Example 3

This example is a VB script that copies or moves files found in a discovery scan.

option explicit
const isMove = True
const quarantineFolder = "\\10.0.46.40\quarantine"
const quarantineText = "Content has been removed please contact administrator"
'
'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ '
Dim xmlFile 
Dim xmlDoc 
Dim Node
Dim filePath 
Dim objFSO 
Dim objFile 
Dim root
Dim destFilePath
Set objFSO = CreateObject("Scripting.FileSystemObject")
'Functions 
'---------
Function GeneratePath(pFolderPath)
GeneratePath = False
wscript.echo "GeneratePath " & pFolderPath 
If Not objFSO.FolderExists(pFolderPath) Then
If GeneratePath(objFSO.GetParentFolderName(pFolderPath)) 
Then
GeneratePath = True
Call objFSO.CreateFolder(pFolderPath) 
End If
Else
GeneratePath = True 
End If
End Function
'main '----
xmlFile = WScript.Arguments.Item(0)
set xmlDoc=CreateObject("Microsoft.XMLDOM") 
if xmlDoc.load(xmlFile) then
wscript.echo "Load XML succeeded" 
else
wscript.echo "Load XML failed" 
wscript.exit -1
end if
Set Node = xmlDoc.documentElement.selectSingleNode("// ns1:pa-xml-rpc/ns1:request/ns1:params/evt:incident/ evt:dataAtRest/evt:incidentInfo/evt:resourceType")
if Node.text <> "NETWORK" and Node.text <> "ENDPOINT" then
wscript.echo "Incident is not file system discovery incident"
wscript.exit 0 
end if
Set Node = xmlDoc.documentElement.selectSingleNode("// ns1:pa-xml-rpc/ns1:request/ns1:params/evt:incident/ evt:dataAtRest/evt:file/evt:filepath")
filePath = right(Node.text,len(Node.text)-5) 
wscript.echo "file path is : " & filePath
destFilePath = quarantineFolder + "\" + right(filePath,len(filePath)-2)
wscript.echo "Destination: " & destFilePath 
GeneratePath(objFSO.GetParentFolderName(destFilePath)) 
objFSO.CopyFile filePath, destFilePath
if isMove then
Set objFile = objFSO.CreateTextFile(filePath + ".txt") 
objFile.WriteLine(quarantineText)
objFile.Close 
objFSO.DeleteFile filePath
end if
wscript.echo "File, " & filePath & " was processed successfully"