Tuesday, June 23, 2009

Script the World 2; Know Your Variables: article 200910

Take Away: Know your windows variables for portability of your scripts

%time%, %date%, and %computername% are my most commonly used Windows variables. A lot of times when I run a script I am spitting text out to log file and this is where the 3 variables come in handy. I place them at the top of my script preceded with an echo command. This helps me to know when the script kicked off and on what machine it is running.

echo %computername% # spits out the name of your computer

echo %date% # spits out the current date on the system

echo %time% # you guessed it; spits out the current time on the system

Open a command window and try it out there. At the command prompt just type one of my echo statements above, without the # sign and everything behind it and you will see what I am talking about.

I especially like the %time% variable. I perform a %time% echo at the beginning and again at the end of the script to determine how long the script ran. I also use %computername% to help make the script portable. For example notice the following command:

eventquery.vbs /fi "Datetime Ge %1,11:00:00PM" /fi "ID eq 680" /fi "type eq failureaudit" /l security /v /fo csv > %computername%.csv

call c:\evtqury\namedate /Yxz:"ymd" %computername%.csv

blat.exe file.txt -to "joseph@whyjoseph.com" -serverSMTP 10.10.10.20 -f "%computername%@whyjoseph.com" -attacht %computername%*.csv -subject "%computername% login failure audit" -body "This came from c:\evtqury on %computername% where a scheduled task runs to execute this report"

del %computername%*.csv


exit


Now, I am to tired to break down what all this script is doing beyond saying I am reading the security logs for event 680 on a daily basis, mailing a CSV log to myself with the results to see if there are any failed domain logins I need to investigate.

Just notice how I am using the Windows variable %computername% I am using it to name my the output file so it easily differentiated from all of the files from other systems I receive, I am also using it it build the “from” email address so I can sort the messages from each of the servers in my .pst folder. I am using the variable in the body of the email and finally I am using when I delete the my output file.

Because I am using the variable I write one script and copy it out to many servers, such as Server1, Server2 and Server3. If I were to use the server's actual names in the script well then obviously I would have to create script for each server.

To learn what the Microsoft's variables are, or how to create your own see their site:
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/ntcmds_shelloverview.mspx?mfr=true
.

No comments:

Post a Comment