Check if SplunkUF have rights to read folders

Details: Category: Splunk

Use this script to check if splunkUF have read rights in selected folders

$csvFilePath = "c:\users\MyUser\desktop\test_host.csv"
$serviceAccountName = "NT SERVICE\SplunkForwarder"
$permission = "Read, ReadAndExecute, Synchronize"


$Computers = Import-Csv -Path $csvFilePath -Delimiter ","
ForEach ($Myhost in $Computers)
{
    $targetHost = ($Myhost).Hosts
    $folderPaths = ($Myhost).FolderPaths -split ';'
    Write-host "Working in: "$targetHost
    $session1 = New-PSSession -ComputerName $targetHost
    foreach ($targetFolderPath in $folderPaths) 
    {
        Write-host -NoNewline "- Checking: "$targetFolderPath " - "
        $subfolders = Invoke-Command -Session $session1 -ArgumentList $targetFolderPath -ScriptBlock{param($targetFolderPath) Get-ChildItem -Path $targetFolderPath -Recurse | where {$_.Attributes -eq "directory"} | select -ExpandProperty fullname}
        $readAcl = Invoke-Command -Session $session1 -ArgumentList $targetFolderPath -ScriptBlock{(Get-Acl -Path $TargetFolderPath).Access}
        $readAcl = $readAcl | where {$_.identityreference -like "NT Service\splunkforwarder" -or $_.identityreference -like "BUILTIN\users" -and $_.filesystemrights -like "ReadAndExecute*" -and $_.Accesscontroltype -like "Allow" }
        if($readacl -notlike $null)
        {
            Write-host "OK" -ForegroundColor Green
        }
        else
        {
            write-host "Access saknas" -ForegroundColor Red
        }
        foreach ($subfolder in $subfolders)
        {
            Write-host -NoNewline "- - Checking: "$subfolder " - "
            $readAcl = Invoke-Command -Session $session1 -ArgumentList $subfolder -ScriptBlock{param($Subfolder) (Get-Acl -Path $subfolder).Access}
            $readAcl = $readAcl | where {$_.identityreference -like "NT Service\splunkforwarder" -or $_.identityreference -like "BUILTIN\users" -and $_.filesystemrights -like "ReadAndExecute*" -and $_.Accesscontroltype -like "Allow" }
            if($readacl -notlike $null)
            {
                Write-host "OK" -ForegroundColor Green
            }
            else
            {
                write-host "Access saknas" -ForegroundColor Red
            }
        }
    }
    Remove-PSSession -Session $session1;
    write-host `n
}

Format of CSV file

Hosts,FolderPaths
Host1,C:\inetpub\logs\LogFiles\;D:\inetpub\logs\LogFiles\
Host2,C:\inetpub\logs\LogFiles\;D:\inetpub\logs\LogFiles\
Host3,C:\inetpub\logs\LogFiles\;D:\inetpub\logs\LogFiles\
Host4,C:\inetpub\logs\LogFiles\;D:\inetpub\logs\LogFiles\