Created
August 30, 2016 21:20
-
-
Save terrytrent/4ba42b8aefafccd08e1f86269740b356 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## Event IDs: 1 - Source $EventLogSource created. | |
## Event IDs: 2 - Drive Config Written To Disk: $driveConfig | |
## Event IDs: 3 - Pre-Existing Drive Exists: $Drive | |
## Event IDs: 4 - Pre-Existing Drive does not Exist: $Drive | |
## Define variables | |
$EventLogSource = 'Drive Checker' | |
$DriveConfig = 'C:\Drive.Config' | |
$CurrentDrives = Get-WmiObject -Class Win32_LogicalDisk | Where-Object {$_.VolumeSerialNumber -ne $null} | Select-Object Name,Description,ProviderName,VolumeSerialNumber | |
## Create Event Log If Not Exist | |
if(!([System.Diagnostics.EventLog]::SourceExists($EventLogSource))) | |
{ | |
New-EventLog –LogName Application –Source $EventLogSource | |
Write-EventLog -LogName Application -Source $EventLogSource -Category 6 -EventId 1 -EntryType Information -Message "Source $EventLogSource created." | |
} | |
## Create DriveConfig if it doesn't exist | |
if(!(Test-Path $DriveConfig)) | |
{ | |
$drives = Get-WmiObject -Class Win32_LogicalDisk | Where-Object {$_.VolumeSerialNumber -ne $null} | |
$drives | Select-Object Name,Description,ProviderName,VolumeSerialNumber | Export-Csv -NoTypeInformation -Path $DriveConfig -Force | |
Write-EventLog -LogName Application -Source 'Drive Checker' -Category 2 -EventId 2 -EntryType Information -Message "$DriveConfig written to disk." | |
} | |
## Get Contents of Drive Config | |
$DrivesToSearchThrough = Import-Csv -Path $DriveConfig | |
## Test for the drives against the Drive Config, write to the event log | |
foreach($Drive in $DrivesToSearchThrough) | |
{ | |
if(!($CurrentDrives.Name.Contains($Drive.Name))) | |
{ | |
Write-EventLog -LogName Application -Source $EventLogSource -Category 2 -EventId 4 -EntryType Error -Message "Drive from configuration file not found: $($Drive.Name)" | |
} | |
else | |
{ | |
Write-EventLog -LogName Application -Source $EventLogSource -Category 2 -EventId 3 -EntryType Information -Message "Drive from configuration file found: $($Drive.Name)" | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment