How do i create log file (time, user who run the script and what happen after the script was done)

0
votes

My script makes a folder and ask for foldername then make 2 groups, then asks for what users should be in each group, and gives rights to the groups (read only and read & write)

Now I have done this task, my boss asks me to log it all... make a log file every time the script is run:

  • when (date/month/year)

  • who (the user who ran the script)

  • what (what happen when the script ran)

  • where (where the folders are and where the groups where made)

This is my script:

Start-Transcript -Path "c:\temp\transcript.txt"

    $RW = "RW"
    $RO = "RO"

    $XG1_Filerights = $newFolderName + $RW
    $XG2_FileRights = $newfolderName + $RO   

    $path = "C:\temp\"
    $newFolderName = Read-Host -Prompt "Navngiv nye mappe"
    $newFolderFull = $path + $newFolderName
    Write-Output "Den nye mappe vil være her: $newFolderFull"
    $confirm = Read-Host "bekræfte? Y/N"
    If(($confirm) -ne "y")
    {
        # end
    }
        Else
    {



    New-Item $newFolderFull -ItemType Directory

    New-ADGroup -Name "$XG1_Filerights" -GroupScope DomainLocal
    Write-Output ("{0:yyyy-MM-dd HH:mm:ss} $XG1_Filerights er nu oprettet" -f (Get-Date))
    New-ADGroup -Name "$XG2_FileRights" -GroupScope DomainLocal
    Write-Output ("{0:yyyy-MM-dd HH:mm:ss} $XG2_FileRights er nu oprettet" -f (Get-Date))

    $userRW = read-host -Prompt "Skriv navn på bruger den skal være i $XG1_Filerights med , i mellem"
    foreach ($User in $userRW -split ',')
    {
        Add-ADGroupMember -Identity $XG1_Filerights -members $User
        Write-Output ("{0:yyyy-MM-dd HH:mm:ss} Modify rights have been granted to User {1}" -f (Get-Date),($User))
    }
        $userR = read-host -Prompt "Skriv navn på bruger den skal være i $XG2_FileRights med , i mellem"
        foreach ($User in $userR -split ',')
    {
        Add-ADGroupMember -Identity $XG2_FileRights -members $User
        Write-Output ("{0:yyyy-MM-dd HH:mm:ss} Reading rights have been granted to User {1}" -f (Get-Date),($User))
    }
        Write-Output "Remove Inheritance.."
        icacls $newFolderFull /inheritance:d
    # Rights
        $readOnly = [System.Security.AccessControl.FileSystemRights]"ReadAndExecute"
        $readWrite = [System.Security.AccessControl.FileSystemRights]"modify"
    # Inheritance
        $inheritanceFlag = [System.Security.AccessControl.InheritanceFlags]"ContainerInherit, ObjectInherit"
    # Propagation
        $propagationFlag = [System.Security.AccessControl.PropagationFlags]::None
    # User
        $userRW = New-Object System.Security.Principal.NTAccount($XG1_Filerights)
        $userR = New-Object System.Security.Principal.NTAccount($XG2_FileRights)
    # Type
        $type = [System.Security.AccessControl.AccessControlType]::Allow
        $accessControlEntryDefault = New-Object System.Security.AccessControl.FileSystemAccessRule @("Domain Users", $readOnly, $inheritanceFlag, $propagationFlag, $type)
        $accessControlEntryRW = New-Object System.Security.AccessControl.FileSystemAccessRule @($userRW, $readWrite, $inheritanceFlag, $propagationFlag, $type)
        $accessControlEntryR = New-Object System.Security.AccessControl.FileSystemAccessRule @($userR, $readOnly, $inheritanceFlag, $propagationFlag, $type)
        $objACL = Get-ACL $newFolderFull
        $objACL.RemoveAccessRuleAll($accessControlEntryDefault)
        $objACL.AddAccessRule($accessControlEntryRW)
        $objACL.AddAccessRule($accessControlEntryR)
        Set-ACL $newFolderFull $objACL
    }


    $log = @()
    $date = Get-Date -Format g
    $user = $env:UserName
    $newFolderFull = "c:\folder"
    $log += $date, $user, $newFolderFull
    Stop-Transcript
    $log | add-content "c:\temp\transcript.txt"
1
powershelllogging
Possible duplicate of Create Log File in Powershelluser6811411
what is the result / problem after your last update?T-Me
when the script is done and i have made the folder the groups and put users in the group there is no problem with the code itself, its the logfile it makes. it keeps repeating "Den nye mappe vil være her: C:\temp\test1" 16 times in the fileHenrik Hjortshøj
I could not reproduce that. Have you tried to restart the Powershell to remove all old variables? Are there any loops in code not shown here?T-Me
it may have been a loop since it work restarting powershell, Many many thanks for helping me i really means a lot to me. the only thing left is to make it keep writeing in the same text file and not replace it everytime the script is runHenrik Hjortshøj

1 Answers

1
votes

I would suggest Start-Transcript in combination with different variables you can append to the file. This would be the easiest way.

For example:

Start-Transcript -Path "c:\temp\transcript.txt"
$log = @()
$date = Get-Date
$user = $env:UserName
$newFolderFull = "c:\folder"
$log += $date, $user, $newFolderFull
Stop-Transcript
$log | add-content "c:\temp\transcript.txt"

This works very well with Write-Output.
For example:

    foreach ($User in $userR -split ',') {
        Add-ADGroupMember -Identity $groupnameR -members $User
        Write-Output ("{0:yyyy-MM-dd HH:mm:ss} reading rights have been granted to User {1}" -f (Get-Date),($User))
    }

This will write a line in the log where {0} is replaced by the Date-Time stamp and {1} will be the User.
The Header of the transcript will contain some infos about the host who startet the script as well, but it differs by powershell version.

This way you will see when, who, what, where.