Untitled


New-EventLog -LogName Talon -Source Monitor -ComputerName localhost -ErrorAction SilentlyContinue
$LogTime =(Get-Date -Format "MM/dd/yyyy hh:mm:ss tt")
$LogFile =  "C:\Program Files\TalonFAST\FASTDebugLogs\FAST_SMBConnections.log"
Function LogWrite
{
   Param ([string]$logstring)

   Add-content $Logfile -value "$logTime $logstring"
}

   $FileName = "C:\Program Files\TalonFAST\FASTDebugLogs\FAST_SMBConnections*.log"
 function RotateLog($log) {
    $count= (get-childitem $log2 -name).count
    $count
        $threshold = .01
        $threshold2 = .001
        $file = Get-Item "$log" -ErrorAction SilentlyContinue
        $filedir = "C:\Program Files\TalonFAST\FASTDebugLogs\"
        $server = HostName
        $filesize = $file.length/1MB
        $datetime = Get-Date -uformat "%Y%m%d-%H%M"
        $fdatetime = Get-Date -uformat "%B %e, %Y - %H%M hours"
        $arcdir = "C:\Program Files\TalonFAST\FASTDebugLogs\"

       if ($filesize -lt $threshold2 )
{
            $rotationmessage2 = "
# APPLIANCE ID: $env:ComputerName
# LOG FILES ARE ROTATED EVERY 8 HOURS
# (SINCE THE LAST SYSTEM RESTART) OR
# EVERY 1MB, WHICHEVER HAPPENS EARLIER

"
            Write-Host "$rotationmessage2"
            echo "$rotationmessage2" | Out-File -FilePath "$log" -Append
            }

        if ($filesize -gt $threshold) { #
            $filename = $file.name -replace $file.extension,""
            $newname = "${filename}.${Count}.log"
            Rename-Item -Path $file.fullname -NewName $newname
            #Move-Item $newname -Dest "$arcdir"
            $rotationmessage = "
# APPLIANCE ID: $env:ComputerName
# LOG FILES ARE ROTATED EVERY 8 HOURS
# (SINCE THE LAST SYSTEM RESTART) OR
# EVERY 1MB, WHICHEVER HAPPENS EARLIER

"
            Write-Host "$rotationmessage"
            echo "$rotationmessage" | Out-File -FilePath "$log" -Append
        }
    }

# Call Function
$log = "C:\Program Files\TalonFAST\FASTDebugLogs\FAST_SMBConnections.log" # Specify Log File
$log2 = "C:\Program Files\TalonFAST\FASTDebugLogs\FAST_SMBConnections*.log"
RotateLog($log) # Call Log Rotation Function

function get-shareConnection {
param (
[Parameter(Position=0, Mandatory=$true,HelpMessage="Please enter a server name")]
[string] $Server = ""
,
[Parameter(Position=1,Mandatory=$false)]
[alias("share")]
[string] $sharename = "all"
)
#the processes the function will complete
process {
$serverconnection = Get-WmiObject -ComputerName $Server -Class Win32_SessionConnection

$users = @()
foreach ($connection in $serverconnection){
$conn = "" | select "Ip","User","Share","Connections"
$split = $connection.Dependent.split(",")
$conn.ip = $split[0].replace("Win32_ServerConnection.computername=","").replace('"','')
$conn.user = $split[2].replace("UserName=","").replace('"','')
$conn.share = $split[1].replace("sharename=","").replace('"','')
$conn.connections = $conn.user.count

if ($sharename -eq "all"){$users += $conn}
else{if ($conn.share -eq $sharename){$users += $conn}}
}
$sysinfo = Get-WmiObject -Class Win32_ComputerSystem
$fqdn = “{0}.{1}” -f $sysinfo.Name, $sysinfo.Domain
$users  | Export-Csv -Path C:\results.csv
write-host ("Amount of users connected to FASTData: {0}" -f @($users).Length)
Logwrite ("Amount of users connected to FASTData: {0} " -f @($users).Length)
Write-EventLog –LogName Talon –Source Monitor –EntryType Information –EventID 0 –Message ("{0}",", $fqdn" -f @($users).Length)

#Write-EventLog –LogName Talon –Source Monitor –EntryType Information –EventID 0 –Message ("Amount of users connected to FASTData: {0}" -f @($users).Length)

return $users
}
}


$date = (Get-Date -Format yyyy-mm-dd-hh:mm:ss)
$computer = "LocalHost"
$namespace = "root\CIMV2"
$userSessions = Get-WmiObject -class Win32_ServerConnection -computername $computer -namespace $namespace
$Sessions=$usersessions | select UserName
$Sessions=$Sessions.count
$ShareCount= $usersessions | select ShareName -unique
$sharecount= $sharecount.count
$Test = get-shareConnection $computer FASTData
$Sessions2=$usersessions | select ConnectionID -unique
$Sessions2=$Sessions2.count

if($userSessions -ne $null)
{
    if($sessions -gt 1)
    {
    Write-Host "The total amount of users is: $Sessions."

    LogWrite "The total amount of users is: $sessions"
           #Write-EventLog –LogName Talon –Source Monitor –EntryType Information –EventID 0 –Message "Amount of concurrent sessions: $sessions"


   }
    else
    {
    write-host "The current amount of users is 1."
    logwrite "The current amount of users is 1."
               #Write-EventLog –LogName Talon –Source Monitor –EntryType Information –EventID 0 –Message "Amount of concurrent sessions: 1"
    }


    #Write-Host "The following users are connected to this server: "


    LogWrite "$sharecount different shares being accessed."
    LogWrite "$sessions2 total SMB connections."
    #LogWrite "The following users are connected to this server:"

    foreach ($userSession in $userSessions)
    {

        $userDetails = [string]::Format("User {0} from: {1} on share: {2}", $userSession.UserName, $usersession.ComputerName, $userSession.ShareName)
        #Write-Host $userDetails
        LogWrite $UserDetails
        Write-EventLog –LogName Talon –Source Monitor –EntryType Information –EventID 0 –Message $userdetails

    }
 Get-EventLog -LogName Talon -Source Monitor -ErrorAction SilentlyContinue |
    Select TimeWritten, @{name='ReplacementStrings';Expression={ $_.ReplacementStrings -join ';'}} |
    where {$_.ReplacementStrings -notmatch '^S-1-5'} | Export-Csv C:\TalonMonitor.csv
    Get-EventLog -LogName Talon -Source Monitor -ErrorAction SilentlyContinue |
    Select TimeWritten, @{name='ReplacementStrings';Expression={ $_.ReplacementStrings -join ';'}} |
    where {$_.ReplacementStrings -notmatch '^S-1-5'} | Export-Csv C:\TalonCounter.csv
}