Having issues with a Copy-Item
so writing powershell script copy logfiles user pc server location. this script run after various spyware/virus cleaners have been run. i used same code each program , of course last item doe snot want play nice, or making error cannot see. hoping different set of eyes can see problem.
one works rkill logfile. the logfile gets created on desktop of account running rkill program. i used following code , worked perfectly:
# 1 - rkill $rkilllog = (get-childitem -path $env:userprofile -filter rkill.txt -recurse) | select-object -expandproperty fullname copy-item $rkilllog ("\\networklocation\incidentresponse\logs\{0:yyyymmdd}-rkill-$env:computername.txt" -f (get-date)) write-verbose "rkill log copied" -verbose
$rkilllog = c:\users\mjd-ir\desktop\rkill.txt
this works mbam well:
# 3 - chameleon mbam $chameleonlog = (get-childitem -path c:\programdata -filter mbam-log*.xml -recurse) | select-object -expandproperty fullname # rename , copy log \\secret2 copy-item $chameleonlog ("\\networklocation\incidentresponse\logs\{0:yyyymmdd}-chameleon_mbam-$env:computername.xml" -f (get-date)) write-verbose "mbam log copied" -verbose
$chameleonlog = c:\programdata\malwarebytes\malwarebytes anti-malware\logs\mbam-log-2015-11-03 (08-33-54).xml
the problem final log need copy. no error comes up, file not copied.
here code:
# 5 - adwclean $adwcleanlog_s = get-childitem -path c:\adwcleaner -filter adwcleaner[s*].txt -recurse | select-object -expandproperty fullname # rename , copy log \\secret2 copy-item $adwcleanlog_s ("\\networklocation\incidentresponse\logs\{0:yyyymmdd}-adwclean_s-$env:computername.txt" -f (get-date)) $adwcleanlog_s = c:\adwcleaner\adwcleaner[s8].txt
in troubleshooting, added rename-item command after first get-child... command , got error that c:\adwcleaner\adwcleaner[s8].txt not exist.
is there obvious reason 1 file not copy?
matt dillon
the code worked great variable.
the problem actual file not being renamed. until can remove [ , ] actual file name using powershell, cannot of anything.
matt dillon
why trying remove it? escape brackets , can copy file without issue:
ps c:\scripts\powershell scripts\misc testing\11-3-2015> ls directory: c:\scripts\powershell scripts\misc testing\11-3-2015 mode lastwritetime length name ---- ------------- ------ ---- d---- 11/3/2015 1:38 pm dest -a--- 11/3/2015 1:27 pm 0 adwcleaner[s1].txt ps c:\scripts\powershell scripts\misc testing\11-3-2015> $adwcleanlog_s = (get-childitem -path .\ -filter adwcleaner[s* | select-object -expandproperty fullname).replace('[','`[').replace(']','`]') ps c:\scripts\powershell scripts\misc testing\11-3-2015> $adwcleanlog_s c:\scripts\powershell scripts\misc testing\11-3-2015\adwcleaner`[s1`].txt ps c:\scripts\powershell scripts\misc testing\11-3-2015> copy-item $adwcleanlog_s .\dest ps c:\scripts\powershell scripts\misc testing\11-3-2015> ls .\dest directory: c:\scripts\powershell scripts\misc testing\11-3-2015\dest mode lastwritetime length name ---- ------------- ------ ---- -a--- 11/3/2015 1:27 pm 0 adwcleaner[s1].txt
Windows Server > Windows PowerShell
Comments
Post a Comment