PowerShell – Logging
Something overlooked in scripting is the value of logging your result. Typically when most system administrators write something in PowerShell they are attempting to achieve a desired result. When the desired result is achieved, why log the steps taken? Furthermore, why bother when we have tools like:
All of these options are great when you are running a script interactively. So how do you track success when you’re not looking at the prompt, and how do you make a log file readable, and re-usable for future scripts?
TSxLogging – PowerShell Module
The Truesec Infrastructure team has in general been using the same logging style for quite a while now. Each member has added their own unique flavor. This has resulted in a relatively robust set of functions which write logs to easily be read by a program called CMTrace. If you’ve ever worked with configuration manager you’re probably familiar.
Eventually we got tired of copy pasting the same set of functions in to a bunch of different scripts. So we simplified them to work from the PowerShell prompt, the ISE IDE, and VSCode IDE. Then we put them in a module and load it to the PowerShell gallery.
This module is available for download now by running:
Install-Module -Name "TSxLogging"
This will then install the module and make it available to you.
The TSxLogging module has only one addressable function. The other function it uses is a helper function. The helper function sets the location where logs are currently being written to. Additionally the get help is fully listed.
Some important things to know about the module. The module uses environment variables to track all the different log files you might currently be writing too. It also supports writing the information to the screen while logging. Allowing you to not have to have verbose/warning/etc duplicated.
If you run the command with just a message, by default it will write the log to the temp directory. You can also write logs to specific directories and files. Here are some examples.
Example 1: Log File Start
This example show cases how a user can write a message to a log file on the desktop, and then write a additional content to the same file without having to re-specify the same information.
Write-TSxLog -Message "Write This log to the desktop" -LogFoldderPath C:\Users\jbenz001\Desktop\ -LogFileName "Example" -LogLevel 1 Write-TSxLog -Message "Write this to the desktop as well"
Example 2: Multi Log Files
This example shows how you can spawn multiple logs, and from the same process write to each of them while in the same console, or in the same script by specifying the log name after the folder, and file name have been defined.
Write-TSxLog -Message "Write This log to the desktop" -LogFoldderPath C:\Users\jbenz001\Desktop\ -LogFileName "Example" -LogLevel 1 Write-TSxLog -Message "Write this to the desktop in log file 2" -LogFoldderPath C:\Users\jbenz001\Desktop\ -LogFileName "LogFile2" Write-TSxLog -Message "Write to example" -LogFileName "Example" Write-TSxLog -Message "Write to two" -LogFileName "LogFile2"
Example 3: No Specified Log File
This example show cases what will happen if you don’t specify a log file and instead just start using the cmdlet.
This module will be updated as time goes on! If you have any feed back you can of course reach out to me on twitter or via e-mail and I’ll be happy to accept feedback. If the module achieves momentum I’ll post the source code on Github for forks, and pull requests.