Author Posts

January 1, 2012 at 12:00 am

by jtl at 2013-02-12 13:01:51

Hello,

I'm trying to put together a script that loops through multiple log files, grabs some info, puts it in a hash table, and makes a custom object from the hash table. So far I have this working for one log in a directory but haven't implemented a looping statement to work on all logs yet. My problem is I can't seem to figure out how to add values (as in new lines representing data from each log) to the custom object properties. Can I somehow add new lines to the object or do I have to append values to the key values in the hash before creating the psobject?

Here is what I have so far:


$log = gci *.txt

[regex] $regex = "REGION:\s(?\w*)"
$region = get-content $log | select-string "REGION:"
$region -match $regex
$region = $matches.region

#get the client
[regex] $regex = "CLIENT:\s(?\w*)"
$client = get-content $log | select-string "CLIENT:"
$client -match $regex
$client = $matches.client

#get technicians Net ID
[regex] $regex = "NET ID:\s(?\w*)"
$netID = get-content $log | select-string "NET ID:"
$netID -match $regex
$netID = $matches.netid

#get the wipe technicians name
$lineNum = ($log | get-content | select-string "PERSON RESPONSIBLE FOR SANITIZING:").LineNumber
$tech = ($log | get-content)[$lineNum]

$logProperties = @{
Region = ""
Client = ""
'Net ID' = ""
Technician = ""
}

$logProperties.Region = $region
$logProperties.Client = $client
$logProperties.'Net ID' = $netID
$logProperties.Technician = $tech

$results = New-Object psobject -Property $logProperties

$results | Select Region, Client, 'Net ID', Technician | Format-Table -AutoSize

Please let me know if I need to provide more information.
Thanks in advance!

by mjolinor at 2013-02-13 05:48:37

It would help to know what the log files look like, and what you expect the output to be. I suspect what you want to do is create more objects from the subsequent log files, rather than trying to add data to the values of that first object, but it's impossible to tell from the details provided in the question.

by jtl at 2013-02-13 07:57:25

Thanks for your reply. This is the output I'm getting from the first log file:


Region Client Net ID Technician
------ ------ ------- ----------
AP LOWG Z8303 rjenkins

After looping through all the logs in the directory I would like for the end result to look like this:


Region Client Net ID Technician
------ ------ ------- ----------
AP LOWG Z8303 rjenkins
AP LOWG Z8303 rjenkins
EMEA LOWG N72202 ufester
AP LOWG ZzZzz rjenkins

Thanks.

by mjolinor at 2013-02-13 08:04:52

Will there be only one instance of each property in a log file, or could each log file contain multiple instances?

by jtl at 2013-02-13 08:44:47

There will be only one instance of each property per log file. I need only values from the following fields from each log (which I have already accomplished).

PERSON RESPONSIBLE FOR SANITIZING:
ufester
REGION: XXX
CLIENT: XXX
NET ID: XXX

Example Log:


-------------------------------------------------------------------------------
** SANITIZE LOG FILE *********************************************************
-------------------------------------------------------------------------------
Generated by cyberCide(R) http://www.cyberscrub.com
Copyright (C) 1999-2006 EAST Technologies
-------------------------------------------------------------------------------

SANITIZING PERFORMED on Tuesday, February 16 2010 at 15:57:51

PERSON RESPONSIBLE FOR SANITIZING:
ufester
DESCRIPTION OF THE COMPUTER THAT WAS SANITIZED:
1QM1S

MEDIA SANITIZED ON THE COMPUTER WITH THE FOLLOWING INFORMATION:
CPU Details: GenuineIntel - Genuine Intel(R) CPU T2300 @ 1.66GHz
BIOS Date: 04/03/07
Chassis Serial: 1QM1S

BIOS Information...
Vendor:Dell Inc.
Version:A08
Release date:04/03/2007

System Information...
Manufacturer:Dell Inc.
ProductName:Latitude D620
Version:
SerialNumber:1QM1S

Baseboard Information...
Manufacturer:Dell Inc.
Product:0TD761
Version:
SerialNumber:.1Q36M1S.CN12968UE6F1.
AssetTag:

System Enclosure or Chassis...
Manufacturer:Dell Inc.
Version:
SerialNumber:1QM1S
AssetTagNumber:

Total number of Hard Disk Present: 2

SANITIZE method:
U.S. Department of Defense Sanitizing (DOD 5220.22-M) (3 passes)

SANITIZE OPTIONS:
Verify sanitizing - disabled
Sanitize drive from back to front - disabled
Perform a last sanitize with zeroes - disabled
Generate sanitizing log (report) file - ENABLED
Use Department of Defense log style for generated log file - ENABLED
Allow the sanitizing process to be interrupted or paused - ENABLED
Sanitize without requiring user intervention - ENABLED
Automatically pause after a sanitize pass ends - disabled
Use ISAAC pseudo-random number generating algorithm - ENABLED
Create partition after sanitizing the drive - disabled
Enable DMA/UDMA transfer mode for IDE/ATA drives - disabled

*******************************************************************************
Hard disk 1 38,154MB (40,007 MiB) (Hitachi HTS541040G9SA00 - MB2O0R - MPBBP2
Hard Drive Serial Number: MPBBP66B55GG
Total number of sectors: 78,140,160
Sanitizing started on Tuesday, February 16 2010 at 15:57:57
PERFORMING SANITIZE PASS 1 OUT OF 3
-------------------------------------------------------------------------------

PERFORMING SANITIZE PASS 2 OUT OF 3
-------------------------------------------------------------------------------

PERFORMING SANITIZE PASS 3 OUT OF 3
-------------------------------------------------------------------------------

SANITIZE COMPLETED on Tuesday, February 16 2010 at 17:03:36
*******************************************************************************
REGION: AP
CLIENT: LOWG
NET ID: ZZSLZ8

Log file processed successfully - 12/26/2012 22:47:12

by mjolinor at 2013-02-13 09:07:35

Wrap your existing code in a foreach loop, creating one object for each log file (don't assign the object to a variable inside the loop – just ouput it).

$logs = gci *.txt

$results =
foreach ($log in $logs)
{
[regex] $regex = "REGION:\s(?\w*)"
$region = get-content $log | select-string "REGION:"
$region -match $regex
$region = $matches.region

#get the client
[regex] $regex = "CLIENT:\s(?\w*)"
$client = get-content $log | select-string "CLIENT:"
$client -match $regex
$client = $matches.client

#get technicians Net ID
[regex] $regex = "NET ID:\s(?\w*)"
$netID = get-content $log | select-string "NET ID:"
$netID -match $regex
$netID = $matches.netid

#get the wipe technicians name
$lineNum = ($log | get-content | select-string "PERSON RESPONSIBLE FOR SANITIZING:").LineNumber
$tech = ($log | get-content)[$lineNum]

$logProperties = @{
Region = ""
Client = ""
'Net ID' = ""
Technician = ""
}

$logProperties.Region = $region
$logProperties.Client = $client
$logProperties.'Net ID' = $netID
$logProperties.Technician = $tech

New-Object psobject -Property $logProperties
}

$results | Select Region, Client, 'Net ID', Technician | Format-Table -AutoSize

by jtl at 2013-02-13 10:03:34

Perfect! Knowing how to do this now will come in handy often.
Thanks so much for the help, mjolinor.