Powershell: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
Line 64: | Line 64: | ||
</pre> | </pre> | ||
[[Category: | [[Category:PowerShell]] |
Revision as of 14:36, 4 September 2019
Powershell
Useful Commands
Show command history
get-history | more
Test if port open from one server to another
Test-NetConnection 10.10.10.10 -port 445
Example output:
ComputerName : 10.10.10.10 RemoteAddress : 10.10.10.10 RemotePort : 445 InterfaceAlias : Ethernet SourceAddress : 10.10.10.20 PingSucceeded : True PingReplyDetails (RTT) : 29 ms TcpTestSucceeded : True
Check who rebooted the server
Get-EventLog –Log System –Newest 100 | Where-Object {$_.EventID –eq ‘1074’} | FT MachineName, UserName, TimeGenerated -AutoSize
Example output:
MachineName UserName TimeGenerated ----------- -------- ------------- server01.lab.local LABLOCAL\user01 28/8/2018 4:28:20 PM
Show DNS Cache
Get-DnsClientCache
When was Windows installed
wmic os get installdate
Example output:
InstallDate 20190402093338.000000+060
Watch port availability
cls;while($true){get-date;$t = New-Object Net.Sockets.TcpClient;try {$t.connect("10.10.10.10",3389);write-host "RDP is up"}catch{write-Host "RDP is down"}finally{$t.close();sleep 30}}
Example output:
Thursday, August 29, 2019 11:27:17 AM RDP is down Thursday, August 29, 2019 11:28:08 AM RDP is down Thursday, August 29, 2019 11:28:59 AM RDP is down Thursday, August 29, 2019 11:29:50 AM RDP is UP
Watch event viewer
cls;$idxA = (get-eventlog -LogName Application -Newest 1).Index;while($true){$idxA2 = (Get-EventLog -LogName Application -newest 1).index;get-eventlog -logname Application -newest ($idxA2 - $idxA) | sort index;$idxA = $idxA2;sleep 10}
Example output:
Index Time EntryType Source InstanceID Message ----- ---- --------- ------ ---------- ------- 23698 Aug 29 11:31 Information ESENT 916 DllHost (20044,G,0) The beta feature EseDiskFlushConsistency is enabled in ESENT due to the beta site mode settings 0x800000.