-
Notifications
You must be signed in to change notification settings - Fork 0
/
IISRFBaseline-maxQueryString.psm1
101 lines (83 loc) · 2.63 KB
/
IISRFBaseline-maxQueryString.psm1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
function Get-RFLpQueryMaxQueryString
{
<#
.SYNOPSIS
Creates Logparser query for RF maxQueryString baseline using IIS logs.
.EXAMPLE
Get-RFLpQueryMaxQueryString -Sitename W3SVC1 -LogDir D:\inetpub\Logs\ex*.log -OutputDir D:\WorkingFolder\ -MaxHttp 303
#>
[CmdletBinding()]
param(
[parameter(Mandatory=$true)]
[System.String]
# IIS Sitename of target website.
$Sitename
,
[parameter(Mandatory=$true)]
[System.String]
# IIS log directory.
$LogDir
,
[parameter(Mandatory=$true)]
[System.String]
# Outut directory for writing files.
$OutputDir
,
[parameter(Mandatory=$true)]
[System.Int32]
# Max HTTP Status Code
$MaxHttp
)
$ResultFile = Join-Path -Path $OutputDir -ChildPath 'lp_results_maxQueryString.csv'
return @"
--lp_query_maxQueryString.sql--
SELECT DISTINCT
cs-uri-stem,
cs-uri-query,
STRLEN(cs-uri-query) AS QueryLength
INTO $ResultFile
FROM $LogDir
WHERE
s-sitename LIKE `'$Sitename`'
AND cs-uri-query LIKE `'%`'
AND (sc-status<$MaxHttp AND sc-status>=200)
GROUP BY cs-uri-stem, cs-uri-query
ORDER BY QueryLength DESC
--lp_query_maxQueryString.sql--
"@
} # End function Get-RFLpQueryMaxQueryString
function New-RFLpFileMaxQueryString
{
<#
.SYNOPSIS
Creates Logparser file for RF maxQueryString baseline using IIS logs.
.EXAMPLE
New-RFLpFileMaxQueryString -Sitename W3SVC1 -LogDir D:\inetpub\Logs\ex*.log -OutputDir D:\WorkingFolder\ -MaxHttp 303
#>
[CmdletBinding()]
param(
[parameter(Mandatory=$true)]
[System.String]
# IIS Sitename of target website.
$Sitename
,
[parameter(Mandatory=$true)]
[System.String]
# IIS log directory.
$LogDir
,
[parameter(Mandatory=$true)]
[System.String]
# Outut directory for writing files.
$OutputDir
,
[parameter(Mandatory=$true)]
[System.Int32]
# Max HTTP Status Code
$MaxHttp
)
$FileLocation = Join-Path -Path $OutputDir -ChildPath 'lp_query_maxQueryString.sql'
Get-RFLpQueryMaxQueryString -Sitename $Sitename -LogDir $LogDir -OutputDir $OutputDir -MaxHttp $MaxHttp | Out-File -LiteralPath $FileLocation -Force -Encoding ascii
return $FileLocation
} # End function New-RFLpFileMaxQueryString
Export-ModuleMember -Function 'Get-RFLpQueryMaxQueryString','New-RFLpFileMaxQueryString'