The following article describes how to use the tool 'ProcessLogs.vbs'. The tool enables you to generate reports of files and associated applications affected (where possible) from multiple endpoints based on the logs generated by the tool 'FixUpdate.vbs' detailed in article 118323.
What To Do
- If you have not already done so, run the 'FixUpdate.vbs' tool on affected endpoints with the switches:
/logpath:[location] in order for the tool documented in this article to collate the resultant log files in to a single report.
Note: This article assumes that you have a share called 'Logs', within which are a number of directories representing endpoints that have returned log files to be analyzed by this tool. E.g.
- Download the file 'ProcessLogs.vbs' from here.
- On a computer with read access to the share, in this example: '\\server\logs\' run the following command:
cscript ProcessLogs.vbs /logpath:"\\server\logs\"
- For more information on the command line options you can run:
cscript ProcessLogs.vbs /Help
- the ‘Readme.txt’ file contained within the archive also has information on the command line options.
- Once complete, the script generates the following file:
- <timestamp>_FileSummary.csv - contains a list of the file counts for the logs collected by FixUpdate.
- <timestamp>_FileDetail.csv - contains the collated results from the logs collected by FixUpdate.
- Using an application such as Excel it is possible to generate a number of reports from '<timestamp>_FileDetail.csv' which will help you identify which computers have potentially broken installations.
Important: As ProcessLogs reads the latest collection of logs from each 'client directory', it may be necessary to re-run the ‘FixUpdate.vbs’ script on the clients again in order for ProcessLogs to compile an up to date report from the latest collection of client logs.
- We encourage you to submit your 'AffectedApplications' logs to Sophos to help improve the tools we provide. For more information see article: 118405.