Master PowerShell tricks by Kawula Dave & Rayner Thomas & Kearney Sean & Rafuse Allan & Wilson Ed

Author:Kawula, Dave & Rayner, Thomas & Kearney, Sean & Rafuse, Allan & Wilson, Ed
Language: eng
Format: epub
Published: 2016-12-17T16:00:00+00:00

Things to thing about

After running this script you’ll hopefully find and fix everything. Perhaps you may want to thinking about creating a script, run it as a scheduled task and centralize the results for further auditing.

The Code

$FromDate = (Get-Date).AddDays(-30)

$Content = Get-Content "\$DomainController\c$\Windows\Debug
etlogon.log"

# Run through the netlogon.log (in reverse order, think about speed/performance) while the dates are greater than $FromDate

$MissingEntry = @{}

For ($counter = $Content.Count; $counter -ge 0; $counter--) {

If ($Content[$counter] -match "(\d\d)/(\d\d) (\d\d):(\d\d):(\d\d)") {

$EntryDate = Get-Date -Month $matches[1] -Day $matches[2] -Hour $Matches[3] -Minute $Matches[4] -Second $Matches[5]

if ($EntryDate -lt $FromDate) {

break

}

# Within the timeframe, let's save the IP and Date attempted in a hashtable. Only keep the first hit, which is the latest failed site attempt

$ip = $Content[$counter] -Replace ".* (.*)$", '$1'

If ($MissingEntry[$ip] -eq $null) {

$MissingEntry[$ip]= $EntryDate

}

}

}

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.