[英]powershell filterhashtable credential
I'm having issues adding credentials to my code string. 我在向我的代码字符串添加凭证时遇到问题。 The purpose of this is to pull multiple logs and from a single machine and print out the logs in order of time. 这样做的目的是从一台计算机上提取多个日志,并按时间顺序打印出日志。 For some reason I can never get the get-winevent command to work once I add -credential. 由于某种原因,一旦添加-credential,我将永远无法使get-winevent命令正常工作。 Any input is welcomed! 欢迎任何输入!
$creds = Get-Credential -Message "Please enter creds"
$Startdate = Read-Host -Prompt "Input your start date in the format of mm/dd/yyyy hh:mm:ss am"
Try{
[DateTime]::Parse($Startdate, [System.Globalization.CultureInfo]::GetCultureInfo("en-US"))
}
Catch{
Write-Host "This time format is incorrect."
}
$Enddate = Read-Host -Prompt "Input your end date in the format of mm/dd/yyyy hh:mm:ss am"
Try{
[DateTime]::Parse($Enddate, [System.Globalization.CultureInfo]::GetCultureInfo("en-US"))
}
Catch{
Write-Host "This time format is incorrect."
}
$Logs = @()
do{
$input = (Read-Host "Please enter in the name of a log")
if($input -ne'') {$Logs += $input}
}
until($input -eq '')
$table = foreach ($Log in $Logs)
{
Get-WinEvent -FilterHashtable @{LogName=$Log;StartTime=$Startdate;EndTime=$Enddate} -Credential $creds
}
$table | sort TimeCreated | Format-Table TimeCreated, Logname, Source, Message -wrap
The error I'm currently receiving. 我目前收到的错误。
Get-WinEvent : Attempted to perform an unauthorized operation. Get-WinEvent:尝试执行未经授权的操作。 At line:40 char:5 + Get-WinEvent -FilterHashtable @{LogName=$Log;StartTime=$Startdate ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [Get-WinEvent], UnauthorizedAccessException + FullyQualifiedErrorId : System.UnauthorizedAccessException,Microsoft.PowerShell.Commands.GetWinEventCommand 在第40行:char:5 + Get-WinEvent -FilterHashtable @ {LogName = $ Log; StartTime = $ Startdate ... + ~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + + CategoryInfo:未指定:(: )[Get-WinEvent],UnauthorizedAccessException + FullyQualifiedErrorId:System.UnauthorizedAccessException,Microsoft.PowerShell.Commands.GetWinEventCommand
I think the error comes from not feeding the -FilterHashtable
with the correct data types for $Startdate
and $Enddate
. 我认为错误是由于没有为-FilterHashtable
提供$Startdate
和$Enddate
正确的数据类型而$Enddate
。 You check if the users input is in a valid DateTime format, but the variables themselves remain Strings. 您检查用户输入的格式是否有效,但变量本身仍为字符串。 The -FilterHashtable
requires these parameters to be DateTime
objects as shown in the below table: -FilterHashtable
要求这些参数为DateTime
对象,如下表所示:
Key name Value data type
--------------- ---------------
LogName <String[]>
ProviderName <String[]>
Path <String[]>
Keywords <Long[]>
ID <Int32[]>
Level <Int32[]>
StartTime <DateTime>
EndTime <DateTime>
UserID <SID>
Data <String[]>
Try this: 尝试这个:
$creds = Get-Credential -Message "Please enter creds"
# Create variable for parsed start date
[datetime]$Startdate = Get-Date
do {
$input = Read-Host -Prompt "Enter your start date. Use format 'mm/dd/yyyy hh:mm:ss am'"
# Check the user input
$success = ([DateTime]::TryParse($input,
[System.Globalization.CultureInfo]::GetCultureInfo("en-US"),
[System.Globalization.DateTimeStyles]::None,
[ref]$Startdate))
} while (!$success)
# Create variable for parsed end date
[datetime]$Enddate = Get-Date
do {
$input = Read-Host -Prompt "Enter your end date. Use format 'mm/dd/yyyy hh:mm:ss am'"
# Check the user input
$success = ([DateTime]::TryParse($input,
[System.Globalization.CultureInfo]::GetCultureInfo("en-US"),
[System.Globalization.DateTimeStyles]::None,
[ref]$Enddate))
} while (!$success)
$Logs = @()
while ($true) {
$logName = Read-Host -Prompt "Please enter in the name of a log"
if ([string]::IsNullOrEmpty($logName)) { break }
$Logs += $logName
}
$table = foreach ($Log in $Logs) {
# note that we use [DateTime] objects $Startdate and $Enddate
Get-WinEvent -FilterHashtable @{LogName=$Log;StartTime=$Startdate;EndTime=$Enddate} -Credential $creds
}
$table | Sort-Object TimeCreated | Format-Table TimeCreated, Logname, Source, Message -Wrap
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.