AlticapRMMEventLog.ps1
#requires -Version 3.0 ############################# #region RMMTemplate ############################# ############################# #region RMMGlobalParameters ############################# $global:EventSource = $null function Set-EventSource { <# .SYNOPSIS Short Description .DESCRIPTION Detailed Description .EXAMPLE Set-EventSource explains how to use the command can be multiple lines .EXAMPLE Set-EventSource another example can have as many examples as you like #> [CmdletBinding()] param ( [Parameter(Mandatory=$false, Position=0)] [System.Object] $EventSource = $null ) $global:EventSource ="RMM"+$EventSource # SystemServer # SystemWorkstation # HardwareServer # HardwareWorkstation # Security # Backup # Software # Internet # Printer # NAS # Network # Telecom # Mobility } $global:debug = $false function Set-Debug { <# .SYNOPSIS Short Description .DESCRIPTION Detailed Description .EXAMPLE Set-Debug explains how to use the command can be multiple lines .EXAMPLE Set-Debug another example can have as many examples as you like #> [CmdletBinding()] param ( [Parameter(Mandatory=$false, Position=0)] [System.Object] $debug = $false ) $global:debug = $debug } $Global:StartTime = get-date $Global:ErrorCount = 0 $global:Output = "" $Global:nl = [System.Environment]::NewLine $global:EventLog = "RMMScript" $global:EventOK = $global:EventSource + "OK" $global:EventERROR = $global:EventSource + "ERROR" ############################# # RMMGlobalParameters #endregion ############################# function Get-StackIndent { <# .SYNOPSIS Return a string formated containing line numbre in the source code, function where the line resided .DESCRIPTION Return a string formated as below [ 132 DeleteTempAdminUser] Delete user The leading number are the line of code number that is executed (max. 9999) The following string is the calling function name the string length within [] is a maximum of 25 characters The string is padded with SPACE to match the indent level: MAIN => no SPACE FUNCTION => 1 SPACE SUBFUNCTION of FUNCTION => 2 SPACES .EXAMPLE Get-StackIndent #> $padding = 25 $Tab = " " $callStack = Get-PSCallStack $s = $callStack.FunctionName $n = $callStack.ScriptLineNumber $st = "[" if ($s -gt 2) { $sn = "{0,4}" -f $n[2] $st += $sn $st += " " $st += $s[2] } $st = $st.padright($padding," ") $st = $st.substring(0,$padding) $st += "]" for ($i = 1; $i -lt $callStack.count; $i++) { $st += $Tab } return $st } function Write-Event { <# .SYNOPSIS Add the text passed as a parameter into the $global:Output variable If $globel:Debug is defined also writes the text into an event into the log defined in $global:EventLog with event source set as defined in $global:EventSource and EntryType as INFORMATION and EventID 666 Get-StackIndent function is called to add some leading information about the script .EXAMPLE Write-Event "Some text" #> param ([Parameter(Mandatory=$true)][String]$Message) $s = Get-StackIndent $global:Output += " $s$message" + $Global:nl if ($global:debug) { Write-EventLog -LogName $global:EventLog -Source $global:EventSource -EntryType Information -EventID 666 -Message " $s$message" " $s$message" } } function Write-EventError { <# .SYNOPSIS Add the text passed as a parameter into the $global:Output variable. Text added to has $global:Output a leading "!" to indicate that it is an error message If $globel:Debug is defined also writes the text into an event into the log defined in $global:EventLog with event source set as defined in $global:EventSource and EntryType as ERROR and EventID 666 Get-StackIndent function is called to add some leading information about the script .EXAMPLE Write-EventError "Some text" #> param ([Parameter(Mandatory=$true)][String]$Message) $Global:ErrorCount += 1 $s = Get-StackIndent $global:Output += "!$s$message" + $Global:nl if ($global:debug) { Write-EventLog -LogName $global:EventLog -Source $global:EventSource -EntryType Error -EventID 666 -Message "!$s$message" "!$s$message" } } ############################# # RMMEventLogFunctions #endregion ############################# ############################# #region RMMExitFunctions ############################# function Exit-Event { <# .SYNOPSIS Logs various information about the script before leaving with return code to which 1000 has been added (for compatibility with SolarWinds checks) If a temporary admin user was created then delete it Adds to $global:debug, 'runtime' & ErrorCount & $ExitCode If $global:debug is set then write $global:Output to console Writes an EventID $ReturnCode with text $global:Output into the log defined in $global:EventLog with event source set as defined in $global:EventSource and EntryType as INFORMATION .EXAMPLE Exit-Event 1 #> param ([Parameter(Mandatory=$true)][Int]$ReturnCode) if ($global:TempAdminUsername) { DeleteTempAdminUser $global:TempAdminUsername } Write-Event "########################" Write-Event $MyInvocation.ScriptName $EndTime = get-date [int]$TotalDurationSeconds = ($EndTime - $Global:StartTime).TotalSeconds [int]$Durationminutes = ($EndTime - $Global:StartTime).TotalMinutes $DurationSeconds = ($EndTime - $Global:StartTime).Seconds if ($DurationSeconds -gt 60) { Write-Event "RunTime : $Durationminutes m $DurationSeconds s" } else { Write-Event "RunTime : $TotalDurationSeconds s" } Write-Event "ErrorCount : $Global:ErrorCount" if ($ReturnCode -eq 0) { Write-Event "#ReturnCode : $ReturnCode" $evtinfo =$global:EventOK + $Global:nl + $Global:nl + $global:Output Write-EventLog -LogName $global:EventLog -Source $global:EventSource -EntryType Information -EventID $ReturnCode -Message $evtinfo } else { $ReturnCode += 1000 Write-Event "ReturnCode : $ReturnCode" $evtinfo = $global:EventERROR + $Global:nl + $Global:nl + $global:Output Write-EventLog -LogName $global:EventLog -Source $global:EventSource -EntryType Error -EventID $ReturnCode -Message $evtinfo } Write-Event "########################" if (!$global:debug) { $global:Output } exit $ReturnCode } ############################# # RMMExitFunctions #endregion ############################# ############################# #region RMMInit ############################# Set-ExecutionPolicy -ExecutionPolicy Unrestricted if (!$global:EventSource) { Write-Error "`$global:EventSource not set - use Set-EventSource" exit 1 } $templog = $(try { Get-EventLog -LogName $global:EventLog -Newest 1 -Source $global:EventSource -ErrorAction Ignore } catch{}) -ne $null if (!$templog) { New-EventLog -LogName $global:EventLog -Source "RMMUndefined" | out-null New-EventLog -LogName $global:EventLog -Source "RMMSystemServer" | out-null New-EventLog -LogName $global:EventLog -Source "RMMSystemWorkstation" | out-null New-EventLog -LogName $global:EventLog -Source "RMMHardwareServer" | out-null New-EventLog -LogName $global:EventLog -Source "RMMHardwareWorkstation" | out-null New-EventLog -LogName $global:EventLog -Source "RMMSecurity" | out-null New-EventLog -LogName $global:EventLog -Source "RMMBackup" | out-null New-EventLog -LogName $global:EventLog -Source "RMMSoftware" | out-null New-EventLog -LogName $global:EventLog -Source "RMMInternet" | out-null New-EventLog -LogName $global:EventLog -Source "RMMPrinter" | out-null New-EventLog -LogName $global:EventLog -Source "RMMNetwork" | out-null New-EventLog -LogName $global:EventLog -Source "RMMTelecom" | out-null New-EventLog -LogName $global:EventLog -Source "RMMMobility" | out-null New-EventLog -LogName $global:EventLog -Source $global:EventSource | out-null } $evtinfo = "Start " + $MyInvocation.ScriptName Write-EventLog -LogName $global:EventLog -Source $global:EventSource -EntryType Information -EventID 999 -Message $evtinfo ############################# # RMMInit #endregion ############################# ############################# # RMMTemplate #endregion ############################# |