最近、Powershell.orgフォーラムで同じ質問を投げかけました。その後、望ましい状態の構成用のスクリプトリソースのハックを投稿しました。これを使用して、ログパージルーチンの必要性を解決します。たぶん、このコードのいくつかは他の人に役立つでしょう。
# Requires an E: drive.
configuration LogDirectory
{
param (
[Parameter(Mandatory)]
[ValidateNotNullOrEmpty()]
[string[]]$Node
)
node $Node
{
Script LogDirectoryScript
{
GetScript = {
$result = (Test-Path 'E:\log') -and (schtasks.exe /query /TN Purge_Log_Folder | Select-String Purge_Log_Folder -Quiet)
return @{
GetScript = $GetScript
SetScript = $SetScript
TestScript = $TestScript
Result = $result
}
}
SetScript = {
Write-Verbose 'Creating log directory.'
if ( -not (Test-Path 'E:\log')) {
New-Item -ItemType Directory -Path 'E:\log'
}
Write-Verbose 'Changing permissions to log directory such that any user can write, but only an administrator can read or modify.'
$acl = (Get-Item 'E:\log').GetAccessControl('Access')
$acl.AddAccessRule((New-Object System.Security.AccessControl.FileSystemAccessRule('Users','Write', 'Allow')))
Set-Acl -Path 'E:\log' -AclObject $acl | Out-Host
Write-Verbose 'Scheduling purge task.'
$script = 'Get-ChildItem E:\log\* -Include ex*.log -Recurse | Where-Object {$_.LastWriteTime -lt (Get-Date).AddDays(-7)} | Remove-Item'
Set-Content -Path C:\Windows\Purge_Log_Folder.ps1 -Value $script
$task = 'Powershell.exe -NoProfile -ExecutionPolicy RemoteSigned -File C:\Windows\Purge_Log_Folder.ps1'
SCHTASKS /CREATE /TN Purge_Log_Folder /TR $task /SC DAILY /ST 23:59 /RU SYSTEM /F | Out-Host
Write-Verbose 'Configuring IIS'
# Default Log File Settings for Web Sites <logFile>
# http://www.iis.net/configreference/system.applicationhost/sites/sitedefaults/logfile
Import-Module WebAdministration
Set-WebConfigurationProperty '/system.applicationHost/sites/siteDefaults' -name logFile -value @{
directory = 'E:\log'
localTimeRollover ='true'
period = 'Hourly'
}
}
TestScript = {
(Test-Path 'E:\log') -and (schtasks.exe /query /TN Purge_Log_Folder | Select-String Purge_Log_Folder -Quiet)
}
}
}
}
LogDirectory