Created
December 17, 2020 17:56
-
-
Save adbertram/37b5dd28d38691f616985909c4450cd0 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#requires -Module ActiveDirectory | |
$dnsServer = '' ## This is the server name as a NETBIOS or FQDN | |
$OutputFilePath = 'C:\DNSDebugLogSummary.csv' ## The CSV file that will be created | |
## The log file you specified in the debug logging dialog box | |
$DnsDebugLogFilePath = "\$dnsServer\c$\DnsDebugLog.log" | |
## Find all of the DNS server IPs in the current domain | |
$DnsServerIPs = ((Get-ADDomain).ReplicaDirectoryServers | Resolve-DnsName).IPAddress | |
Write-Verbose -Message "Found DNS servers $($DnsServerIPs -join ',')" | |
## Find all lines in the log file that don't contain the strings 'NOERROR' or are blank. This | |
## retrieves only the lines with errors in them. | |
Select-String -Pattern 'NOERROR|^\s*' -Path $DnsDebugLogFilePath -NotMatch | foreach { | |
try { | |
## Find lines containing an IP address | |
if ($_.Line -match '\b(?:\d{1,3}\.){3}\d{1,3}\b') { | |
Write-Verbose -Message 'Found line with IP address.' | |
$IP = $Matches[0] | |
## If the IP isn't a DNS server it must be a client IP | |
if ($DnsServerIPs -notcontains $IP) { | |
Write-Verbose "Processing IP '$IP'" | |
$Split = $_.Line.Split(' ') | |
$Date = $Split[0] | |
$Time = $Split[1] + $Split[2] | |
$Err = [regex]::Match($_.Line, '\[(.*)\]').Groups[1].Value | |
[pscustomobject]@{ 'Date' = "$Date $Time"; 'IP' = $IP; 'Error' = $Err } | |
} | |
} | |
} catch { | |
Write-Warning $_.Exception.Message | |
} | |
} | Export-Csv -Path $OutputFilePath -Append -NoTypeInformation |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
IPv6 is need to handle which is missing