Powershell: Difference between revisions
Jump to navigation
Jump to search
No edit summary Tag: Reverted |
No edit summary Tag: Manual revert |
||
Line 112: | Line 112: | ||
<pre>quser | Select-String "Disc" | ForEach{logoff ($_.tostring() -split ' +')[2]}</pre> | <pre>quser | Select-String "Disc" | ForEach{logoff ($_.tostring() -split ' +')[2]}</pre> | ||
[[Category:PowerShell]] | [[Category:PowerShell]] | ||
<comments /> | <comments /> |
Latest revision as of 14:36, 6 March 2023
Powershell
Useful Commands
Show command history
get-history | more
Test if port open from one server to another
Test-NetConnection 10.10.10.10 -port 445
Example output:
ComputerName : 10.10.10.10 RemoteAddress : 10.10.10.10 RemotePort : 445 InterfaceAlias : Ethernet SourceAddress : 10.10.10.20 PingSucceeded : True PingReplyDetails (RTT) : 29 ms TcpTestSucceeded : True
Check who rebooted the server
Get-EventLog –Log System –Newest 100 | Where-Object {$_.EventID –eq ‘1074’} | FT MachineName, UserName, TimeGenerated -AutoSize
Example output:
MachineName UserName TimeGenerated ----------- -------- ------------- server01.lab.local LABLOCAL\user01 28/8/2018 4:28:20 PM
Show DNS Cache
Get-DnsClientCache
When was Windows installed
wmic os get installdate
Example output:
InstallDate 20190402093338.000000+060
Watch port availability
cls;while($true){get-date;$t = New-Object Net.Sockets.TcpClient;try {$t.connect("10.10.10.10",3389);write-host "RDP is up"}catch{write-Host "RDP is down"}finally{$t.close();sleep 30}}
Example output:
Thursday, August 29, 2019 11:27:17 AM RDP is down Thursday, August 29, 2019 11:28:08 AM RDP is down Thursday, August 29, 2019 11:28:59 AM RDP is down Thursday, August 29, 2019 11:29:50 AM RDP is UP
Watch event viewer
cls;$idxA = (get-eventlog -LogName Application -Newest 1).Index;while($true){$idxA2 = (Get-EventLog -LogName Application -newest 1).index;get-eventlog -logname Application -newest ($idxA2 - $idxA) | sort index;$idxA = $idxA2;sleep 10}
Example output:
Index Time EntryType Source InstanceID Message ----- ---- --------- ------ ---------- ------- 23698 Aug 29 11:31 Information ESENT 916 DllHost (20044,G,0) The beta feature EseDiskFlushConsistency is enabled in ESENT due to the beta site mode settings 0x800000.
Stop and disable a Windows service remotely
Get-Service -Name "Rubrik Backup Service" -ComputerName server01 | Stop-Service -PassThru | Set-Service -StartupType disabled
Combine multiple txt files to one file
This will also go through the sub folders and combine all txt files in to one file:
Get-ChildItem C:\txts -include *.txt -rec | ForEach-Object {gc $_; ""} | out-file C:\txts\final.txt
Count all file types in folder and subfolders
Get-Childitem -Recurse | where { -not $_.PSIsContainer } | group Extension -NoElement | sort count -Desc
Example output:
Count Name ----- ---- 12285 .jpg 2935 .png 689 .ps1 375 .log 369 .php 213 .txt 150 .html 122 .csv 62 .1 59 .2 59 .3 55 .4 54 .5
Find empty folders and subfolders
(gci -r | ? {$_.PSIsContainer -eq $True}) | ?{$_.GetFileSystemInfos().Count -eq 0} | select FullName
Example output:
C:\Users\test\Documents\AirDroid C:\Users\test\Documents\Custom Office Templates C:\Users\test\Documents\Fax C:\Users\test\Documents\Rockstar Games C:\Users\test\Documents\Wondershare
Remove empty folders
(gci -r | ? {$_.PSIsContainer -eq $True}) | ?{$_.GetFileSystemInfos().Count -eq 0} | Remove-item
sign out disconnected sessions
quser | Select-String "Disc" | ForEach{logoff ($_.tostring() -split ' +')[2]}
<comments />