-1
基本上,我有一个扫描邮件跟踪日志的脚本,它每隔15分钟检查日志的最后一小时,以便在很短的时间内查找大量电子邮件。我知道如何使用-gt和-notlike进行筛选,但是我希望脚本检查csv是否需要筛选的值。例如有些人希望在短时间内发送大量电子邮件,我需要一个csv例外列表。使用csv文件筛选结果
$ErrorActionPreference = "silentlycontinue"
add-pssnapin Microsoft.Exchange.Management.PowerShell.E2007
add-pssnapin Microsoft.Exchange.Management.PowerShell.Admin
$Now= Get-Date
$start= $Now.AddHours(-1)
#$end= $Now.AddHours(-1)
$Senders = ("bumailhub1","bumailhub2" | Get-MessageTrackingLog -resultsize unlimited - Start "$start" -End "$Now" -EventId SEND | Select-Object ServerHostname,EventId,RecipientCount,Sender,MessageSubject,ConnectorId | where {$_.Connectorid -eq "Outbound new (Stucheck out)"})
********Right here below is where i need it to check for a csv exceptions list, which will contain a list of email addresses that are under the column "Name", and again when creating $csvmaker
$report = $senders | Group-Object Sender | Sort-Object Count -Descending | Where-Object {$_.Count -gt 50 -and $_.Name -NOTLIKE "MicrosoftExchange*"} | Select-object Count, Name
$mailing1 = $report | ConvertTo-HTML | Set-Content c:\TEMP\Date_$((get-date).tostring("MMddyyyy"))_Time_$((get-date).tostring("HHmmss"))_Users_Over_100PERLast2Hour.htm
$exceptions = Import-Csv C:\TEMP\CSVS\Exceptions\Exceptions.csv
$csvmaker = $senders | Group-Object Sender | Sort-Object Count -Descending | Where-Object {$_.Count -gt 100 -and $_.Name -NOTLIKE "MicrosoftExchange*"} | Select-object Count, Name
$csvmade = $csvmaker | ConvertTo-CSV | Set-Content c:\TEMP\CSVS\Users_Over_100PERLast2Hour.csv
$mailing1
$mailing2 = $report | ConvertTo-Html
$subjectreport = $senders | Group-Object MessageSubject | Sort-Object Count -Descending | Where-Object {$_.Count -gt 50 -and $_.Name -NOTLIKE "MicrosoftExchange*"} | Select-object Count, Name
$subjectreportemail = $subjectreport | ConvertTo-Html
$head = Get-Content C:\TEMP\files\head.htm
$report1 = Get-Content C:\TEMP\files\report1.htm
$report2 = Get-Content C:\TEMP\files\report2.htm
If ($report | Where-Object {$_.Count -gt 100})
{
$Sender = "[email protected]"
$SMTPClient = new-object System.Net.Mail.smtpClient
$SMTPClient.host = "mysmtp.mydomain.com"
$MailMessage = new-object System.Net.Mail.MailMessage
$Address = new-object System.Net.Mail.MailAddress("[email protected]")
$Address2 = new-object System.Net.Mail.MailAddress("[email protected]")
$Address3 = new-object System.Net.Mail.MailAddress("[email protected]")
$Address4 = new-object System.Net.Mail.MailAddress("[email protected]")
$Address5 = new-object System.Net.Mail.MailAddress("[email protected]")
$Address6 = new-object System.Net.Mail.MailAddress("[email protected]")
$Address7 = new-object System.Net.Mail.MailAddress("[email protected]")
$MailMessage.Subject = "SPAM EMAIL ALERT"
$MailMessage.Body = $head + $report1 + $subjectreportemail + $report2 + $mailing2
$MailMessage.Sender = $Sender
$MailMessage.From = $Sender
$MailMessage.To.add($Address)
#$MailMessage.To.add($Address2)
#$MailMessage.To.add($Address3)
#$MailMessage.To.add($Address4)
#$MailMessage.To.add($Address5)
#$MailMessage.To.add($Address6)
$MailMessage.To.add($Address7)
$MailMessage.IsBodyHtml = $true
$SMTPClient.Send($MailMessage)
}
$ChkFile = "c:\TEMP\CSVS\Users_Over_100PERLast2Hour.csv"
$FileExists = (Test-Path $ChkFile -PathType Leaf)
If ($FileExists)
{
$Sender = "[email protected]"
$SMTPClient = new-object System.Net.Mail.smtpClient
$SMTPClient.host = "mysmtp.mydomain.com"
$MailMessage = new-object System.Net.Mail.MailMessage
$Address = new-object System.Net.Mail.MailAddress("[email protected]")
$Address2 = new-object System.Net.Mail.MailAddress("[email protected]")
$Address3 = new-object System.Net.Mail.MailAddress("[email protected]")
$Address4 = new-object System.Net.Mail.MailAddress("[email protected]")
$Address5 = new-object System.Net.Mail.MailAddress("[email protected]")
$Address6 = new-object System.Net.Mail.MailAddress("[email protected]")
$Address7 = new-object System.Net.Mail.MailAddress("[email protected]")
$att = new-object Net.Mail.Attachment($ChkFile)
$MailMessage.Subject = "Disabled Mailboxes"
$MailMessage.Body = "Enclosed is a CSV file containing a list of the users who have had there mailboxes disabled as a result of too many email in a short time"
$MailMessage.Attachments.Add($att)
#$MailMessage.Body = $head + $report1 + $subjectreportemail + $report2 + $mailing2
$MailMessage.Sender = $Sender
$MailMessage.From = $Sender
$MailMessage.To.add($Address)
#$MailMessage.To.add($Address2)
#$MailMessage.To.add($Address3)
#$MailMessage.To.add($Address4)
#$MailMessage.To.add($Address5)
#$MailMessage.To.add($Address6)
$MailMessage.To.add($Address7)
$MailMessage.IsBodyHtml = $true
#$Attachment = $mailing
#$MailMessage.Attachements.Add($Attachment)
$SMTPClient.Send($MailMessage)
$att.Dispose()
import-csv c:\TEMP\CSVS\Users_Over_100PERLast2Hour.csv | foreach {disable-mailbox $_.Name -confirm:$false}
Move-Item c:\TEMP\CSVS\Users_Over_100PERLast2Hour.csv c:\TEMP\CSVS\OLD\Date_$((get-date).tostring("MMddyyyy"))_Time_$((get-date).tostring("HHmmss"))_Users_Over_100PERLast2Hour.csv
}
如果将'|'符号放在行尾,则不必使用行连续字符。虽然您使用的方法看起来不错,但我已经多次咬了几次,其中有一些额外的空白符号在续行char之后进入,并且抛出了PowerShell。 –
@KeithHill我的编辑器被配置为在保存时自动删除尾部空格。 ;)我更喜欢用这种方式换行,因为我可以立即看到命令/管道从前一行继续的位置。 –
我尝试了上述想法,但他们似乎都过滤掉了所有的结果。我的脚本中的所有变量都有正确的值,直到碰到? {$ whitlistedSenders -notcontains $ _。Name}'然后结果变成无。这似乎过滤掉了所有的结果。任何其他想法?尽管如此,从csv或txt文件中获取的变量确实会从文件中获取正确的值。 –