Help with reading FTP Logfile - PowerShellCommunity.org - Windows PowerShell Discussion Forums - Using PowerShell

Forums Search Members

Forums > Using PowerShell > General PowerShell

Help with reading FTP Logfile

Last Post 30 Oct 2007 04:36 PM by bsonposh. 8 Replies.

Sort:

	Prev Next
You are not authorized to post a reply.

Author

Messages

eric

New Member
Posts:8
Avatar

26 Oct 2007 04:35 PM
I am trying to parse my local FTP logfile and decipher the logs, then act on that to block anyone trying to login as administrator... It was working good on a test computer, but then on a production server i receive errors like the following: NextLog: C:\WINDOWS\system32\LogFiles\MSFTPSVC1\ex071026.log New-Object : Exception calling ".ctor" with "4" argument(s): "The process cannot access the file 'C:\WINDOWS\system32\L ogFiles\MSFTPSVC1\ex071026.log' because it is being used by another process." At C:\BanIP.ps1:18 char:52 + $filestreamInput.Value = new-object <<<< system.io.filestream($filename, New-Object : Exception calling ".ctor" with "1" argument(s): "Stream was not readable." At C:\BanIP.ps1:23 char:49 + $streamReader.Value = new-object <<<< system.io.streamreader($filestreamInput.value) openfile: setting start position to + 8361701 Exception setting "Position": "Cannot access a closed file." At C:\BanIP.ps1:28 char:56 + $filestreamInput.Value.P <<<< osition = $offset openfile: C:\WINDOWS\system32\LogFiles\MSFTPSVC1\ex071026.log length So, before i get into posting the code, or part of it (it's many pages), has anyone out there been able to successfully read an active log file with system.io.filestream commands?

marco.shaw User is Offline

Co-Community Director

Basic Member
Posts:195
Avatar

29 Oct 2007 01:50 PM
Never really a good idea to try to open files with another open file handle on them. Either copy the active file to a temp file (and delete if after) or start some kind of log rotation. Acceptable?

Marco Microsoft MVP - Windows PowerShell: http://www.microsoft.com/mvp PowerGadgets MVP: http://www.powergadgets.com/mvp *Blog: http://marcoshaw.blogspot.com

bsonposh

Basic Member
Posts:392
Avatar

29 Oct 2007 02:26 PM
Try to use tail.exe. If it is able to access the file then you could probably use a String Reader to read the file, but you need to open in share read mode. Understand this relies on the process that has that log open to have opened it in shared read.

Brandon Shell ---------------- Microsoft Powershell MVP https://mvp.support.microsoft.com/profile/Brandon Blog: http://www.bsonposh.com

eric

New Member
Posts:8
Avatar

29 Oct 2007 04:17 PM
I understand tail.exe, and that's a good idea, but that's not exactly what we need. I know that IIS log analyzers like deepmetrix and awstats dont seem to have a problem polling the IIS/FTP logs for a website regularly, and I still don't see why this isn't possible. Here's the code we're using to open the logfile: function openfile([string] $filename, [int] $offset, [ref] $filestreamInput, [ref] $streamReader) { if ([system.io.file]::exists($filename)) { #write-host "openfile: $file exists" } else { write-host "openfile: $file does not exist" return -1 } $filestreamInput.Value = new-object system.io.filestream($filename, [system.io.filemode]::open, [system.io.fileaccess]::read, [system.io.fileshare]::read) $streamReader.Value = new-object system.io.streamreader($filestreamInput.value) if ($offset -gt 0) { write-host "openfile: setting start position to " + $offset $filestreamInput.Value.Position = $offset } write-host ("openfile: $file length " + $filestreamInput.Value.Length) return $filestreamInput.Value.Length } function closefile ($filestreamInput, $streamReader) { if ($streamReader) { $streamReader.Close() } if ($filestreamInput) { $filestreamInput.Close() } } I appreciate your help and I am sure there is a way to make this work if other programs can! function openfile([string] $filename, [int] $offset, [ref] $filestreamInput, [ref] $streamReader) { if ([system.io.file]::exists($filename)) { #write-host "openfile: $file exists" } else { write-host "openfile: $file does not exist" return -1 } $filestreamInput.Value = new-object system.io.filestream($filename, [system.io.filemode]::open, [system.io.fileaccess]::read, [system.io.fileshare]::read) $streamReader.Value = new-object system.io.streamreader($filestreamInput.value) if ($offset -gt 0) { write-host "openfile: setting start position to " + $offset $filestreamInput.Value.Position = $offset } write-host ("openfile: $file length " + $filestreamInput.Value.Length) return $filestreamInput.Value.Length } function closefile ($filestreamInput, $streamReader) { if ($streamReader) { $streamReader.Close() } if ($filestreamInput) { $filestreamInput.Close() } }

eric

New Member
Posts:8
Avatar

29 Oct 2007 04:18 PM
I dont see a way to edit my last post, so forgive me for the double posting of code, it seems the quote button duplicates text.

bsonposh

Basic Member
Posts:392
Avatar

29 Oct 2007 04:19 PM
I wasnt suggesting using Tail.exe for anything other than testing how the log file is open. There are several modes a file can be open in. If it is not open in shared read you will not be able to read it until the process releases the file. I will look at your code and see if I can help.

Brandon Shell ---------------- Microsoft Powershell MVP https://mvp.support.microsoft.com/profile/Brandon Blog: http://www.bsonposh.com

eric

New Member
Posts:8
Avatar

30 Oct 2007 04:24 PM
I appreciate your help!

eric

New Member
Posts:8
Avatar

30 Oct 2007 04:28 PM
by the way, tail.exe seems to work just fine on the logfile.

bsonposh

Basic Member
Posts:392
Avatar

30 Oct 2007 04:36 PM
See if this helps http://www.codeplex.com/PsObject/Thread/View.aspx?ThreadId=7637

Brandon Shell ---------------- Microsoft Powershell MVP https://mvp.support.microsoft.com/profile/Brandon Blog: http://www.bsonposh.com

You are not authorized to post a reply.

Forums > Using PowerShell > General PowerShell

Active Forums 4.1