[Powershell] Scripts pour le journal d’évènements

Journal d’évènements sans type Information

# Récupérer les événements du journal 'Application', sauf ceux de type "Information", pour les 90 derniers jours
$events = Get-WinEvent -FilterHashTable @{Logname='Application'; Level=1,2,3} | Where-Object { $_.TimeCreated -ge (Get-Date).AddDays(-90) }

# Compter les occurrences pour chaque ID d'événement pour aujourd'hui, hier, les 3 derniers jours, les 7 derniers jours et les 30 derniers jours
$eventCounts = $events | Group-Object -Property Id | ForEach-Object {
$id = $_.Name
$countToday = ($_.Group | Where-Object { $_.TimeCreated.Date -eq (Get-Date).Date }).Count
$countYesterday = ($_.Group | Where-Object { $_.TimeCreated.Date -eq (Get-Date).AddDays(-1).Date }).Count
$count3Days = ($_.Group | Where-Object { $_.TimeCreated -ge (Get-Date).AddDays(-3) }).Count
$count7Days = ($_.Group | Where-Object { $_.TimeCreated -ge (Get-Date).AddDays(-7) }).Count
$count30Days = $_.Group.Count
$isNewError = !($_.Group | Where-Object { $_.TimeCreated -lt (Get-Date).AddDays(-21) })
[PSCustomObject]@{
Id = $id
CountToday = $countToday
CountYesterday = $countYesterday
Count3Days = $count3Days
Count7Days = $count7Days
Count30Days = $count30Days
IsNewError = $isNewError
}
}

# Ajouter les counts à la liste des événements
$eventsWithCounts = $events | ForEach-Object {
$event = $_
$counts = $eventCounts | Where-Object { $_.Id -eq $event.Id }
[PSCustomObject]@{
IsNewError = $counts.IsNewError
TimeCreated = $event.TimeCreated
Id = $event.Id
LevelDisplayName = $event.LevelDisplayName
Message = $event.Message
CountToday = $counts.CountToday
CountYesterday = $counts.CountYesterday
Count3Days = $counts.Count3Days
Count7Days = $counts.Count7Days
Count30Days = $counts.Count30Days
}
}

# Ajouter des styles CSS
$css = @"

<style>
body { font-family: Arial; }<br />
table { border: 1px solid black; border-collapse: collapse; width: 100%; }<br />
th { border: 1px solid black; padding: 5px; background-color: #005f6b; color: #ffffff; }<br />
td { border: 1px solid black; padding: 5px; }<br />
tr:nth-child(even) {background-color: #f2f2f2;}<br />
tr.newError {background-color: #ff0000; color: #ffffff;}<br />
</style>"@

# Convertir les événements avec counts en un tableau HTML avec CSS
$html = $eventsWithCounts | Select-Object IsNewError, TimeCreated, Id, LevelDisplayName, CountToday, CountYesterday, Count3Days, Count7Days, Count30Days, Message | ConvertTo-Html -Title "Journal d'évènements" -Head $css -Body "
<h2>Journal d'évènements sans type Information</h2>
" -PreContent "

Date de génération du rapport: $(Get-Date)

"

# Ajouter la classe CSS aux lignes avec de nouvelles erreurs
$html = $html -replace '(

True)', '

'

# Supprimer la colonne "IsNewError" du tableau HTML
$html = $html -replace '

IsNewError', ''
$html = $html -replace '

True', ''
$html = $html -replace '

False', ''

# Écrire le tableau HTML dans un fichier
$html | Out-File C:\temp\max.htm

Was this article helpful?

Yes No