Ok, for starters, can you tell me if what I’m trying to do makes any sense? I have a request from one of our sites. They were relaying smtp email off our Exchange server. They now have a new SMTP server and they think they’ve pointed every device to the new SMTP server. But, they wanted me to check to make sure they didn’t miss any devices. So, I did some research and the directories in the attached image is where I think I should find the IP addresses. I did have the script working once. Be honest, I don’t know what changed to where it is throwing all the errors now. All I did was open one of the text files in one of the directories and found an IP address that I knew for sure was there, so, if my script was working correctly, it should find it, verifying the logic at least works. But now the script is throwing errors and I’m not sure why.
I’m not sure why it’s only hitting the first get-childitem and then skips to the next server in the array and only checks the first get-childitem again.
This would minimally tell you what log the match was found in. The Get-ChildItem is recursively searching through all directories and all files in the path, is that correct? Would you not review only specific logs or minimally *.log to only process logs. Another thing would be only searching for logs that are in a date range rather than ALL logs in all subdirectories. You can be much more specific on where to search to dramatically improve performance.
I figured once I got it working, then I would have to somehow find a way to sort by date, because the chances are it has relayed something from those subnets and it’s in a log. I was going to start out with searching all the logs… maybe I would add to the output to give me the filename and the date the filename was modified so I could see how long ago the device tried to relay against it.
