Powershell: Difference between revisions

From roonics
Jump to navigation Jump to search
No edit summary
No edit summary
Tag: Manual revert
 
(22 intermediate revisions by the same user not shown)
Line 26: Line 26:
MachineName          UserName          TimeGenerated
MachineName          UserName          TimeGenerated
-----------          --------          -------------
-----------          --------          -------------
server01.lab.local LABLOCAL\user01 28/8/2018 4:28:20 PM
server01.lab.local   LABLOCAL\user01   28/8/2018 4:28:20 PM
</pre>
</pre>


Line 39: Line 39:
20190402093338.000000+060
20190402093338.000000+060
</pre>
</pre>
===Watch port availability===
<pre>cls;while($true){get-date;$t = New-Object Net.Sockets.TcpClient;try {$t.connect("10.10.10.10",3389);write-host "RDP is up"}catch{write-Host "RDP is down"}finally{$t.close();sleep 30}}</pre>
Example output:
<pre style="color: white; background: #012456; width: 800px">
Thursday, August 29, 2019 11:27:17 AM
RDP is down
Thursday, August 29, 2019 11:28:08 AM
RDP is down
Thursday, August 29, 2019 11:28:59 AM
RDP is down
Thursday, August 29, 2019 11:29:50 AM
RDP is UP
</pre>
===Watch event viewer===
<pre>cls;$idxA = (get-eventlog -LogName Application -Newest 1).Index;while($true){$idxA2 = (Get-EventLog -LogName Application -newest 1).index;get-eventlog -logname Application -newest ($idxA2 - $idxA) |  sort index;$idxA = $idxA2;sleep 10}</pre>
Example output:
<pre style="color: white; background: #012456; width: 1500px">
Index Time          EntryType  Source                InstanceID Message
----- ----          ---------  ------                ---------- -------
23698 Aug 29 11:31  Information ESENT                  916 DllHost (20044,G,0) The beta feature EseDiskFlushConsistency is enabled in ESENT due to the beta site mode settings 0x800000.
</pre>
===Stop and disable a Windows service remotely===
<pre>Get-Service -Name "Rubrik Backup Service" -ComputerName server01 | Stop-Service -PassThru | Set-Service -StartupType disabled</pre>
===Combine multiple txt files to one file===
This will also go through the sub folders and combine all txt files in to one file:
<pre>Get-ChildItem C:\txts -include *.txt -rec | ForEach-Object {gc $_; ""} | out-file C:\txts\final.txt</pre>
===Count all file types in folder and subfolders===
<pre>Get-Childitem -Recurse | where { -not $_.PSIsContainer } | group Extension -NoElement | sort count -Desc</pre>
Example output:
<pre style="color: white; background: #012456; width: 1500px">
Count Name                   
----- ----                   
12285 .jpg                   
2935 .png                   
  689 .ps1                   
  375 .log                   
  369 .php                   
  213 .txt                   
  150 .html                   
  122 .csv                   
  62 .1                     
  59 .2                     
  59 .3                     
  55 .4                     
  54 .5                     
</pre>
===Find empty folders and subfolders===
<pre>(gci -r | ? {$_.PSIsContainer -eq $True}) | ?{$_.GetFileSystemInfos().Count -eq 0} | select FullName</pre>
Example output:
<pre style="color: white; background: #012456; width: 1500px">
C:\Users\test\Documents\AirDroid                                                                                     
C:\Users\test\Documents\Custom Office Templates                                                                     
C:\Users\test\Documents\Fax                                                                                         
C:\Users\test\Documents\Rockstar Games                                                                               
C:\Users\test\Documents\Wondershare                                                                                 
                   
</pre>
===Remove empty folders===
<pre>(gci -r | ? {$_.PSIsContainer -eq $True}) | ?{$_.GetFileSystemInfos().Count -eq 0} | Remove-item</pre>
===sign out disconnected sessions===
<pre>quser | Select-String "Disc" | ForEach{logoff ($_.tostring() -split ' +')[2]}</pre>
[[Category:PowerShell]]
‎<comments />

Latest revision as of 14:36, 6 March 2023

Powershell

Useful Commands

Show command history

get-history | more

Test if port open from one server to another

Test-NetConnection 10.10.10.10 -port 445

Example output:

ComputerName           : 10.10.10.10
RemoteAddress          : 10.10.10.10
RemotePort             : 445
InterfaceAlias         : Ethernet
SourceAddress          : 10.10.10.20
PingSucceeded          : True
PingReplyDetails (RTT) : 29 ms
TcpTestSucceeded       : True

Check who rebooted the server

Get-EventLog –Log System –Newest 100 | Where-Object {$_.EventID –eq ‘1074’} | FT MachineName, UserName, TimeGenerated -AutoSize

Example output:

MachineName          UserName           TimeGenerated
-----------          --------           -------------
server01.lab.local   LABLOCAL\user01    28/8/2018 4:28:20 PM

Show DNS Cache

Get-DnsClientCache

When was Windows installed

wmic os get installdate

Example output:

InstallDate
20190402093338.000000+060

Watch port availability

cls;while($true){get-date;$t = New-Object Net.Sockets.TcpClient;try {$t.connect("10.10.10.10",3389);write-host "RDP is up"}catch{write-Host "RDP is down"}finally{$t.close();sleep 30}}

Example output:

Thursday, August 29, 2019 11:27:17 AM
RDP is down
Thursday, August 29, 2019 11:28:08 AM
RDP is down
Thursday, August 29, 2019 11:28:59 AM
RDP is down
Thursday, August 29, 2019 11:29:50 AM
RDP is UP

Watch event viewer

cls;$idxA = (get-eventlog -LogName Application -Newest 1).Index;while($true){$idxA2 = (Get-EventLog -LogName Application -newest 1).index;get-eventlog -logname Application -newest ($idxA2 - $idxA) |  sort index;$idxA = $idxA2;sleep 10}

Example output:

Index Time          EntryType   Source                 InstanceID Message
----- ----          ---------   ------                 ---------- -------
23698 Aug 29 11:31  Information ESENT                  916 DllHost (20044,G,0) The beta feature EseDiskFlushConsistency is enabled in ESENT due to the beta site mode settings 0x800000.

Stop and disable a Windows service remotely

Get-Service -Name "Rubrik Backup Service" -ComputerName server01 | Stop-Service -PassThru | Set-Service -StartupType disabled

Combine multiple txt files to one file

This will also go through the sub folders and combine all txt files in to one file:

Get-ChildItem C:\txts -include *.txt -rec | ForEach-Object {gc $_; ""} | out-file C:\txts\final.txt

Count all file types in folder and subfolders

Get-Childitem -Recurse | where { -not $_.PSIsContainer } | group Extension -NoElement | sort count -Desc

Example output:

Count Name                     
----- ----                     
12285 .jpg                     
 2935 .png                     
  689 .ps1                     
  375 .log                     
  369 .php                     
  213 .txt                     
  150 .html                    
  122 .csv                     
   62 .1                       
   59 .2                       
   59 .3                       
   55 .4                       
   54 .5                       

Find empty folders and subfolders

(gci -r | ? {$_.PSIsContainer -eq $True}) | ?{$_.GetFileSystemInfos().Count -eq 0} | select FullName

Example output:

C:\Users\test\Documents\AirDroid                                                                                      
C:\Users\test\Documents\Custom Office Templates                                                                       
C:\Users\test\Documents\Fax                                                                                           
C:\Users\test\Documents\Rockstar Games                                                                                
C:\Users\test\Documents\Wondershare                                                                                   
                    

Remove empty folders

(gci -r | ? {$_.PSIsContainer -eq $True}) | ?{$_.GetFileSystemInfos().Count -eq 0} | Remove-item

sign out disconnected sessions

quser | Select-String "Disc" | ForEach{logoff ($_.tostring() -split ' +')[2]}

‎<comments />