Guest Blogger – Searching with PowerShell

Guest Blogger – Searching with PowerShell

  • Comments 2
  • Likes

Sean Kearney has been doing some work with PowerShell as of late and sent in this little write up about searching with PowerShell!  Enjoy, and remember if you have any tips you want to share email us!

------------------------------

A post I threw onto "Energized about Technology" and "Energized Tech". A simpler intro to a small script that can be a function in PowerShell. Today I had to search for something in a Text file.  In PowerShell there's a simple command

GET-CONTENT

Which lets me simply enough, GET CONTENT from a text file (or files).   I’m going to deal with ONE file right now.  Let’s pick on the WINDOWSUPDATE.LOG, it’s big beefy and full of stuff, and type in

GET-CONTENT C:\WINDOWS\WINDOWSUPDATE.LOG

Dumps a pile of stuff on the screen. “Yeah impressive!” (I hear everybody in the back) “TYPE Command did that for years”.  True.   But here’s the difference.  I can store the output of ANY Powershell command in a variable of my choosing without any thought.  So.

$RESULT=GET-CONTENT C:\WINDOWS\WINDOWSUPDATE.LOG

Now here’s where TYPE command loses it’s luster. I can put that in this SCRIPT, and have it match lines that meet content in that logfile and save it as “FINDAGENT.PS1” and run it anytime I want!

# FINDAGENT.PS1
# This script will get the content of the WindowsUpdate.LOG file and search it for lines with the word “Agent” anywhere in the file

$RESULT=GET-CONTENT C:\WINDOWS\WINDOWSUPDATE.LOG

FOREACH ($LINE in $RESULT)
          {
          # Compare results in that “Object” that are “like” anything contained within the “Quotes”.  The “*” before and after indicate it could be anywhere
          if ($line.tostring() –like “*Agent* )
               {
               # write that output to the Console
               write-host ( $line )
               }
          }

# No more script.   All done

That will output EVERY line that has the word “Agent” in it when you run the FINDAGENT.PS1 file in a Powershell session.  Now here’s where NOTEPAD and TYPE fall down and cry.   I can take that SAME script and with minimal modification make it a FUNCTION I can call up all the time.   So it took a little longer to write, but I can now have a reusable feature in the system.  And again, not difficult, so we take the script and with the following changes.

FUNCTION FILESEARCH ($FILENAME, $CONTENT)

{

# This script will get the content of the file passed through $FILENAME and search it for lines with the content passed by the user in $CONTENT

$RESULT=GET-CONTENT $FILENAME

FOREACH ($LINE in $RESULT)
          {
          # Compare results in that “Object” that are “like” anything contained within the “Quotes”.  The “*” before and after indicate it could be anywhere
          if ($line.tostring() –like $CONTENT )
               {
               # write that output to the Console
               write-host ( $line )
               }
          }

# No more function.   All done

}

Now again save that as FILEFIND.PS1 file and when you want to search things I run this new script, FILEFIND.PS1 which now gives you a new function / feature to run in your PowerShell session called “FILESEARCH”.  To run it just type

FILESEARCH C:\Windows\WindowsUpdate.log “*Agent*”

And that will give you the same results as the script.  But here’s where Powershell just is so better than sliced bread.  That new script, that easily became a function (Under 10 lines or less) can now be used to search ANY file on the computer.  We can also with minor changes make this same function pipe data to a CSV file or other PowerShell Cmdlets.  With very small tweaks, you can use it to search the registry or WMI even.  I tell you, I love PowerShell.  Once you do something, you don’t have to think too hard to repurpose it.

Sean
The Energized Tech

Sean Kearney

Friday Funny Guy

fridayfunnyguy@energizeit.ca

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment
  • And hey take note here folks.  I'm not a Dev.  Just an ITPro like you.   You can do this too.

  • Wow, amazing.  Windows now is almost at the automation level that UNIX was in 1989.  Congratulations, guys! :-)