服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 有用的WMIpipe理脚本
Intereting Posts
如何在Exchange 2010中设置电子邮件别名 CentOS VM:确定Anaconda是否已经完成 我的/ var / log / btmp文件很大! 我该怎么办? 从另一个域代理到一个虚拟主机 HWIC-4ESW上的多个isp链接 所有数据库的MySQL Master-Master复制。 怎么样? 设置多个子域以分离在单个主机上运行的虚拟机的最简单方法 启用S​​PDY的Apache显示HTTP / 1.1而不是2.0 服务器推荐创业公司…云是不是? 多个FTP服务器pipe理工​​具 UDP通过路由器自动穿越路由器端口转发? ODSEE 11.1.1.7分页支持 Server 2008 R2 DNS服务器不parsing特定地址 如何在PowerShell中的networking上列出所有计算机操作系统 如何确定在Management Server上安装的OpenView Server的版本?

有用的WMIpipe理脚本

cop1152在回答这个问题时说,他喜欢WMI脚本。 那么,我也是!

你最喜欢的,最好的,最有用的脚本是什么,你想与社区分享?

谢谢。

我在这里收集了一堆WMIC片段。

我写了一封帮助RDPd服务器的同事打开了事件查看器,查看了错误。 然后重复其他3台服务器…每一天。 

' ' WMI script to read all eventlog errors generated since last time this script was run. ' This script reads a datetime value from a file (EventView_date.txt) and uses it to ' construct a WMI query for all windows EventLog entries since then that are of type ' Error or error (seems winxp writes with a lowercase e) ' ' These results are written to a file (EventView_<dts>.log) and the time the script was ' run is written to the date file. This allows this script to be run several times a day ' and will only retrieve the error entries since the last run. ' ' If the date file is not present a new one will be created with the current date/time. ' ' ' Usage: click the vbs file in Windows Explorer to run using wscript. Some information ' will be displayed in message boxes (start time, each computer, number of records found) ' Alternatively type "cscript EventLogErrorView.vbs" in a command prompt to show the ' same details written to the command prompt. This can be used in a batch file, or in ' a scheduled task - the command is cscript, the parameter is this vbs file. ' ' ' On Error Resume Next ' ' update this to refelect the computers to monitor - comma separated for multiple ' arrComputers = Array("server1", "server2") Const wbemFlagReturnImmediately = &h10 Const wbemFlagForwardOnly = &h20 Set objFSO = CreateObject("Scripting.FileSystemObject") today = "" Set objDateFile = objFSO.OpenTextFile ("EventView_date.txt") today = objDateFile.Readline Wscript.echo "today = " & today if (isempty(today)) then WScript.Echo "Date file not found, using today's date at midnight" today = Date & " 00:00:00" end if today = DateToWMIDateString(today) ' write current datetime to file for next run. set objDateFile = objFSO.CreateTextFile("EventView_date.txt") objDateFile.WriteLine(Date & " " & Time) Set objFile = objFSO.CreateTextFile("EventView_" & today & ".log") ' start processing WScript.Echo "Processing All Error reports since: " & today & " (" & WMIDateStringToDate(today) & ")" objFile.WriteLine "Processing All Error reports since: " & today & " (" & WMIDateStringToDate(today) & ")" For Each strComputer In arrComputers objFile.WriteLine objFile.WriteLine objFile.WriteLine objFile.WriteLine "==========================================" objFile.WriteLine "Computer: " & strComputer objFile.WriteLine "==========================================" WScript.Echo "Computer: " & strComputer ' notes: ' timestamp comparisons in WMI queries are in the form YYYYMMDDHHMMSS.milliseconds+exp Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\CIMV2") Set colItems = objWMIService.ExecQuery("SELECT * FROM Win32_NTLogEvent WHERE (Type = 'error' OR Type= 'Error') AND TimeGenerated > '" & today & ".000000+000'", "WQL", _ wbemFlagReturnImmediately + wbemFlagForwardOnly) dim records records = 0 For Each objItem In colItems objFile.WriteLine "CategoryString: " & objItem.CategoryString objFile.WriteLine "ComputerName: " & objItem.ComputerName strData = Join(objItem.Data, ",") objFile.WriteLine "Data: " & strData objFile.WriteLine "EventCode: " & objItem.EventCode objFile.WriteLine "EventIdentifier: " & objItem.EventIdentifier objFile.WriteLine "EventType: " & objItem.EventType strInsertionStrings = Join(objItem.InsertionStrings, ",") objFile.WriteLine "InsertionStrings: " & strInsertionStrings objFile.WriteLine "Logfile: " & objItem.Logfile objFile.WriteLine "Message: " & objItem.Message objFile.WriteLine "SourceName: " & objItem.SourceName objFile.WriteLine "TimeGenerated: " & WMIDateStringToDate(objItem.TimeGenerated) objFile.WriteLine "Type: " & objItem.Type objFile.WriteLine "User: " & objItem.User objFile.WriteLine objFile.WriteLine "------------------------------------------" objFile.WriteLine records = records + 1 Next WScript.Echo " " & records & " records found" objFile.WriteLine " " & records & " records found" Next Function WMIDateStringToDate(dtmDate) WMIDateStringToDate = CDate(Mid(dtmDate, 5, 2) & "/" & _ Mid(dtmDate, 7, 2) & "/" & Left(dtmDate, 4) _ & " " & Mid (dtmDate, 9, 2) & ":" & Mid(dtmDate, 11, 2) & ":" & Mid(dtmDate,13, 2)) End Function ' takes a dd/mm/yyyy hh:mm:ss format and turns it into yyyymmddhhmmss Function DateToWMIDateString(dtmDate) DateToWMIDateString = Year(dtmDate) & PadZeros(Month(dtmDate)) & PadZeros(Day(dtmDate)) & PadZeros(Hour(dtmDate)) & PadZeros(Minute(dtmDate)) & PadZeros(Second(dtmDate)) End Function Function PadZeros(dtmDate) If Len(dtmDate) = 1 Then PadZeros = "0" & dtmDate Else PadZeros = dtmDate End If End Function

一切都在微软的(免费)工具Scriptomatic2!

我最喜欢的一个(因为这是我的第一个)给了我最大的麻烦……我一遍又一遍地写了一遍又一遍,直到它正常工作….是一个脚本,远程“禁用”我们自制的网页filter。

我们使用一个“定制的”(我的)版本的Squid和一些免费的黑名单来过滤和阻止我们的公共机器上的端口(我为一个中等规模的3分支公共图书馆系统工作)。

WMI脚本在人员机器上运行。 一旦工作人员执行它,系统会提示他/她select禁用filter的机器。 脚本执行时,本质上它会从registry级别的Internet Explorer中的代理设置opions中删除复选标记。

该filter是由一个batch file启动的,该文件在主持人会话启动并且计算机自动注销并重新启动时触发。

我们最终只在几台testing机器上使用了我的WMI,但是我真的很高兴能够学习到WMI几乎可以完成任何事情。

脚本是有用的,我能够执行此操作。 但该文件只是显示的信息

==========================================数据:InsertionStrings: 

  1 records found

更重要的是(“EventView_”&今天&“.log”)这个文件只是用EventView_00.log而不是实际的date创build文件。 根据语法,它应该给数据closures)00。

来自WSH JScript: 

 //列出Windows EventLog中的错误(仅筛选上个月的错误)。

函数leadingzero(str){
    如果(str.length == 1)
        返回“0”+ str;
    其他
        返回str;
 }
函数good_date(d){
     var dstr = d.getFullYear()。toString();
     dstr + = leadingzero((d.getMonth()+ 1).toString());
     dstr + = leadingzero(d.getDate()。toString());
     dstr + = leadingzero(d.getHours()。toString());
     dstr + = leadingzero(d.getMinutes()。toString());
     dstr + = leadingzero(d.getSeconds()。toString());
     dstr + =“.000000-000”;
     return dstr;
 }

 // 24 * 3600 * 1000  - 一天
 // 30 * 24 * 3600 * 1000  - 一个月
 time = good_date(new Date(new Date() -  30 * 24 * 3600 * 1000));

 var wbemFlagReturnImmediately = 0x10;
 var wbemFlagForwardOnly = 0x20;

 var objWMIService = GetObject(“winmgmts:\\\\。\\ root \\ CIMV2”);
 var items = objWMIService.ExecQuery(“SELECT * FROM Win32_NTLogEvent WHERE(Type ='Ошибка'OR Type ='Error')AND TimeGenerated>'”+ time +“'”,
         “WQL”,wbemFlagReturnImmediately |  wbemFlagForwardOnly);
 var enumItems = new Enumerator(items);

 for(enumItems.moveFirst();!enumItems.atEnd(); enumItems.moveNext()){
     var i = enumItems.item();
     WScript.Echo(“Type:”+ i.Type +“\ n”+“Message:”+ i.Message +“\ n”+“TimeGenerated:”+ i.TimeGenerated);
 }