The greatest challenge to any thinker is stating the problem in a way that will allow a solution

Bertrand Russell

By

On 15 Aug 2013

PowerShell

Tags: ,


The logs that the Windows DHCP Server creates for client IP requests are only retained for a week. Which is a bit of a problem if you’re trying to investigate some activity on the network that occurred over 7 days ago. You can retain the logs for longer but you need to archive them off yourself.

The script below archives all available logs to a place of your choosing, and can optionally archive IP v6 logs as well.

<###################################################################################################################
 DHCP Log Archiver
 
By Simon Strutt - Aug 2013
 
Archive's Windows DHCP Weekly logs (all logs except today's)
 
Version 1.0
 - Initial creation
 
 
####################################################################################################################>
 
$SourceDir = "C:\Windows\System32\dhcp"     
$DestDir = "C:\Logs"                        # Could be a UNC path like \\server\IT\LogArchive
 
$DateFormat = "yyyyMMdd"                    # Normal format (eg 20130125)
 
$IncIPv6 = $false                           # Archive IPv6 logs as well?
 
 
function Archive-Log ($Src, $Dst) {
    # If log not already archived, copy it over
    if (Test-Path $Dst) {
        Write-Host "$Src already archived to $Dst"
    } else {
        Copy-Item -Path $Src -Destination $Dst
        Write-Host "$Src archived to $Dst"
    }
}
 
 
for ($d=1; $d -le 7; $d++) {
    # Filename of log to archive
    $Logfile = "DhcpSrvLog-" + ((Get-Date).AddDays(-$d)).ToString("ddd") + ".log"
 
    # Create filename for archived log
    $ArchiveName = $env:COMPUTERNAME + "-dhcp-ipv4-" + ((Get-Date).AddDays(-$d)).ToString($DateFormat) + ".log"
 
    Archive-Log -Src "$SourceDir\$Logfile" -Dst "$DestDir\$ArchiveName"
 
    if ($IncIPv6) {
        # Filename of log to archive
        $Logfile = "DhcpV6SrvLog-" + ((Get-Date).AddDays(-$d)).ToString("ddd") + ".log"
 
        # Create filename for archived log
        $ArchiveName = $env:COMPUTERNAME + "-dhcp-ipv6-" + ((Get-Date).AddDays(-$d)).ToString($DateFormat) + ".log"
 
        Archive-Log -Src "$SourceDir\$Logfile" -Dst "$DestDir\$ArchiveName"
    }
}

Schedule the script to run every night, shortly after midnight to ensure an up to date archive of DHCP requests activity.


Leave a Reply

XHTML: You can use these tags if you know what they are: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

ERROR: si-captcha.php plugin says GD image support not detected in PHP!

Contact your web host and ask them why GD image support is not enabled for PHP.

ERROR: si-captcha.php plugin says imagepng function not detected in PHP!

Contact your web host and ask them why imagepng function is not enabled for PHP.