如何解决将解析 DNS 名称添加到哈希表
现在我有这个匆忙
Get-Content (path) |ForEach-Object {
if($_ -match '\(((?:\d{1,3}\.){3}\d{1,3})\) disconnected. (\d+) message\[s\]'){
$IP = $matches[1]
$msgCount = $matches[2] -as [int]
$SMTP[$IP] += $msgCount
}
}
我在该哈希表中的键是 IPv4 地址,为此我需要一个 Resolve-DNSname 并且最好解析的 DNS 名称应该是每个键的另一个值。是否可以这样做并显示解析 Dns 名称时发生错误的时间?
文件示例
30.11.2020 05:05:39 SMTP Server: (Servername) (255.255.255.255) disconnected. 1 message[s] received
30.11.2020 05:05:39 SMTP Server: (Servername) (255.255.254.254) disconnected. 2 message[s] received
30.11.2020 05:05:39 SMTP Server: (Servername) (255.255.255.255) disconnected. 4 message[s] received
30.11.2020 05:05:39 SMTP Server: (Servername) (255.255.234.245) disconnected. 4 message[s] received
30.11.2020 05:05:40 SMTP Server: (Servername) (255.255.253.244) disconnected. 1 message[s] received
30.11.2020 05:05:41 SMTP Server: (Servername) (255.255.255.255) disconnected. 46 message[s] received
30.11.2020 05:05:41 SMTP Server: (Servername) (255.255.234.245) disconnected. 13 message[s] received
解决方法
您不能向 Hashtable 添加额外的值(它只有一个键和一个值),但是如果您使用具有许多属性的 PSObjects,您可以这样做。
$result = Get-Content -Path 'D:\Test\test.txt' | ForEach-Object {
if ($_ -match '\(((?:\d{1,3}\.){3}\d{1,3})\) disconnected\.?\s+(\d+) message\[s\]'){
try {
$dns = [System.Net.Dns]::GetHostEntry($matches[1]).HostName
}
catch {
$dns = 'Not available'
}
[PsCustomObject]@{
IP = $matches[1]
Messages = [int]$matches[2]
DNSName = $dns
}
}
}
#output on screen
$result | Format-Table -AutoSize
# output to Csv file
$result | Export-Csv -Path 'D:\Test\output.csv' -UseCulture -NoTypeInformation
如果您希望将“消息”计数在一起,您可以按 IP 对结果进行分组,如下所示:
$cumulative = $result | Group-Object -Property IP | ForEach-Object {
[PsCustomObject]@{
IP = $_.Name
Messages = ($_.Group | Measure-Object -Property Messages -Sum).Sum
DNSName = $_.Group[0].DNSName
}
}
#output on screen
$cumulative | Format-Table -AutoSize
# output to Csv file
$cumulative | Export-Csv -Path 'D:\Test\cumulative_output.csv' -UseCulture -NoTypeInformation
为了还包括(最近的)日期,我们需要调整正则表达式:
$result = Get-Content -Path 'D:\Test\test.txt' | ForEach-Object {
if($_ -match '^\s*(\d{2}\.\d{2}\.\d{4} \d{2}:\d{2}:\d{2}).*\(((?:\d{1,3})\) disconnected\.?\s+(\d+) message\[s\]'){
try {
$dns = [System.Net.Dns]::GetHostEntry($matches[2]).HostName
}
catch {
$dns = 'Not available'
}
[PsCustomObject]@{
IP = $matches[2]
Messages = [int]$matches[3]
DNSName = $dns
Date = [datetime]::ParseExact($matches[1],'dd.MM.yyyy HH:mm:ss',$null)
}
}
}
#output on screen
$result | Format-Table -AutoSize
# output to Csv file
$result | Export-Csv -Path 'D:\Test\output.csv' -UseCulture -NoTypeInformation
如果您希望将“消息”计数在一起,您可以按 IP 对结果进行分组,如下所示:
$cumulative = $result | Group-Object -Property IP | ForEach-Object {
[PsCustomObject]@{
IP = $_.Name
Messages = ($_.Group | Measure-Object -Property Messages -Sum).Sum
DNSName = $_.Group[0].DNSName
Date = ($_.Group | Sort-Object Date)[-1].Date
}
}
#output on screen
$cumulative | Format-Table -AutoSize
# output to Csv file
$cumulative | Export-Csv -Path 'D:\Test\cumulative_output.csv' -UseCulture -NoTypeInformation
输出类似于:
IP Messages DNSName Date
-- -------- ------- ----
255.255.255.255 51 Not available 30-11-2020 5:05:41
255.255.254.254 2 smtp.somecompany.com 30-11-2020 5:05:39
255.255.234.245 17 www.somecompany.com 30-11-2020 5:05:41
255.255.253.244 1 Not available 30-11-2020 5:05:40
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。