Virtually everything is poshable
Powershell Workstation/Server Audit script update
Following some great comments from Jeffrey Snover and other PowerShell Guru’s on the previous version of my Audit script I have now re-written the script to incompas some of the superior wisdom emparted upon me.
So what does this mean ?
- I am now using a string to store all the html code as I build it up through the script as blogged by Jeffrey here
- I am now using $env:computername rather than localhost – Thanks to Jeffrey Hicks, your right it does look better !
- I am breaking from my switch statements correctly (schoolboy error on my part)
- I am now using a terminating error where needed
- I have changed the keyboard map switch statement into a hashtable
- The code is now over 100 lines shorter and now fits into http://poshcode.org (Cool)
The Bad News
Jeffreys parting comment was:
It would be a lot faster as well.Again – awesome script!
Cheers.
Jeffrey Snover [MSFT]
Unfortunatly although I will agree with the awesome script part when I ran some tests to see if the script ran faster, which I was convinced it would, mainly due to only writing the content out at the end rather than one line at a time I had some supprising results:
PS C:\Audit> measure-command {& “C:\Audit\OldAudit.ps1″}
Days : 0
Hours : 0
Minutes : 0
Seconds : 14
Milliseconds : 57
Ticks : 140570477
TotalDays : 0.000162697311342593
TotalHours : 0.00390473547222222
TotalMinutes : 0.234284128333333
TotalSeconds : 14.0570477
TotalMilliseconds : 14057.0477
PS C:\Audit> measure-command {& “C:\Audit\Audit.ps1″}
Days : 0
Hours : 0
Minutes : 0
Seconds : 18
Milliseconds : 480
Ticks : 184803922
TotalDays : 0.000213893428240741
TotalHours : 0.00513344227777778
TotalMinutes : 0.308006536666667
TotalSeconds : 18.4803922
TotalMilliseconds : 18480.3922
Can anyone shed any light on this as frankly I’m baffled ?!
Thanks again for all the comments on the script and the new version is below:
A sample of the output can be viewed here (best viewed in Internet Explorer):
| Print article | This entry was posted by Virtu-Al on January 9, 2009 at 12:09, and is filed under powershell. Follow any responses to this post through RSS 2.0. You can leave a response or trackback from your own site. |
(3) 
(13) 
(0)
about 1 year ago
good stuff,
about 1 year ago
Great script ! The result looks very nice.
about 1 year ago
Thank you for your comments Mr MVP Sir.
about 1 year ago
Al,
This is a truly excellent piece of work. I have adapted it to use on Exchange servers, to audit certain Exchange specific items. I can send you a copy if you like. The fact that it uses WMI makes it Exchange 2003 only
for now, but I have started work on an Exchange 2007 version.
There is one small little item though on line 64 the gmwi doesn’t point to the $Target, the line should read:
$colQuickFixes = Get-WmiObject $Target Win32_QuickFixEngineering
Once again thanks for an awesome script!
Jean
about 1 year ago
Sorry make that:
Get-WmiObject -computername $Target Win32_QuickFixEngineering
about 1 year ago
Jean,
Thanks for your comments, I have recently adjusted my own version to use a html output that works in all browsers correctly, it also functionises everything to make it look easier to read, if I get a chance I will make the final changes and upload it soon. Your Exchange script sounds great, I would love to give it a go, please can you email it to me… ajw.renouf at googlemail.com
Thanks for reading my blog.
Alan
about 1 year ago
Al,
This looks like it is shaping up to be a great script. I tried to run it today and i got the following messages. The last couple of lines don’t make sense to me, and i don’t see any files being created. let me know what i should do.
No list specified, using APERRAULT1973
Collating Detail for APERRAULT1973
..Hotfix Information
..Logical Disks
..Network Configuration
..Local Shares
..Printers
..Services
..Regional Options
..Event Log Settings
..Event Log Errors
..Event Log Warnings
..Installed Software
Generic failure
At :line:507 char:26
+ $colApps = get-wmiobject <<<< -ComputerName $Target Win32_Product | select Name,Version,Vendor,InstallDate
The ‘+=’ operator failed: Exception of type ‘System.OutOfMemoryException’ was thrown..
At :line:650 char:13
+ $Report+= <<<< ” $($objService.State)”
about 1 year ago
@Aaron
Thats a new one ! Have you tried auditing another machine, doing a quick google search it looks like System.OutOfMemoryException is a memory issue with the .net profiler.
about 1 year ago
Same thing happened when i tried to scan another system. Here are the messages thrown this time. THe last one looks similar, but the one before it puzzles me too.
..Regional Options
..Event Log Settings
..Event Log Errors
Shutting down
At :line:151 char:33
+ $colLoggedEvents = Get-WmiObject <<<=’” + $WmidtQueryDT + “‘”)
..Event Log Warnings
..Installed Software
The ‘+=’ operator failed: Exception of type ‘System.OutOfMemoryException’ was thrown..
At :line:797 char:11
+ $Report+= <<<< ” ”
Off to build another server for a bit.
app
about 1 year ago
@Aaron
Tried running the script from a different machine ?
about 1 year ago
@Virtu-Al
I tried running it from another machine, and even though it took a long time to run, it didn’t error out, and i LOVE the format. I would love to figure out how to get this to run on a daily basis with the General Details, and the Event Log area (filtered for the last couple of days). This would make daily server checks go much quicker (if they happen at all.) There is another script that someone put together in VBS, that i may take a crack at converting to PowerShell.
I wonder if the problems i had running it are due to the fact that i have don’t have PowerShell V1 installed, i have V2 CTP3.
Hope all is well
app
about 1 year ago
I have run it with both versions of powershell and all is fine so far, strange !
Let me know if you need a hand amending it but it should be quite straight forward, someone has already changed it to make it an Exchange audit script which they run on a daily basis here http://www.virtu-al.net/2009/05/07/exchange-audit/
Again, if you need a help with the amendments let me know.
Alan
about 1 year ago
@Virtu-Al
I saw that, but it only works for Exchange 2003, we run 2007. I will let you know if i run into any problems.
about 1 year ago
Wonder if I have been asleep .. saw the original ..
rediscovered the updated .. ‘blown away’ once again.
Most elegant, thanx.
A.
about 1 year ago
Putting in “if ( !$ComputerSystem ){” as seen below will skip computers that are not switched/broken/don’t exsist/etc
Foreach ($Target in $Targets){
Write-Output “Collating Detail for $Target”
$ComputerSystem = Get-WmiObject -computername $Target Win32_ComputerSystem
if ( !$ComputerSystem ){
continue
}
about 1 year ago
@baz
Thanks for the comment, good idea
about 11 months ago
When I run the script I get the following errors:
Using Audit list: servers.txt
Collating Detail for ct501
..Hotfix Information
..Logical Disks
..Network Configuration
..Local Shares
..Printers
..Services
..Regional Options
..Event Log Settings
..Event Log Errors
..Event Log Warnings
Poging door nul te delen.
At E:\__USBdrive\Documents\Scripts\QueryInstalledSoftware\Audit.ps1:413 char:65
+ $percFreespace=[math]::round(((($objDisk.FreeSpace /1048576)/( <<<< $objDisk.Size /1048676)) * 100),0)
..Installed Software
Get-WmiObject : Ongeldige klasse
At E:\__USBdrive\Documents\Scripts\QueryInstalledSoftware\Audit.ps1:507 char:27
+ $colApps = get-wmiobject <<<< -ComputerName $Target Win32_Product | select Name,Version,Vendor,InstallDate
I have tried it to run on several servers and get always the same results.
The software section in the htm file is empty.
Can you help me to find a solution for this?
about 11 months ago
@Arnold
On Windows 2003 the Win32_Product class isn’t installed by default.
You can install it with Add/Remove Windows Component. Look for the
“WMI Windows Installer Provider” component under “Management and
Monitoring Tools”.