環境がWindowsServer2012R2以前で、アップデートが許されない環境だった場合、powershell5.0で使えるCompress-Archiveが使えない場合に、.NET Framework4.5(2012r2はデフォルトで入っているはず)があれば使える回避策。
# Variables
$SLOGDIR = "D:\unyo\logs\"
$SLOG_NAME = [System.IO.Path]::GetFileNameWithoutExtension($MyInvocation.MyCommand.Name) + ".log"
$DATE = Get-Date -UFormat "%Y%m%d%H%M%S"
$SLOG = $SLOGDIR + $SLOG_NAME + "." + $DATE
$EVNTAPP = "$env:SystemRoot\System32\Winevt\Logs\Application.evtx"
$EVNTSYS = "$env:SystemRoot\System32\Winevt\Logs\System.evtx"
$EVNTSEC = "$env:SystemRoot\System32\Winevt\Logs\Security.evtx"
$BKUPDIR = "D:\bkup\log\Event\"
$TEMP = $BKUPDIR + "tmp"
# Delete event log older than 62 days
'===================================' >> $SLOG
'start deleting old eventlogs...' >> $SLOG
'===================================' >> $SLOG
Get-ChildItem $BKUPDIR -Recurse | Where-Object {($_.Name -like "*.zip" -and $_.LastWriteTime -lt (Get-Date).AddDays(-62))} | tee-object -variable CHK1 >> $SLOG
if($CHK1 -eq $null){
'No files to be deleted.' >> $SLOG
}else{
'start deletion...' >> $SLOG
$CHK1 | Remove-Item -recurse -force 2>&1 >> $SLOG
'finished.' >> $SLOG
}
'===================================' >> $SLOG
'finished proccessing.' >> $SLOG
'===================================' >> $SLOG
# .NET
'===================================' >> $SLOG
'reading .NET component...' >> $SLOG
'===================================' >> $SLOG
Add-Type -assembly "system.io.compression.filesystem" 2>&1 >> $SLOG
'===================================' >> $SLOG
'finished' >> $SLOG
'===================================' >> $SLOG
# Make Folder(if exists, nothing changes)
'===================================' >> $SLOG
'Check and make required directory only if they did not exist.' >> $SLOG
'===================================' >> $SLOG
New-Item "$BKUPDIR\Application" -type directory -Force >$null 2>> $SLOG
New-Item "$BKUPDIR\System" -type directory -Force >$null 2>> $SLOG
New-Item "$BKUPDIR\Security" -type directory -Force >$null 2>> $SLOG
'===================================' >> $SLOG
'finished' >> $SLOG
'===================================' >> $SLOG
# APPEVNT backup
'===================================' >> $SLOG
"backing up : $EVNTAPP" >> $SLOG
'===================================' >> $SLOG
New-Item $TEMP -ItemType Directory >$null 2>> $SLOG
Copy-Item -Path $EVNTAPP -Destination $TEMP 2>&1 >> $SLOG
Rename-Item $TEMP\Application.evtx -NewName $TEMP\Application.evtx.$DATE 2>&1 >> $SLOG
[io.compression.zipfile]::CreateFromDirectory("$TEMP", "$BKUPDIR\Application\Application.evtx.$DATE.zip") 2>&1 >> $SLOG
Remove-Item -Recurse $TEMP 2>&1 >> $SLOG
'===================================' >> $SLOG
"result :" >> $SLOG
Get-ChildItem $BKUPDIR\Application\Application.evtx.$DATE.zip 2>&1 >>$SLOG
'===================================' >> $SLOG
# SYSEVNT backup
'===================================' >> $SLOG
"backing up : $EVNTSYS" >> $SLOG
'===================================' >> $SLOG
New-Item $TEMP -ItemType Directory >$null 2>> $SLOG
Copy-Item -Path $EVNTSYS -Destination $TEMP 2>&1 >> $SLOG
Rename-Item $TEMP\System.evtx -NewName $TEMP\System.evtx.$DATE 2>&1 >> $SLOG
[io.compression.zipfile]::CreateFromDirectory("$TEMP", "$BKUPDIR\System\System.evtx.$DATE.zip") 2>&1 >> $SLOG
Remove-Item -Recurse $TEMP 2>&1 >> $SLOG
'===================================' >> $SLOG
"result :" >> $SLOG
Get-ChildItem $BKUPDIR\System\System.evtx.$DATE.zip 2>&1 >>$SLOG
'===================================' >> $SLOG
# SECEVNT backup
'===================================' >> $SLOG
"backing up : $EVNTSEC" >> $SLOG
'===================================' >> $SLOG
New-Item $TEMP -ItemType Directory >$null 2>> $SLOG
Copy-Item -Path $EVNTSEC -Destination $TEMP 2>&1 >> $SLOG
Rename-Item $TEMP\Security.evtx -NewName $TEMP\Security.evtx.$DATE 2>&1 >> $SLOG
[io.compression.zipfile]::CreateFromDirectory("$TEMP", "$BKUPDIR\Security\Security.evtx.$DATE.zip") 2>&1 >> $SLOG
Remove-Item -Recurse $TEMP 2>&1 >> $SLOG
'===================================' >> $SLOG
"result :" >> $SLOG
Get-ChildItem $BKUPDIR\Security\Security.evtx.$DATE.zip 2>&1 >>$SLOG
'===================================' >> $SLOG
# delete script log older than 62 days
'===================================' >> $SLOG
'start deleting old script logs...' >> $SLOG
'===================================' >> $SLOG
Get-ChildItem $SLOGDIR | Where-Object {($_.Name -like "$SLOG_NAME*" -and $_.LastWriteTime -lt (Get-Date).AddDays(-62))} | tee-object -variable CHK2 >> $SLOG
if($CHK2 -eq $null){
'No files to be deleted.' >> $SLOG
}else{
'start deletion...' >> $SLOG
$CHK2 | Remove-Item -recurse -force 2>&1 >> $SLOG
'finished.' >> $SLOG
}
'===================================' >> $SLOG
'finished proccessing.' >> $SLOG
'===================================' >> $SLOG
ポイントは2つ。
Add-Type -assembly "system.io.compression.filesystem"
上記で.NET Frameworkからzipfileをインポート。
# [io.compression.zipfile]::CreateFromDirectory("folder", "zipnamewithpath.zip")
上記でフォルダーを指定すること("#"は省く)。
ファイル指定は検索しても出てこなかった。