Joe Danyi
asked on
Utilizing IIS Log files to move downloaded files off of web server
Hey there I’m trying to use IIS log files to move files once they have been downloaded, I’ve been able to filter and parse the logs into PowerShell, and have them show info this is my script thus far.
#the log file is viewed in PowerShell like so
date : 2017-01-18
time : 15:01:26
sip : 10.10.1.13
csmethod : GET
csuristem : /testish/
csuriquery : -
sport : 80
csusername : -
cip : 10.10.0.26
csUserAgent : Mozilla/5.0+(Windows+NT+10 .0;+WOW64; +rv:50.0)+ Gecko/2010 0101+Firef ox/50.0
csReferer : -
scstatus : 200
scsubstatus : 0
scwin32status : 0
timetaken : 78
date : 2017-01-18
time : 15:01:29
sip : 10.10.1.13
csmethod : GET
csuristem : /testish/cover.jpg
csuriquery : -
sport : 80
csusername : -
cip : 10.10.0.26
csUserAgent : Mozilla/5.0+(Windows+NT+10 .0;+WOW64; +rv:50.0)+ Gecko/2010 0101+Firef ox/50.0
csReferer : http://books.internal.dsc.essentiadigital.com/testish/
scstatus : 200
scsubstatus : 0
scwin32status : 0
timetaken : 156
#filters out the GET requests and filters out just the jpgs that I want to move (I’m going to do some magic with the date variable once I get this down)
$Selecttomove = $logs |where {$_.csmethod -like "GET"} | where {$_.csuristem -like "*.jpg"} | Select csuristem
It lookgs like this
csuristem
---------
/testish/cover.jpg
#I then simply add the root
$root = "N:\Book Collection\cal"
$move = $root + $selectomove
#this is where I get stuck
I then I would presume run a
Foreach ($gotget in $move) xcopy $gotget blahblah
The trouble is when I check the $move variable I see the following:
N:\Book Collection\cal@{csuristem= /testish/c over.jpg}
So I need too remove the property name and just keep the contents so I just have the filename.
I am open to suggestions if anyone else has a better way to parse log files and move files based upon if they have received Get requests yet.
#the log file is viewed in PowerShell like so
date : 2017-01-18
time : 15:01:26
sip : 10.10.1.13
csmethod : GET
csuristem : /testish/
csuriquery : -
sport : 80
csusername : -
cip : 10.10.0.26
csUserAgent : Mozilla/5.0+(Windows+NT+10
csReferer : -
scstatus : 200
scsubstatus : 0
scwin32status : 0
timetaken : 78
date : 2017-01-18
time : 15:01:29
sip : 10.10.1.13
csmethod : GET
csuristem : /testish/cover.jpg
csuriquery : -
sport : 80
csusername : -
cip : 10.10.0.26
csUserAgent : Mozilla/5.0+(Windows+NT+10
csReferer : http://books.internal.dsc.essentiadigital.com/testish/
scstatus : 200
scsubstatus : 0
scwin32status : 0
timetaken : 156
#filters out the GET requests and filters out just the jpgs that I want to move (I’m going to do some magic with the date variable once I get this down)
$Selecttomove = $logs |where {$_.csmethod -like "GET"} | where {$_.csuristem -like "*.jpg"} | Select csuristem
It lookgs like this
csuristem
---------
/testish/cover.jpg
#I then simply add the root
$root = "N:\Book Collection\cal"
$move = $root + $selectomove
#this is where I get stuck
I then I would presume run a
Foreach ($gotget in $move) xcopy $gotget blahblah
The trouble is when I check the $move variable I see the following:
N:\Book Collection\cal@{csuristem=
So I need too remove the property name and just keep the contents so I just have the filename.
I am open to suggestions if anyone else has a better way to parse log files and move files based upon if they have received Get requests yet.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER