Deleting Symantec files by batch files based on Windows OS edition.

Hello, for one of my customer we are facing low disk space issues on C drives. The servers are windows 2003 and 2008. We found that the virus definition files (approx of 1 GB) exits for 2 days on C drive and thus consumes approx 2 GB of space. I found below script (for windows 2008 & 2003) which deletes the definition files of one day older. I am running these steps as batch file twice (once for windows 2003 & then for windows 2008) as my the path for definition files are different.

By using batch file, is there any that the script will first determine the version on the server and then based on version it will run appropriate command section given below, something like using If\Else? I tried making the batch file script by my own but not able to create it perfectly.


# For windows 2008:
@echo on

for /F "usebackq delims==" %%I in ("servers.txt") do Call :begin %%I
goto :EOF

:begin
set srv=%1
  setlocal enableextensions disabledelayedexpansion
  set "where=\\%srv%\c$\ProgramData\Symantec\Definitions\VirusDefs"
  for /f "skip=1 delims=" %%a in (
    'dir /b /ad /tc /o-d "%where%" ^|findstr /r /c:"^[0-9]*\.[0-9]*$"'
  ) do rmdir /s /q "%where%\%%a"



# For windows 2003:
@echo on

for /F "usebackq delims==" %%I in ("servers.txt") do Call :begin %%I
goto :EOF

:begin
set srv=%1
  setlocal enableextensions disabledelayedexpansion
  set "where=\\%srv%\c$\Program Files\Common Files\Symantec Shared\VirusDefs"
  for /f "skip=1 delims=" %%a in (
    'dir /b /ad /tc /o-d "%where%" ^|findstr /r /c:"^[0-9]*\.[0-9]*$"'
  ) do rmdir /s /q "%where%\%%a"
Nitesh PandeySystem AdministratorAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

oBdACommented:
Try this; it's in test mode and will only display the folders it would delete. Remove the uppercase ECHO in line 15 to run it for real.
The script doesn't bother about the OS version, it just tests for both folders and deletes accordingly if one is found.
@echo off
setlocal

set WhereList="C$\Program Files\Common Files\Symantec Shared\VirusDefs" "C$\ProgramData\Symantec\Definitions\VirusDefs"
for /F "usebackq delims==" %%I in ("servers.txt") do Call :begin %%I
goto :EOF

:begin
set srv=%~1
echo Processing %srv% ...
if exist "\\%srv%\C$" (
	for %%v in (%WhereList%) do (
		if exist "\\%srv%\%%~v" (
			echo ... deleting from '\\%srv%\%%~v'.
			for /f "skip=1 delims=" %%a in ('dir /b /ad /tc /o-d "\\%srv%\%%~v" ^| findstr.exe /r /c:"^[0-9]*\.[0-9]*$"') do (
				ECHO rmdir /s /q "\\%srv%\%%~v\%%a"
			)
			goto :eof
		)
	)
) else (
	echo ... offline or access denied!
)
goto :eof

Open in new window


Edit: added online check.
Tony GiangrecoCommented:
I had that problem on a 2008 server and decided to move SEP & SEPM to a seperete drive so they would not impact the C drive's space. That worked perfect. We also run into the file problem as you mentioned and clear it out about once a month.

Hope this helps!
Nitesh PandeySystem AdministratorAuthor Commented:
Hi, on many of the servers we have only one drive so I have to mostly use scripting solution only. I will try to use above script tomorrow on windows servers.
Become a Certified Penetration Testing Engineer

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

Nitesh PandeySystem AdministratorAuthor Commented:
Hi oDBA, I tested above script on servers but the script checks only the first path and not the second path.
oBdACommented:
Works just fine here.
Note that the script only checks until it finds a folder in the list; it will then return after processing it and not check the next one. In other words: since the 2003 path is listed before the 2008 path, it will never check the 2008 path if the 2003 folder has been found. So if you have a test server with both folders, the 2008 folder will indeed not be checked. You can remove line 18 ("goto :eof") to force it to check all folders.
Output should look like this (test_01: path for 2003 exists, test_02: path for 2008 exists; test_03: neither path exists; foo: server doesn't exist):
Processing test_01 ...
... deleting from '\\test_01\C$\Program Files\Common Files\Symantec Shared\VirusDefs'.
rmdir /s /q "\\test_01\C$\Program Files\Common Files\Symantec Shared\VirusDefs\1.1"
Processing test_02 ...
... deleting from '\\test_02\C$\ProgramData\Symantec\Definitions\VirusDefs'.
rmdir /s /q "\\test_02\C$\ProgramData\Symantec\Definitions\VirusDefs\1.1"
Processing test_03 ...
Processing foo ...
... offline or access denied

Open in new window

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Nitesh PandeySystem AdministratorAuthor Commented:
Hello Mate, removing "goto :eof" helped in resolving the issue. Thank you very much for your help.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Batch

From novice to tech pro — start learning today.