Pesquisar neste blog

sexta-feira, 16 de agosto de 2013

Automatizando a manutenção de Logs do Windows (Apagando logs Antigos)

Automating the Process of Deleting Old Log Files

Many services and programs out there produce log files as an audit trail for everything they are doing, however few have a function which removes these files as they outlive their usefulness. As a result, these log files sit on your system eating up space (sometimes more than you know) and cluttering directories for those times you need to access them.

So if you don’t need these files, why keep them? We are going to show you how to easily remove these old log files to keep you system nice and tidy.

Of course, while the we are covering below are immediately useful for managing log files, you can also apply the same techniques to any other type of “expiring” file (such as backups).

Remove Files Based on Last Modified Date

If you want to clear your existing log files based solely on the last modified date of the file, all you have to do is use the FORFILES command. For example:

FORFILES /P “C:LogFiles” /S /D -7 /C “CMD /C DEL /F /Q @PATH”

The above command would delete all files from the “C:LogFiles” folder, and all sub-folders which have not been modified in the last week.

The FORFILES command is pretty flexible with the search pattern and date functions. For example, in place of a number, you can enter a date such as ‘-1/13/2010’ to delete files last modified prior to the specified date.

To get all the details on what FORFILES can do, view the online help using the following command from the command prompt:

FORFILES /?

Remove Files Based on a Date Pattern in the File Name

Many applications and services produce log files based on a date pattern as to have one log file per day (i.e. Log100113.txt, Backup-2010-01-13.zip, etc.). For these types of files, it is preferable to delete based on the date of the file incorporated into the file name rather than the last modified date. This is useful for scenarios such as keeping all log files for the past 3 months. Unfortunately, Windows does not have a native command with this type of logic but with a batch script we can easily handle this task.

There are examples included in the usage comments on the script, so it should be pretty easy to figure out.

The Script
@ECHO OFF
ECHO Delete By Date Pattern
ECHO Written by: Jason Faulkner
ECHO SysadminGeek.com
ECHO.
ECHO.

REM Delete/Select files based on a date which utilizes MM and/or DD for file naming patterns.
REM
REM Usage:
REM DeleteByDatePattern {/M | /D} NumberToKeep Path PatternPrefix PatternPostfix [/L | /DEL]
REM    /M     Specifies the pattern being used is based on months.
REM    /D     Specifies the pattern being used is based on days.
REM    NumberToKeep
REM           The number of months (/M) or days (/D) to keep, including the current.
REM           For example, entering 1 keeps only the current month/day and 6 would keep the current minus 5.
REM    Path   The root location to search. Subdirectories will be searched.
REM    PatternPrefix
REM           The file search pattern placed before of the month/day when building the search string.
REM    PatternPostfix
REM           The file search pattern placed after of the month/day when building the search string.
REM    /L     (optional) Lists all files matching the pattern, but does not delete them.
REM    /DEL   (optional) Deletes all files matching the pattern.
REM
REM Examples:
REM    DeleteByDatePattern /M 3 "%WinDir%system32LogFiles" ex?? ??.log /DEL
REM       Deletes all IIS log files (Windows Server 2003) except for the current and previous two months.
REM    DeleteByDatePattern /D 7 "D:Backup" *-????-??- .zip /DEL
REM       Deletes all zip files from the D:Backup folder except for the current week.
REM       The file name pattern assumed above is "*-YYYY-MM-DD.zip"
REM    DeleteByDatePattern /M 0 "C:" *( )* /L
REM       Prints a list of all files on the C drive matching the pattern: "*-MM-*" (where MM is replaced with 01-12)
REM    DeleteByDatePattern /D 14 "C:Logs" Log-???? .txt
REM       Prints a list of all patterns which would be processed by the script.

SETLOCAL EnableExtensions EnableDelayedExpansion

REM Assumes your Windows Date/Time settings are set to 'DayOfWeek M/D/YYYY' format.
REM If your format is different, you will need to alter the variables below so they align.
FOR /F "tokens=1,2,3,4 delims=/ " %%A IN ('DATE /T') DO (
   SET Month=%%B
   SET Day=%%C
   SET Year=%%D
)

IF /I {%1}=={/M} (
   SET Keep=%Month%
   SET Max=12
)
IF /I {%1}=={/D} (
   SET Keep=%Day%
   SET Max=31
   REM Working off of the previous month's max days.
   SET /A PrevMonth=%Month%-1
   IF !PrevMonth! EQU 2 (
      SET Max=28
      REM Leap years... add more as needed.
      IF /I %Year% EQU 2012 SET Max=29
      IF /I %Year% EQU 2016 SET Max=29
   )
   IF /I !PrevMonth! EQU 4 SET Max=30
   IF /I !PrevMonth! EQU 6 SET Max=30
   IF /I !PrevMonth! EQU 9 SET Max=30
   IF /I !PrevMonth! EQU 11 SET Max=30
)
SET Current=%Keep%
SET /A Keep=%Keep%-%2+1

REM Determine the range to be removed.
SET /A RemoveHighStart=%Current%+1
IF /I %Keep% LSS 1 (
   SET RemoveLow=0
   SET /A RemoveHighEnd=%Keep%+%Max%-1
) ELSE (
   SET /A RemoveLow=%Keep%-1
   SET RemoveHighEnd=%Max%
)

REM Process all less than the low range.
FOR /L %%Z IN (1,1,%RemoveLow%) DO CALL :Process %%Z %3 %4 %5 %6
REM Process all greater than the high range.
FOR /L %%Z IN (%RemoveHighStart%,1,%RemoveHighEnd%) DO CALL :Process %%Z %3 %4 %5 %6

ENDLOCAL
GOTO End

:Process
SET Key=0%1
SET Key=%Key:~-2%
SET Target="%~2%~3%Key%%~4"
ECHO Target Pattern: %Target%

IF /I {%5}=={/L} DIR %Target% /B /S
IF /I {%5}=={/DEL} DEL /F /S /Q %Target%
GOTO End

:End

Automating the Process

The FORFILES command is native to Windows, however the DeleteByDatePattern script should be placed in a folder defined in your Path variable (such as your Windows folder) so it can be called as though it were a native command. Once this is done, you can create a scheduled task which is either a single command (if you only need to delete from a single location) or a batch file (if you need to delete from multiple locations) which runs daily, weekly, monthly or whenever.

One more thing you can set and forget.

Links
Download Delete By Date Pattern script from Sysadmin Geek

Nenhum comentário: