我的代码中的问题是,我看不到它 我有Sophos UTM9的一些非常大的EXIM SMTP LOF文件,因此我有一个powerhsell脚本,读取发件人,主题等,它可以正常工作,但是问题是当T ...中有第二个接收器时

问题描述 投票:0回答:1
# Define the path to the log file and the output Excel file $logFilePath = "C:\path\to\your\3.log" $outputExcelPath = "C:\path\to\your\output.xlsx" # Initialize an array to hold the parsed data $emailData = @() # Initialize variables to hold email details $date = $null $sender = $null $receiver = $null $subject = $null # Read the log file line by line Get-Content -Path $logFilePath | ForEach-Object { # Check if the line contains the date and time if ($_ -match '(\d{4}:\d{2}:\d{2}-\d{2}:\d{2}:\d{2})') { # If we have collected all details for the previous email, add it to the array if ($date -and $sender -and $receiver -and $subject) { $emailData += [PSCustomObject]@{ Date = $date Sender = $sender Receiver = $receiver Subject = $subject } # Reset the variables for the next email $date = $null $sender = $null $receiver = $null $subject = $null } # Capture the date and time $date = $matches[1] } # Check if the line contains the sender if ($_ -match 'F From: (.*?) <(.*?)>') { $sender = $matches[2] } # Check if the line contains the receiver if ($_ -match 'T To: (.*)') { $receiver = $matches[1] } # Check if the line contains the subject if ($_ -match 'Subject: (.*)') { $subject = $matches[1] } } # Add the last email details to the array if they exist if ($date -and $sender -and $receiver -and $subject) { $emailData += [PSCustomObject]@{ Date = $date Sender = $sender Receiver = $receiver Subject = $subject } } # Export the data to an Excel file $emailData | Export-Excel -Path $outputExcelPath -AutoSize Write-Host "Data has been exported to $outputExcelPath"

thy是我使用的代码,请有人帮助我吗? 我尝试了一些代码更正,但没有帮助

the是文件的另一个示例
2025:01:15-16:21:24 sutm1kor-2 exim-in[10290]: [104\126] F From: xx xx <[email protected]>
2025:01:15-16:21:24 sutm1kor-2 exim-in[10290]: [105\126] T To: "[email protected]" <[email protected]>,
2025:01:15-16:21:24 sutm1kor-2 exim-in[10290]: [106\126]    "[email protected]" <[email protected]>
2025:01:15-16:21:24 sutm1kor-2 exim-in[10290]: [107\126] C CC: "xx, xx [ADD IT]" <[email protected]>, "xx, xx [ADD
2025:01:15-16:21:24 sutm1kor-2 exim-in[10290]: [108\126]  IT]" <[email protected]>
2025:01:15-16:21:24 sutm1kor-2 exim-in[10290]: [109\126]   Subject: Ihr xxx-xx  xx. xx & Co. xx xx wird
2025:01:15-16:21:24 sutm1kor-2 exim-in[10290]: [110\126]  am 1.3.2025 ablaufen
这一切都属于示例

因此,我试图将所有类似的条目从日志文件中获取到Excel表,我尝试了几天没有成功

您将必须连接日志切割的线路。这可能会让您入门。如果您在问题中包括一个可复制的示例

,那将有所帮助。

$text = @() $text += '2025:01:15-16:21:24 sutm1kor-2 exim-in[10290]: [104\126] F From: xx xx [email protected] ' $text += '2025:01:15-16:21:24 sutm1kor-2 exim-in[10290]: [105\126] T To: "[email protected]" [email protected], ' $text += '2025:01:15-16:21:24 sutm1kor-2 exim-in[10290]: [106\126] "[email protected]" [email protected] ' $text += '2025:01:15-16:21:24 sutm1kor-2 exim-in[10290]: [107\126] C CC: "xx, xx [ADD IT]" [email protected], "xx, xx [ADD ' $text += '2025:01:15-16:21:24 sutm1kor-2 exim-in[10290]: [108\126] IT]" [email protected] ' $text += '2025:01:15-16:21:24 sutm1kor-2 exim-in[10290]: [109\126] Subject: Ihr xxx-xx xx. xx & Co. xx xx wird ' $text += '2025:01:15-16:21:24 sutm1kor-2 exim-in[10290]: [110\126] am 1.3.2025 ablaufen' $mailaddress_regex = "([a-zA-Z0-9._-]+@[a-zA-Z0-9._-]+\.[a-zA-Z0-9_-]+)" $addtonextline = $false for ($i = $text.count-1;$i -ge 0;$i--){ #read file from last line to first $line = $text[$i] if ($addtonextline){$line = $line + $lastline} #if the last line analyzed did not contain a trigger (from, to , cc, ...), add the content to this line if ($line -match "F From") { $senders = Select-String $mailaddress_regex -input $line -AllMatches | % {$_.matches} | % {$_.value} $addtonextline = $false }elseif ($line -match "C CC"){ $ccs = Select-String $mailaddress_regex -input $line -AllMatches | % {$_.matches} | % {$_.value} $addtonextline = $false }elseif ($line -match "T To"){ $to = Select-String $mailaddress_regex -input $line -AllMatches | % {$_.matches} | % {$_.value} $addtonextline = $false }else{ $regex = $line -match "\[\d+\\\d+\]\s(.*)" $lastline = $matches[1] $addtonextline = $true } } write-host "senders:" $senders write-host "---" write-host "to:" $to write-host "---" write-host "ccs:" $ccs
I已切换到

select-string

,因为它允许

-allmatches

开关查找所有出现。
powershell
1个回答
0
投票

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.