Tuesday, March 15, 2011

Logparser and Powershell

Logparser in powershell

One of the few examples how to use logparser in powershell is from the Microsoft.com Operations blog.

This script is a good base to create more advanced logparser scripts:

$myQuery = new-object -com MSUtil.LogQuery

$szQuery = “Select top 10 * from r:\ex07011210.log”;

$recordSet = $myQuery.Execute($szQuery)

for(; !$recordSet.atEnd(); $recordSet.moveNext())

{

            $record=$recordSet.getRecord();

            write-host ($record.GetValue(0) + “,”+ $record.GetValue(1));

}

$recordSet.Close();

Logparser input formats

The previous example uses the default logparser object, you can extent this with the logparser input formats. with this formats get information from the event-log, different types of logfiles, the Active Directory, the registry and XML files.
Here are the different ProgId’s you can use.

Input Format ProgId
ADS MSUtil.LogQuery.ADSInputFormat
BIN MSUtil.LogQuery.IISBINInputFormat
CSV MSUtil.LogQuery.CSVInputFormat
ETW MSUtil.LogQuery.ETWInputFormat
EVT MSUtil.LogQuery.EventLogInputFormat
FS MSUtil.LogQuery.FileSystemInputFormat
HTTPERR MSUtil.LogQuery.HttpErrorInputFormat
IIS MSUtil.LogQuery.IISIISInputFormat
IISODBC MSUtil.LogQuery.IISODBCInputFormat
IISW3C MSUtil.LogQuery.IISW3CInputFormat
NCSA MSUtil.LogQuery.IISNCSAInputFormat
NETMON MSUtil.LogQuery.NetMonInputFormat
REG MSUtil.LogQuery.RegistryInputFormat
TEXTLINE MSUtil.LogQuery.TextLineInputFormat
TEXTWORD MSUtil.LogQuery.TextWordInputFormat
TSV MSUtil.LogQuery.TSVInputFormat
URLSCAN MSUtil.LogQuery.URLScanLogInputFormat
W3C MSUtil.LogQuery.W3CInputFormat
XML MSUtil.LogQuery.XMLInputFormat
Using logparser to parse IIS logs

if you use the IISW3CinputFormat you can use the field names instead of de row number to get the information from an IIS logfile, it also skips the comment rows in the logfile.

$ObjLogparser = new-object -com MSUtil.LogQuery
$objInputFormat = new-object -com MSUtil.LogQuery.IISW3CInputFormat

$Query = “Select top 10 * from c:\temp\hb\ex071002.log”;

$recordSet = $ObjLogparser.Execute($Query, $objInputFormat)
for(; !$recordSet.atEnd(); $recordSet.moveNext())
{
    $record=$recordSet.getRecord();
    write-host ($record.GetValue(“s-ip”) + “,”+ $record.GetValue(“cs-uri-query”));
}
$recordSet.Close();

Posted On Tuesday, March 15, 2011 3:45 AM | Feedback (0)

Creating a two-way Forest trust with Powershell

Here is a small Powershell script for creating a two-way forest trust.

$localforest = [System.DirectoryServices.ActiveDirectory.Forest]::getCurrentForest()
$strRemoteForest = ‘domain.local’
$strRemoteUser = ‘administrator’
$strRemotePassword = ‘P@ssw0rd’
$remoteContext = New-Object System.DirectoryServices.ActiveDirectory.DirectoryContext(‘Forest’, $strRemoteForest,$strRemoteUser,$strRemotePassword)
$remoteForest = [System.DirectoryServices.ActiveDirectory.Forest]::getForest($remoteContext)
$localForest.CreateTrustRelationship($remoteForest,’Bidirectional’)

Posted On Tuesday, March 15, 2011 3:44 AM | Feedback (1)

Send on behalf for Multiple users on a mailbox

the following snippet can be used to add more than one user to the grantsendonbehalfto property with Powershell and the Exchange Management Shell

get-mailbox dummy |set-mailbox -grantsendonbehalfto “testuser3″

$a = get-mailbox testuser2 | select-object grantsendonbehalfto
$b = get-mailbox dummy| select-object grantsendonbehalfto

$a.grantsendonbehalfto += $b.grantsendonbehalfto[0]

get-mailbox testuser2 |set-mailbox -grantsendonbehalfto $($a.grantsendonbehalfto)

Posted On Tuesday, March 15, 2011 3:43 AM | Feedback (0)