Troubleshooting a Powershell script that sends email

Question

This script is sending an email when a particular event is triggered. I am running this script when a file screen i have configured on FSRM detects a user saving specific file types. The command tab is where I am running powershell.exe and for the arguments this script. I am trying to add the message from the event log that my file screen is configured to generate. However, when this script generates the email it generates the following instead of the event message.

 System.Diagnostics.EventLogEntry

Here is the script:

function 
    sendMail{

         Write-Host “Sending Email”

         #SMTP server name
         $smtpServer = “smtp.abc.com”

         #Creating a Mail object
         $msg = new-object Net.Mail.MailMessage

         #gets the server name
         $srv = $env:computername

         #gets the event ID details
         $event = Get-Eventlog -LogName Application -source SRMSVC -Newest 1

         #Creating SMTP server object
         $smtp = new-object Net.Mail.SmtpClient($smtpServer)

         #Email structure 
         $msg.From = “FileServer@abc.com“
         $msg.ReplyTo = “administrator@ABC.com“
         $msg.To.Add(“RECEPIENT@ABC.com“)
         $msg.subject = “Event Alert”
         $msg.body = “The file resource management service has detected activity. Please check the appliction log on $srv and look for id 8215. Here are the event details $event ”

         #Sending email 
         $smtp.Send($msg)

    }

    #Calling function
    sendMail

The $srv variable is entered properly by adding the correct computer name to the body of the email.

Does anyone know why the event message is not being included in the body of the email instead?

Is this a question? It looks like a statement. Cool story, bro. — joeqwerty, Jun 28 '17 at 15:41
it clearly says that the $event variable is giving some random text in the body of the email INSTEAD of the event. I will make it more obvious. — veel84, Jun 28 '17 at 15:42
Check `$event` with `$event|Get-Member` you might see what you are missing. — LotPings, Jun 28 '17 at 16:04

Itchydon · Accepted Answer · 2017-06-28T16:30:50.760

2

Try changing

$msg.body = “The file resource management service has detected activity. Please check the appliction log on $srv and look for id 8215. Here are the event details $event ”

to

$msg.body = “The file resource management service has detected activity. Please check the appliction log on $srv and look for id 8215. Here are the event details $($event.message) ”

All I have done is change $event to $($event.message)

edited Jun 28 '17 at 16:30

answered Jun 28 '17 at 16:22

Itchydon

144
6

Thanks, that was it. Not sure why its been downvoted twice, its a perfectly legitimate question. I created a firescreen to block file types used by Ransom-ware. This alert will notify me when those changes are attempted. I also added further power shell commands to disabled the user account. While modifying the script I ran into the problem. I would love to know why it doesn't qualify as legitimate. – veel84 Jun 28 '17 at 17:29
I also don't know why it was downvoted. I tried to up vote you but did not have enough points on this particular site to upvote you - but I think it was a legitimate question as well – Itchydon Jun 28 '17 at 22:23

Troubleshooting a Powershell script that sends email

1 Answers1