Solved

File Watcher and Deleter with Email notification

Posted on 2016-07-19
5
85 Views
Last Modified: 2016-08-08
Hello All,

I need a little bit of help.  I would like this to be one script, but I am of okay if it is multiple.  At a minimum, please modify the FILE WATCHER and turn it to a FILE DELETER with an email notification option.  If that works, I am a happy camper.  The most important is the email notificaiton with file even if it is two seperate scripts.  

Any help would be appreciated and also can you comment your routine so I can learn from the experience.  

I need a Powershell Script that does the following:

1.  Watch Three Specific Files
      A.  Currently I run three different versions of a powershell script to achieve this (see FILE WATCHER example below)
      C.  The files being watched are D2rwis_devices.xml, D3rwis_devices.xml, and FASTrwis_devices.xml
 
2.  After 10 minutes if one, two, or all three files are not being updated it sends an email to the appropriate distribution lists   (see File Watcher Example below, no modification needed)
     A.  The email includes the file that was not being updated as an attachment
     B.  The name of the file not being updated is listed in the body of the email
     C.  I use filters to monitor the three different files (D2rwis*.xml, D3rwis*.xml, and FASTrwis*xml)
     D.  The file is normally updated every 1 to 2 minutes
     E.  The reason I don't specify a specific name is that in order test the system I put a "xxxxrwis_test.xml" otherwise I would have to delete the live XML data to test the script.  

3.  After 20 minutes if one, two, or all three files are not being updated it sends an email to the appropriate distribution lists   (see File Watcher Example below, no modification needed)
     A.  The email includes the file that was not being updated as an attachment
     B.  The name of the file not being updated is listed in the body of the email

4.  After 30 minutes if one, two, or all three files are not being updated it DELETES the FILE(S) and SENDS an email to the appropriate distribution lists  
     A.  The email includes the file that was deleted as an attachment
     B.  The name of the file that was deleted is listed in the body of the email


FILE WATCHER

$Folder = "D:\Web\FTP root\external"
$filter = 'D2rwis*.xml'

$ReportDate = (Get-Date).AddMinutes(-10)
$ReportItems = @()
Foreach ($File in (Get-ChildItem -Path $Folder -Filter $Filter)) {
	If ($File.LastWriteTime -lt $ReportDate) {
		$ReportItems += $File
	}
}
If (-not $ReportItems) {
	"No files to report."
	Exit
}

$MessageBody = @"
The following D2 RWIS file was older than 10 minutes:

{0}
"@ -f (($ReportItems | % {"[$($_.LastWriteTime)] $($_.Name)"}) -join "`n")

$FullNameList = $ReportItems | Select-Object -ExpandProperty FullName
Send-MailMessage -to "ilopez@dot.state.nv.us" -from "admin@its.nv.gov" -subject "D2 RWIS FILE on ITS SERVER NOT UPDATING" -Body $MessageBody -smtpServer smtp.its.nv.gov -Attachments $FullNameList

Open in new window



FILE DELETER

1.  This Powershell script is used delete any file that is older 25 minutes
      A.  I have three scripts running monitoring three different files (D2rwis*.xml, D3rwis*.xml, and FASTrwis*xml)

Get-ChildItem -path "D:\Web\FTP root\external\" -Filter 'D2rwis*.xml'| Where { !$_.PSIsContainer -and $_.LastWriteTime -lt [datetime]::Now.AddMinutes(-25) } |remove-item

Open in new window

0
Comment
Question by:Israel Anthony Lopez
  • 3
  • 2
5 Comments
 
LVL 68

Expert Comment

by:Qlemo
ID: 41736081
A File System Watcher task requires a change for the files or folders it monitors. It is not suited at all to perform what you ask for.
You rather want to run a scheduled script say every  5 minutes, which checks the file modification date of all three files. The script then would be like
$Folder    = "D:\Web\FTP root\external"
$filter    = 'D2rwis*.xml', 'D3rwis*.xml', 'FASTrwis*.xml'
$mailparam = @{
               SmtpServer = 'smtp.its.nv.gov'
               From       = 'admin@its.nv.gov'
               To         = 'ilopez@dot.state.nv.us'
             }


$files = Get-ChildItem "$Folder\*" -Include $filter

$limit    = (get-date).AddMinutes(-30)
$oldfiles = $files | ? { $_.LastWriteTime -le $limit)
if ($oldfiles)
{
  $oldfiles | remote-item
  Send-MailMessage @mailparam -Subject 'RWIS files 30 minutes update warning' -Body @"
The following files have not been updated within the last 30 minutes and were deleted:
$($oldfiles.FullName -join "`n`n")
"@
}
$files = $files | ? { $_ -notin $oldfiles }

$limit    = (get-date).AddMinutes(-20)
$oldfiles = $files | ? { $_.LastWriteTime -le $limit}
if ($oldfiles)
{
  Send-MailMNessage @mailparam -Subject "RWIS files 20 minutes update warning" -Body @"
The following files have not been updated within the last 20 minutes:
$($oldfiles.FullName -join "`n`n")
"@
} 
$files = $files | ? { $_ -notin $oldfiles }

$limit    = (get-date).AddMinutes(-10)
$oldfiles = $files | ? { $_.LastWriteTime -le $limit}
if ($oldfiles)
{
  Send-MailMNessage @mailparam -Subject "RWIS files 10 minutes update warning" -Body @"
The following files have not been updated within the last 10 minutes:
$($oldfiles.FullName -join "`n`n")
"@
} 
$files = $files | ? { $_ -notin $oldfiles }

# $files now only contains "ok" files 

Open in new window

I've not added a list as attachment, as the body contains the same info now.
I've also not added comments, as the code is kept pretty simple and straight-forward. If you have issues understanding, just ask.

BTW, you should not use real-life data when posting on EE ;-).
0
 
LVL 1

Author Comment

by:Israel Anthony Lopez
ID: 41741408
Qlemo,

I appreciate the update and your time.  I will check this information tomorrow.  Your recommendation is valid for a normal Enterprise environment.  

The only real information is my email address which if you look me up, I am in several documents to include a presentation for Interop.  The SMTP server listed is a relay server and only exposed on the inside.  The user account admin@its.nv.gov is not a real email account and can never be resolved.  The its.nv.gov account is a real network, but we heavily advertise this to the Public.

Internet Explorer only:  http://www.nevadadot.com/cameras  (in the I frame, video is dispalyed using this URL)  We currently distribute streaming video for 350 cameras statewide and it grows every day.  If we include all cameras we have over 880 cameras on our ITS network in one form or another.  

Internet Explorer Only:  http://v2p.its.nv.gov/?syndication=1&syndu=public_reno&syndp=public_reno&syndl=1

Here is a list of all our cameras that we advertise tot he public:  http://v2p.its.nv.gov:90/

98% of the data we collect we share to the public:  http://www.nvroads.com

I am not outside the norm for my industry -- All states provide the same information west of Nebraska:  http://oss.weathershare.org/

Our particular field is called Intelligent Transportation Systems.  I am a former Information Assurance Analyst for the US Army.
0
 
LVL 1

Author Comment

by:Israel Anthony Lopez
ID: 41741531
I am receiving an error.  
PS C:\Users\xxxxxxxxxx>
PS C:\Users\xxxxxxxxxx> $files = Get-ChildItem "$Folder\*" -Include $filter
PS C:\Users\xxxxxxxxxx>
PS C:\Users\xxxxxxxxxx> $limit    = (get-date).AddMinutes(-30)
PS C:\Users\xxxxxxxxxx> $oldfiles = $files | ? { $_.LastWriteTime -le $limit)
[b]Missing closing '}' in statement block.
At line:1 char:53
+ $oldfiles = $files | ? { $_.LastWriteTime -le $limit <<<< )
    + CategoryInfo          : ParserError: (CloseBraceToken:TokenId) [], ParentContainsErrorRecordException
    + FullyQualifiedErrorId : MissingEndCurlyBrace[/b]

PS C:\Users\xxxxxxxxxx> if ($oldfiles)
>> {
>>   $oldfiles | remote-item
>>   Send-MailMessage @mailparam -Subject 'RWIS files 30 minutes update warning' -Body @"
>> The following files have not been updated within the last 30 minutes and were deleted:
>> $($oldfiles.FullName -join "`n`n")
>> "@
>> }
>> $files = $files | ? { $_ -notin $oldfiles }
>>
[b]You must provide a value expression on the right-hand side of the '-' operator.
At line:9 char:27
+ $files = $files | ? { $_ - <<<< notin $oldfiles }
    + CategoryInfo          : ParserError: (:) [], ParentContainsErrorRecordException
    + FullyQualifiedErrorId : ExpectedValueExpression
[/b]
PS C:\Users\xxxxxxxxxx> $limit    = (get-date).AddMinutes(-20)

Open in new window

0
 
LVL 68

Accepted Solution

by:
Qlemo earned 500 total points
ID: 41741859
You are using PowerShell 2, not higher?
We can make sure it works with different PS releases, and correct the typo (first error):
$Folder    = "D:\Web\FTP root\external"
$filter    = 'D2rwis*.xml', 'D3rwis*.xml', 'FASTrwis*.xml'
$mailparam = @{
               SmtpServer = 'smtp.its.nv.gov'
               From       = 'admin@its.nv.gov'
               To         = 'ilopez@dot.state.nv.us'
             }


$files = Get-ChildItem "$Folder\*" -Include $filter

$limit    = (get-date).AddMinutes(-30)
$oldfiles = $files | ? { $_.LastWriteTime -le $limit }
if ($oldfiles)
{
  $oldfiles | remote-item
  Send-MailMessage @mailparam -Subject 'RWIS files 30 minutes update warning' -Body @"
The following files have not been updated within the last 30 minutes and were deleted:
$($oldfiles.FullName -join "`n`n")
"@
}
$files = $files | ? { ($oldFiles | select -Expand Name) -notcontains $_.Name }

$limit    = (get-date).AddMinutes(-20)
$oldfiles = $files | ? { $_.LastWriteTime -le $limit }
if ($oldfiles)
{
  Send-MailMNessage @mailparam -Subject "RWIS files 20 minutes update warning" -Body @"
The following files have not been updated within the last 20 minutes:
$($oldfiles.FullName -join "`n`n")
"@
} 
$files = $files | ? { ($oldFiles | select -Expand Name) -notcontains $_.Name }

$limit    = (get-date).AddMinutes(-10)
$oldfiles = $files | ? { $_.LastWriteTime -le $limit }
if ($oldfiles)
{
  Send-MailMNessage @mailparam -Subject "RWIS files 10 minutes update warning" -Body @"
The following files have not been updated within the last 10 minutes:
$($oldfiles.FullName -join "`n`n")
"@
} 
$files = $files | ? { ($oldFiles | select -Expand Name) -notcontains $_.Name }

# $files now only contains "ok" files 

Open in new window

0
 
LVL 1

Author Closing Comment

by:Israel Anthony Lopez
ID: 41747567
Great  job, I might have a few questions and I appreciate your help.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Utilizing an array to gracefully append to a list of EmailAddresses
A procedure for exporting installed hotfix details of remote computers using powershell
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now