Jump to content
Sign in to follow this  
DavidLago

Reports from OpenFiles within a (file)server,(also monitoring the most used extensions)

Recommended Posts

Hello, fellows.

I recently gave fingerbirth to a script that reports out the current files, and users opening those files currently. Also provides a filter for strings/extensions.

Suggestions and improvements are welcome.

#cs  ---------------------------Script Start-------------------------------------
| Author:         DavidLago (Hellfrost)
| Script Function: Reports out a logfile containing openfiles within a (file)server, configured under an ini file
#ce  ----------------------------------------------------------------------------
;---------------------------------------------------------------INCLUDES--------------------------------------------------------------------------------
#include <Process.au3>
#include <GuiConstantsEx.au3>
#include <WindowsConstants.au3>
#include <array.au3>
#include <Date.au3>
;------------------------------------------------------------EXPORT-FOLDER--------------------------------------------------------------------------------
If Not FileExists(@ScriptDir & "\Export") Then
DirCreate(@ScriptDir & "\Export")
EndIf
;------------------------------------------------------------ WHILE LOOP --------------------------------------------------------------------------------
Global $iNow = _NowCalc()
Global $TimeOut = False
While $TimeOut = False
;---------------------------------------------------------VARIABLES-----------------------------------------------------------------------------------
Global $Date = @MON & "-" & @MDAY & "-" & @YEAR
Global $Hour = @HOUR & "'" & @MIN & "''"
Global $FullDate = $Date & "_" & $Hour
Global $ReportDir = @ScriptDir & "\Export\"
;----------------------------------------------------------INI_READ-----------------------------------------------------------------------------------
Global $MailFrom = IniRead("Config.ini", "Mail", "MailFrom", "Script_OpenFiles@AutoITScripting.net")
Global $Mailto = IniRead("Config.ini", "Mail", "Mailto", "")
Global $MailSubj = IniRead("Config.ini", "Mail", "MailSubj", "")
Global $MailBody = IniRead("Config.ini", "Mail", "MailBody", "")
Global $TimeFreq = IniRead("Config.ini", "Time", "Frequency", "60")
Global $TimeDur = IniRead("Config.ini", "Time", "Duration", "24")
Global $ReportOut = $FullDate & "_" & IniRead("Config.ini", "ReportOut", "ReportOut", "Report")
Global $FilterExt = IniRead("Config.ini", "FilterExt", "FilterExt", "N")
Global $FileExt = '"' & IniRead("Config.ini", "FileExt", "FileExt", "exe") & '"'
Global $FormatOut = IniRead("Config.ini", "FormatOut", "FormatOut", "Table")
;-------------------------------------------------------MATH VARIABLES----------------------------------------------------------------------------------
Global $CommandCombo, $CommandFinal, $iDiff, $FreqDurMath
$iTimeFreq = $TimeFreq * 60000 ; Turn to miliseconds
$iTimeDur = $TimeDur ; Turn to minutes
$FreqDurMath = ($TimeDur * 60) / $TimeFreq
;-------------------------------------------------------ERROR-TREATMENT---------------------------------------------------------------------------------
If $iTimeFreq < 900000 Then
MsgBox(4112, "Error", 'The parameter "FREQUENCY" at the config.ini file is set to a number below 15. 15 minutes is the minumum threshold', 5)
$MailBody = 'The Script "' & @ScriptName & '" is reporting the following error: The parameter "FREQUENCY" at the config.ini file is set to a number below 15. ' & @CRLF & '15 minutes is the minumum threshold'
SendMail($MailBody)
Exit
EndIf
If $FreqDurMath < 1 Then
$MailBody = 'The Script "' & @ScriptName & '" The parameters "FREQUENCY" and "DURATION" at the config.ini file is set to a number which prevents it to loop more than once. Do you want to continue?'
SendMail($MailBody)
If MsgBox(4116, "Error", 'The parameters "FREQUENCY" and "DURATION" at the config.ini file is set to a number which prevents it to loop more than once. Do you want to continue?', 10) = 7 Then Exit
EndIf
;----------------------------------------------------------COMMAND BREED I-------------------------------------------------------------------------------
Global $QueryCommand = "/query " & "/FO " & $FormatOut & " /V " & "/nh "
Global $FindCommand = "| find /I " & $FileExt
Global $ExportCommand = " > " & '"' & $ReportDir & $ReportOut & ".log" & '"'
If $FilterExt = "Y" Then
$CommandCombo = $QueryCommand & $FindCommand & $ExportCommand
Else
$CommandCombo = $QueryCommand & $ExportCommand
EndIf
$CommandFinal = "openfiles " & $CommandCombo
;-------------------------------------------------------------OPTIONS-----------------------------------------------------------------------------------
If $FilterExt = "Y" Then
If $FileExt <> "" Then
TrayTip("Message from the " & @ScriptName & " Script: ", 'The command "' & $CommandFinal & '" is running in this server. Options enabled are the following:' & @CRLF & @CRLF & "Filter: " & '"' & $FilterExt & '"' & @CRLF & "Ext/String: " & $FileExt & @CRLF, 1, 1)
Else
TrayTip("Message from the " & @ScriptName & " Script: ", 'The command "' & $CommandFinal & '" is running in this server.', 1, 1)
EndIf
EndIf
;--------MAIN COMMAND-----------------------------------##################
_RunDOS($CommandFinal)
;--------MAIN COMMAND-----------------------------------##################
$iDiff = _DateDiff('h', $iNow, _NowCalc())
Sleep($iTimeFreq) ; <-Frequency
If $iDiff > $iTimeDur Then ; <-- Is time through?
$TimeOut = True
$MailBody = 'The script "' & @ScriptName & '", which was running at the server "' & @ComputerName & '", generated the requested logs successfully. Please, contact your Domain administrator to claim them'
SendMail($MailBody)
EndIf
WEnd ;==> While from line 18
 
;------------------------Function to send e-mail--------------------------------------------------------------------------------------------------------------
Func SendMail($MailBody)
$objEmail = ObjCreate("CDO.Message")
$objEmail.From = $MailFrom
$objEmail.To = $Mailto
$objEmail.Subject = $MailSubj
$objEmail.Textbody = $MailBody
$objEmail.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
$objEmail.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/smtpserver") = _
"mail.domain.net" ;                          <----------------------------------------- Insert your mailserver here
$objEmail.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
$objEmail.Configuration.Fields.Update
$objEmail.Send
EndFunc   ;==>SendMail

Contents of the config.ini file:

#--------------------------------------------------------------------#
#                           Config. ini                                          #
#--------------------------------------------------------------------#
#--------------------------------------------------------------------#
#   OPENFILES REPORT:             
#   Reports out a logfile containing openfiles within a server
#--------------------------------------------------------------------#
 
[Time]
 
# What frequency? (Minutes [minimum: 15 min) / How long? (Hours [Minimum: 1H)
Frequency = 15
Duration = 1
 
 
 
[FilterExt]
 
# GREP Extension/String? ( Y, N)
FilterExt = Y
 
 
 
[FileExt]
 
# What's the extension or string combo to be matched? (.exe; .doc; .csv; Solidworks; Report, etc. (default: line commented by #)
FileExt = doc
 
 
 
[ReportOut]
 
# LogFile Sufix
ReportOut = Report
 
 
 
[FormatOut]
 
# LogFile Format: CSV or Table. (default: table)
FormatOut = CSV
 
 
 
[Mail]
 
MailFrom = Script_OpenFiles@AutoITScripts.com
Mailto = hellfrost@hellfrost.info
MailSubj = OpenFiles Alert Example
MailBody = This message is an alert.

It might be useful for a Domain admin someday.


Just a server analyst that has never been into programming that much. So, small fish here :)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By Nas
      Hi everyone,
      I am trying to make a script that runs a query and show it to me to see if everything is right and then decide if I finish it or not so I made a little script as below :
      #include <ADO.au3> #include <Array.au3> #include <MsgBoxConstants.au3> #include <AutoItConstants.au3> _ADO_EVENTS_SetUp(True) _ADO_ComErrorHandler_UserFunction(_ADO_COMErrorHandler) Local $sDriver = 'SQL Server' Local $sDatabase = 'DataBase' ; change this string to YourDatabaseName Local $sServer = 'Localhost' ; change this string to YourServerLocation Local $sConnectionString = 'DRIVER={' & $sDriver & '};SERVER=' & $sServer & ';DATABASE=' & $sDatabase & ';UID=' & ';PWD=' & ';' ;~ Global $Query = _ ;~ "BEGIN TRAN" & @CRLF & _ ;~ "UPDATE Table" & @CRLF & _ ;~ "SET HOUR = 4" & @CRLF & _ ;~ "WHERE CUST = 'TEST'" & @CRLF & _ ;~ "SELECT * FROM Table" & @CRLF & _ ;~ "WHERE CUST = 'TEST'" & @CRLF & _ ;~ "ROLLBACK TRAN" Global $Query = _ "BEGIN TRAN" & @CRLF & _ "SELECT * FROM Table" & @CRLF & _ "WHERE CUST = 'TEST'" & @CRLF & _ "ROLLBACK TRAN" _Query_Display($sConnectionString, $Query) Func _Query_Display($sConnectionString, $sQUERY) ; Create connection object Local $oConnection = _ADO_Connection_Create() ; Open connection with $sConnectionString _ADO_Connection_OpenConString($oConnection, $sConnectionString) If @error Then Return SetError(@error, @extended, $ADO_RET_FAILURE) ; Executing some query directly to Array of Arrays (instead to $oRecordset) Local $aRecordset = _ADO_Execute($oConnection, $sQUERY, True) ; Clean Up _ADO_Connection_Close($oConnection) $oConnection = Null ; Display Array Content with column names as headers _ADO_Recordset_Display($aRecordset, 'Query Result') EndFunc ;==> _Query_Display When I ran this script it works great, but when I run the query below :
      Global $Query = _ "BEGIN TRAN" & @CRLF & _ "UPDATE Table" & @CRLF & _ "SET HOUR = 4" & @CRLF & _ "WHERE CUST = 'TEST'" & @CRLF & _ "SELECT * FROM Table" & @CRLF & _ "WHERE CUST = 'TEST'" & @CRLF & _ "ROLLBACK TRAN" It doesn't show anything, when I take those begin and rollback it does what it should but still not showing me anything at all, is there a way around it that you know of?
      Thank you.
    • By TheXman
      Purpose (from Microsoft's website)
      The HTTP Server API enables applications to communicate over HTTP without using Microsoft Internet Information Server (IIS). Applications can register to receive HTTP requests for particular URLs, receive HTTP requests, and send HTTP responses. The HTTP Server API includes SSL support so that applications can exchange data over secure HTTP connections without IIS.
      Description
      There have been several times in the past that I wanted to either retrieve information from one of my PCs or execute commands on one of my PCs, whether it was from across the world or sitting on my couch.  Since AutoIt is one of my favorite tools for automating just about anything on my PC, I looked for ways to make to make it happen.  Setting up a full blown IIS server seemed like overkill so I looked for lighter weight solutions.  I though about creating my own AutoIt UDP or TCP server but that just wasn't robust enough,  Then I found Microsoft's HTTP Server API and it looked very promising.  After doing a little research into the APIs, I found that it was flexible & robust enough to handle just about any of the tasks that I required now and in the future.  So a while back I decided to wrap the API functionality that I needed into an AutoIt UDF file to allow me to easily create the functionality I needed at the time.  It has come in very handy over the years.  Of course it wasn't all wrapped up with a nice little bow like it is now.  That only happened when I decided to share it with anyone else who could use it or learn from it.
      The example file that I included is a very granular example of the steps required to get a lightweight HTTP Server up and listening for GET requests.  The UDF is a wrapper for the Microsoft APIs.  That means to do anything over and above what I show in the example, one would probably have to have at least a general knowledge of APIs or the ability to figure out which APIs/functions to use, what structures and data is needed to be passed to them, and in what order.  However, the UDF gives a very solid foundation on which to build upon.  Of course, if anyone has questions about the UDF or how to implement any particular functionality, I would probably help to the extent that I could or point you in the right direction so that you can figure out how to implement your own solution.
      The APIs included in the UDF are the ones that I needed in the past to do what I needed to do.  If any additional APIs need to be added to the UDF file, please make those suggestions in the related forum topic.
      Being that this is basically an AutoIt wrapper for the Microsoft API functions, there's no need to create AutoIt-specific documentation.  All of the UDF functions, structures, constants, and enumerations are named after their Microsoft API counterparts.  Therefore, you can refer to Microsoft's extensive documentation of their HTTP Server API.  As stated earlier, if there is one or more APIs that you find yourself needing for your particular solution, please suggest it in the related Example Scripts forum topic.
      Related Links
      Microsoft HTTP Server API - Start Page
      Microsoft HTTP Server API - API v2 Reference
      Microsoft HTTP Server API - Programming Model
    • By argumentum
      #include <SQLite.au3> ;-- When SQLite is compiled with the JSON1 extensions it provides builtin tools ;-- for manipulating JSON data stored in the database. ;-- This is a gist showing SQLite return query as a JSON object. ;-- https://www.sqlite.org/json1.html Example() Func Example() _SQLite_Startup() ; "<your path>\sqlite3.dll", False, 1) ; https://www.autoitscript.com/autoit3/docs/libfunctions/_SQLite_Startup.htm _SQLite_Open() ; ...if you can not run this due to errors, get the latest DLL from https://www.sqlite.org/ If _SQLite_Exec(-1, "CREATE TABLE users (id INTEGER PRIMARY KEY NOT NULL, full_name TEXT NOT NULL, email TEXT NOT NULL, created DATE NOT NULL );") Then Return 4 If _SQLite_Exec(-1, 'INSERT INTO users VALUES ' & _ '(1, "Bob McFett", "bmcfett@hunters.com", "32-01-01"),' & _ '(2, "Angus O''Vader","angus.o@destroyers.com", "02-03-04"),' & _ '(3, "Imperator Colin", "c@c.c", "01-01-01");') Then Return 5 ; -- Get query data as a JSON object using the ; -- json_group_object() [1] and json_object() [2] functions. _SQLite_GetTable2d_ArrayToConsole("SELECT" & _ " json_group_object(" & _ " email," & _ " json_object('full_name', full_name, 'created', created)" & _ " ) AS json_result" & _ " FROM (SELECT * FROM users WHERE created > ""02-01-01"");") ; {"bmcfett@hunters.com":{"full_name":"Bob McFett","created":"32-01-01"},"angus.o@destroyers.com":{"full_name":"Angus O'Vader","created":"02-03-04"}} ; -- Get query data as a JSON object using the ; -- json_group_array() function to maintain order. _SQLite_GetTable2d_ArrayToConsole("SELECT" & _ " json_group_array(" & _ " json_object('full_name', full_name, 'created', created)" & _ " ) AS my_json_result_OrAnythingReally" & _ " FROM (SELECT * FROM users ORDER BY created);") ; [{"full_name":"Imperator Colin","created":"01-01-01"},{"full_name":"Angus O'Vader","created":"02-03-04"},{"full_name":"Bob McFett","created":"32-01-01"}] ;-- Links ;-- [1] https://www.sqlite.org/json1.html#jgroupobject ;-- [2] https://www.sqlite.org/json1.html#jobj ; example found at https://gist.github.com/akehrer/481a38477dd0518ec0086ac66e38e0e2 EndFunc ;==>Example Func _SQLite_GetTable2d_ArrayToConsole($sSQL, $hDB = -1) Local $aResult, $iRows, $iColumns If _SQLite_GetTable2d($hDB, $sSQL, $aResult, $iRows, $iColumns) Then ConsoleWrite("! SQLite Error: " & _SQLite_ErrCode($hDB) & @CRLF & "! " & _SQLite_ErrMsg($hDB) & @CRLF) Else _SQLite_Display2DResult($aResult) EndIf ConsoleWrite(@CRLF) EndFunc ;==>_SQLite_GetTable2d_ArrayToConsole Based on this example, you can build your own query. 
      The code has all the explanations.
      Enjoy  
    • By RestrictedUser
      Hello Guys and AutoIt Scriptwriters!🎉❤️
      I've created a script to notify to me if RDP main IP changed then send a message via Telegram bot to me
      But some of my RDP's Main IP are @IPAddress1 or @IPAddress3 or Public IP Address...
      I want to detect automatically the IP that windows client can run RDP to remotely control
      This image can help you that what i say, there are three RDP with specified IP, i want to run script in these RDP's then capture those IP's changes then notify me via Telegram bot

    • By Skeletor
      Hi All,
      Here's a really simple question. 
      I ran the code from the helpfile under: _SQLite_Open

      Issue is I end up with an error message: SQLite3.dll Can't be Loaded!
      I placed the *.dll in the include folder, but still nothing. 

      Where must this file be placed.
       
×
×
  • Create New...