Initial commit – Milestone monitoring script (SOC09 / CSU Ultreia) – AGPL-3.0

Milestone_Monitor.ps1

@@ -0,0 +1,63 @@
+$start = (Get-Date).AddDays(-4)
+
+$events = @()
+
+# 🔵 Redémarrages serveur
+$events += Get-WinEvent -FilterHashtable @{
+    LogName='System'
+    StartTime=$start
+} | Where-Object {
+    ($_.Id -eq 12 -and $_.ProviderName -eq "Microsoft-Windows-Kernel-General") -or
+    ($_.Id -eq 41) -or
+    ($_.Id -eq 1074)
+} | ForEach-Object {
+    [PSCustomObject]@{
+        Time = $_.TimeCreated
+        Theme = "REDÉMARRAGE SERVEUR"
+        Detail = $_.Id
+    }
+}
+
+# 🟡 Crash service Recording
+$events += Get-WinEvent -FilterHashtable @{
+    LogName='System'
+    Id=7031
+    StartTime=$start
+} | Where-Object {$_.Message -like "*Recording Server*"} | ForEach-Object {
+    [PSCustomObject]@{
+        Time = $_.TimeCreated
+        Theme = "CRASH SERVICE RECORDING"
+        Detail = $_.Id
+    }
+}
+
+# 🔴 Crash application VideoOS
+$events += Get-WinEvent -FilterHashtable @{
+    LogName='Application'
+    Id=1000
+    StartTime=$start
+} | Where-Object {$_.Message -like "*VideoOS*"} | ForEach-Object {
+    [PSCustomObject]@{
+        Time = $_.TimeCreated
+        Theme = "CRASH APPLICATION VIDEOOS"
+        Detail = $_.Id
+    }
+}
+
+# 🔶 Service démarré
+$events += Get-WinEvent -FilterHashtable @{
+    LogName='System'
+    Id=7036
+    StartTime=$start
+} | Where-Object {$_.Message -like "*Recording Server*running*"} | ForEach-Object {
+    [PSCustomObject]@{
+        Time = $_.TimeCreated
+        Theme = "SERVICE RECORDING DÉMARRÉ"
+        Detail = $_.Id
+    }
+}
+
+# 🔄 Affichage chronologique
+$events |
+Sort-Object Time |
+Format-Table Time, Theme, Detail -AutoSize

powershell/Milestone_Monitor.ps1

@@ -0,0 +1,63 @@
+$start = (Get-Date).AddDays(-4)
+
+$events = @()
+
+# 🔵 Redémarrages serveur
+$events += Get-WinEvent -FilterHashtable @{
+    LogName='System'
+    StartTime=$start
+} | Where-Object {
+    ($_.Id -eq 12 -and $_.ProviderName -eq "Microsoft-Windows-Kernel-General") -or
+    ($_.Id -eq 41) -or
+    ($_.Id -eq 1074)
+} | ForEach-Object {
+    [PSCustomObject]@{
+        Time = $_.TimeCreated
+        Theme = "REDÉMARRAGE SERVEUR"
+        Detail = $_.Id
+    }
+}
+
+# 🟡 Crash service Recording
+$events += Get-WinEvent -FilterHashtable @{
+    LogName='System'
+    Id=7031
+    StartTime=$start
+} | Where-Object {$_.Message -like "*Recording Server*"} | ForEach-Object {
+    [PSCustomObject]@{
+        Time = $_.TimeCreated
+        Theme = "CRASH SERVICE RECORDING"
+        Detail = $_.Id
+    }
+}
+
+# 🔴 Crash application VideoOS
+$events += Get-WinEvent -FilterHashtable @{
+    LogName='Application'
+    Id=1000
+    StartTime=$start
+} | Where-Object {$_.Message -like "*VideoOS*"} | ForEach-Object {
+    [PSCustomObject]@{
+        Time = $_.TimeCreated
+        Theme = "CRASH APPLICATION VIDEOOS"
+        Detail = $_.Id
+    }
+}
+
+# 🔶 Service démarré
+$events += Get-WinEvent -FilterHashtable @{
+    LogName='System'
+    Id=7036
+    StartTime=$start
+} | Where-Object {$_.Message -like "*Recording Server*running*"} | ForEach-Object {
+    [PSCustomObject]@{
+        Time = $_.TimeCreated
+        Theme = "SERVICE RECORDING DÉMARRÉ"
+        Detail = $_.Id
+    }
+}
+
+# 🔄 Affichage chronologique
+$events |
+Sort-Object Time |
+Format-Table Time, Theme, Detail -AutoSize