i got block in my brain and don`t know how to fix ist.
i have following script:
$CorrelationId = New-Guid
$Server = Get-WMIObject Win32_ComputerSystem| Select-Object -ExpandProperty Name
$getcert= Get-ChildItem cert:\LocalMachine\My -Recurse | Where-Object {$_ -is [System.Security.Cryptography.X509Certificates.X509Certificate2] -and ($_.NotAfter -lt (Get-Date).AddDays(45)) -and($_.Issuer -eq "CN=test.at, DC=ds, DC=test, DC=at")} | Select-Object -Property Issuer, NotAfter, Subject, FriendlyName
$notafter = $getcert.NotAfter
$Subject = $getcert.Subject
$issuer = $getcert.Issuer
$FriendlyName= $getcert.FriendlyName
Write-Log -D Console,Splunk -L Info -A Servercertificate -M " Certificate $Subject on Host $Server with issuer $issuer and FriendlyName $FriendlyName expires at $notafter" -CorrelationId $CorrelationId -EventId 1as long i have just 1 Cert it works proper, but if i got more than one it`s just wired.
I know that it is may possible to fix this with foreach, but i don`t know how to do it.
Thanks for your Help
CodePudding user response:
If your Write-Log command is working as expected, and you'd prefer to have a unique CorrelationId per certificate, then it should be fairly straightforward.
For example:
$Server = Get-WMIObject Win32_ComputerSystem| Select-Object -ExpandProperty Name
$getcert= Get-ChildItem cert:\LocalMachine\My -Recurse | Where-Object {$_ -is [System.Security.Cryptography.X509Certificates.X509Certificate2] -and ($_.NotAfter -lt (Get-Date).AddDays(45)) -and ($_.Issuer -eq "CN=test.at, DC=ds, DC=test, DC=at")} | Select-Object -Property Issuer, NotAfter, Subject, FriendlyName
foreach ($cert in $getcert) {
$CorrelationId = New-Guid
$notafter = $cert.NotAfter
$Subject = $cert.Subject
$issuer = $cert.Issuer
$FriendlyName = $cert.FriendlyName
Write-Log -D Console,Splunk -L Info -A Servercertificate -M " Certificate $Subject on Host $Server with issuer $issuer and FriendlyName $FriendlyName expires at $notafter" -CorrelationId $CorrelationId -EventId 1
}