Skip to content
Code
ultratrailrunningags_g7wnyd
2025-05-15T08:41:34-06:00
Copy to Clipboard
# ======= CONFIGURACIÓN ========== $logPath = "C:\inetpub\logs\LogFiles\FTPSVC1" $exportFolder = "$env:USERPROFILE\Desktop" # ======= ENTRADA DE FECHAS ========== $startDateInput = Read-Host "Ingrese la fecha de inicio (yyyy-MM-dd)" $endDateInput = Read-Host "Ingrese la fecha de fin (yyyy-MM-dd)" # Convertir fechas $startDate = [datetime]::ParseExact($startDateInput, "yyyy-MM-dd", $null) $endDate = [datetime]::ParseExact($endDateInput, "yyyy-MM-dd", $null) # ======= INICIALIZACIÓN ========== $allAccesses = @() $loginFailures = @() $fileActions = @() $userCounts = @{} # ======= PROCESAR LOGS ========== $logFiles = Get-ChildItem -Path $logPath -Filter *.log foreach ($file in $logFiles) { if ($file.Name -match "(\d{8})") { $logDate = [datetime]::ParseExact($matches[1], "yyyyMMdd", $null) if ($logDate -ge $startDate -and $logDate -le $endDate) { Get-Content $file.FullName | ForEach-Object { if ($_ -notmatch "^#") { $fields = $_ -split ' ' if ($fields.Length -ge 15) { $date = $fields[0] $time = $fields[1] $ip = $fields[2] $username = $fields[3] $command = $fields[8] $status = $fields[11] $entry = "" + $date + "," + $time + "," + $ip + "," + $username + "," + $command + "," + $status $allAccesses += $entry if ($command -like "*USER*" -and $status -eq "530") { $loginFailures += $entry } if ($command -match "RETR|STOR|DELE|MKD|RMD|RNFR|RNTO") { $fileActions += $entry } if ($username -ne "-" -and $username -ne "") { if ($userCounts.ContainsKey($username)) { $userCounts[$username] += 1 } else { $userCounts[$username] = 1 } } } } } } } } # ======= EXPORTAR CSVs ========== $headers = "Fecha,Hora,IP,Usuario,Comando,Status" Set-Content "$exportFolder\ftp_accesos_completos.csv" $headers $allAccesses | Add-Content "$exportFolder\ftp_accesos_completos.csv" Set-Content "$exportFolder\ftp_login_fallidos.csv" $headers $loginFailures | Add-Content "$exportFolder\ftp_login_fallidos.csv" Set-Content "$exportFolder\ftp_acciones_archivo.csv" $headers $fileActions | Add-Content "$exportFolder\ftp_acciones_archivo.csv" $userSummaryPath = "$exportFolder\ftp_accesos_por_usuario.csv" "Usuario,Accesos" | Set-Content $userSummaryPath foreach ($u in $userCounts.Keys) { "$u,$($userCounts[$u])" | Add-Content $userSummaryPath } # ======= REPORTE HTML BÁSICO ========== $reportHtml = "$exportFolder\Reporte_FTP.html" $reportLines = @() $reportLines += "<html><head><title>Reporte FTP</title></head><body>" $reportLines += "<h1>Reporte de Accesos FTP</h1>" $reportLines += "<p>Desde: $startDateInput<br/>Hasta: $endDateInput</p>" $reportLines += "<h2>Usuarios con Acceso</h2><ul>" foreach ($u in $userCounts.Keys) { $reportLines += "<li>$u: $($userCounts[$u]) accesos</li>" } $reportLines += "</ul>" $reportLines += "<h2>Intentos de login fallidos: $($loginFailures.Count)</h2>" $reportLines += "<h2>Acciones de archivos detectadas: $($fileActions.Count)</h2>" $reportLines += "<p>Archivos exportados a escritorio en formato CSV.</p>" $reportLines += "</body></html>" $reportLines | Set-Content $reportHtml -Encoding UTF8 # ======= SALIDA ========== Write-Host "`n✅ Reporte generado:" Write-Host "📄 $reportHtml" Write-Host "📄 CSVs exportados:" Write-Host " - ftp_accesos_completos.csv" Write-Host " - ftp_login_fallidos.csv" Write-Host " - ftp_acciones_archivo.csv" Write-Host " - ftp_accesos_por_usuario.csv"
Page load link
Go to Top
