Home Esplora Aiuto
Registrati Accedi
pulitux
/
seguridad
1
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Ramo (Branch): master
Rami (Branch) Tag
seguridad
/
3.- Ejercicios
/
23_06_08_get_logs.ps1

23_06_08_get_logs.ps1 2.0 KB
Permalink Cronologia Originale

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061 
  1. $logs_files = (
    2. 

  2. "$env:WINDIR\setupact.log",
    3. 

  3. "$env:WINDIR\setuperr.log",
    4. 

  4. "$env:WINDIR\WindowsUpdate.log",
    5. 

  5. "$env:WINDIR\Debug\mrt.log",
    6. 

  6. "$env:WINDIR\security\logs\scecomp.old",
    7. 

  7. "$env:WINDIR\SoftwareDistribution\ReportingEvents.log",
    8. 

  8. "$env:WINDIR\Logs\CBS\CBS.log",
    9. 

  9. "$env:APPDATA\setupapi.log",
    10. 

  10. "$env:WINDIR\INF\setupapi.dev.log",
    11. 

  11. "$env:WINDIR\INF\setupapi.app.log",
    12. 

  12. "$env:SYSTEMROOT\`$Windows.~BT\Sources\Panther\*.log",
    13. 

  13. "$env:SYSTEMROOT\`$Windows.~BT\Sources\Panther\*.xml",
    14. 

  14. "$env:WINDIR\PANTHER\*.log",
    15. 

  15. "$env:WINDIR\PANTHER\*.xml",
    16. 

  16. "$env:WINDIR\INF\setupapi.dev.log",
    17. 

  17. "$env:WINDIR\INF\setupapi.app.log",
    18. 

  18. "$env:WINDIR\Performance\Winsat\winsat.log",
    19. 

  19. "$env:WINDIR\System32\config\*",
    20. 

  20. "$env:WINDIR\System32\winevt\Logs\*",
    21. 

  21. "$env:PROGRAMDATA\\Microsoft\Windows Defender\Support\*"
    22. 

  22. )
    23. 

  23. 

  24. $thishost = hostname
    25. 

  25. $timestamp = (Get-Date -Format "yyMMddHHmmss")
    26. 

  26. $path = (Get-Location).Path + '\'
    27. 

  27. $dir = $path + '\logs_' + $thishost + "_" + $timestamp
    28. 

  28. $hash_file = 'logs_' + $thishost + "_" + $timestamp + "\hashes.txt"
    29. 

  29. $zip = 'logs_' + $thishost + "_" + $timestamp + ".zip"
    30. 

  30. $localzip = $path + $zip
    31. 

  31. $ftp = 'ftp://ftp.holaformacion.com/ALUMNOS/Antonio/'
    32. 

  32. $ftpuser = "cod1.holaformacion.com"
    33. 

  33. $ftppasswd = "Atrium12022"
    34. 

  34. $remotefile = $ftp + $zip
    35. 

  35. 

  36. New-Item -Path $dir -ItemType Directory
    37. 

  37. 

  38. foreach ($file in $logs_files)
    39. 

  39.     {
    40. 

  40.     if ((Test-Path $file) -ne $false) 
    41. 

  41.         {
    42. 

  42.         $hash = Get-FileHash $file
    43. 

  43.         Write-Output $hash.Hash
    44. 

  44.         Add-Content $hash_file $file
    45. 

  45.         Add-Content $hash_file $hash.Hash
    46. 

  46.         Add-Content $hash_file "`n"
    47. 

  47.         Copy-Item $file -Destination $dir -Force
    48. 

  48.         }
    49. 

  49.     else 
    50. 

  50.         {
    51. 

  51.         Write-Output $file + "fichero no encontrado"
    52. 

  52.         }
    53. 

  53.     }
    54. 

  54. Compress-Archive -Path $dir -DestinationPath $localzip
    55. 

  55. 

  56. Write-Output $remotefile
    57. 

  57. Write-Output $zip
    58. 

  58. 

  59. $client = New-Object System.Net.WebClient
    60. 

  60. $client.Credentials = New-Object System.Net.NetworkCredential($ftpuser,$ftppasswd)
    61. 

  61. $client.UploadFile($remotefile, $localzip)
    62.