Number of keys: 6
Key: vno 1, aes256-cts-hmac-sha1-96, no salt
Key: vno 1, aes128-cts-hmac-sha1-96, no salt
Key: vno 1, des3-cbc-sha1, no salt
Key: vno 1, arcfour-hmac, no salt
Key: vno 1, des-hmac-sha1, no salt
Key: vno 1, des-cbc-md5, no salt
MKey: vno 1
Attributes:
Policy: [none]
I want to change the highlighted one.
Hi i got the working step so updating it. To change the max-lifetime of a ticket in kerberos from default 24 hrs to more than 24 hrs follow the following steps:
Add the max_life property to the /var/kerberos/krb5kdc/kdc.conf file. e.g : max_life = 168h 0m 0s
Changed the /etc/krb5.conf file e.g : ticket_lifetime = 168h 0m 0s
Changed the default principal krbtgt/EXAMPLE.COM#EXAMPLE.COM Maximum Life Time e.g modprinc -maxlife 168hours krbtgt/EXAMPLE.COM#EXAMPLE.COM
Now we can set the ticket life up to 7 days i.e. 168 hrs. We can do kinit for user and check the expiry of the ticket by klist.
I have a scenario as below:
I will be getting two dates viz. start_dt and end_dt in yyyyMMdd format as arguments to my Unix Script.
I have to loop through each of the dates starting from start_dt till end_dt incrementing by a day each time.
The script I have written is as below:
start_date=$1
end_date=$2
#verify dates
if ! date -d "$start_date" 2>&1 > /dev/null ;
then echo "start date is invalid" ; exit 1
fi
if ! date -d "$end_date" 2>&1 > /dev/null ;
then echo "end date is invalid" ; exit 1
fi
#set current and end date
curr_dt=$(date -d "$start_date")
end_dt=$(date -d "$end_date +1 hours")
#loop over all dates
while [ "$end_dt" != "$curr_dt" ]
do
echo $curr_dt
# increment the date
curr_dt=$(date -d "$curr_dt +1 hours")
done
However, I am getting below error when I am running with input arguments as 20140128 and 20140130:
date: invalid date `20140130 +1 hours'
Tue Jan 28 00:00:00 EST 2014
date: invalid date `Tue Jan 28 00:00:00 EST 2014 +1 hours'