re: BATCHman Writes a PowerShell Script to Automate Handle

Klaus Schulte — Mon, 19 Sep 2011 09:42:08 GMT

... another interesting variant is this here:

(.\handle\handle.exe $name) -match 'pid:' |

% {

$processId,$fileHandle = ($_ -split '[:\s]+')[2,5]

.\handle\handle.exe -c $fileHandle -p $processId -y

}

We call handle, look for lines containing the keyword 'pid:' and pipe them to the split operator using the regexp '[:\s]' to split each line at a colon or whitespace.

If we rely ( and we have to! ) the fact that the pid is located in part 2 and the handle in part5 of the splitted line, you can use this information to close the handles!

Klaus.

re: BATCHman Writes a PowerShell Script to Automate Handle

KLaus Schulte — Sat, 17 Sep 2011 20:20:12 GMT

BATCHman is back and saved us again!

GREAT to know that he and his regex helped to "handle" this case!

Well done, BATCHman!!

As you know, I like regular expressions which is bad luck because I will add something else here :-)

So .... there is onother approach to solve this case which might be a little more "straight" .. !?

If we extract the lines conataining the interesting information and use the replace operator to get

rid of all other information except the pid and handle,

we can reduce the calculations of substrings and have a shorter form like this:

$commands = ((c:\tools\handle total) -match 'pid') -replace '^.*pid:\s*([0-9]+).*File\s*([0-9A-F]+).*$', 'c:\tools\handle.exe -c $2 -p $1 -y'

This returns an array of commands that look like that

c:\tools\handle.exe -c 210 -p 6380 -y

If we pass them to Invoke-Expression, the handles are closed!

The first part: ((c:\tools\handle total) -match 'pid') reduces handle's output to the interesting lines,

those that contain the word 'pid'.

The result is passed to replace, which skips the beginning '^.*' and end '.*$' of the line,

looks for 'pid:' followed by whitespace and captures the part in round braces: '([0-9]+)' which is the pid number.

We skip '.*' anything up to 'File' followed by whitespace and capture the hexadecimal handle number '([0-9A-F]+)'

The replace operator is nice enough to store the captures in automatic variables $1 and $2.

So we have the pid in $1 and the handle number in $2.

Having replaced all other characters of each matching line, we can build a new line from scratch with the

path to the handle in first place and add the parameters for -p = pid ( $1 ) and -c = handlenumber ( $2 )

to the commandline. "-y" is just used to avoid confirmation questions.

Regexps are GREAT!

Take a look at them!!

Klaus