I am always stressing that PowerShell is all about the objects. If you keep this in mind, PowerShell is pretty easy to use. Get a bunch of things, and select the details that you want to see or work with. Out of the box PowerShell gives you some very rich objects to work with from simple files to Active Directory users. What I like even more is that you can create your own properties “on-the-fly” to meet your needs. It is almost like magic. You can create new properties practically out of thin air. But sometimes even this process can get a bit tedious or overwhelming. Let me offer some solutions.
Welcome once again to the end of the week. Hopefully you spent some time in PowerShell. If not, perhaps this tidbit will be intriguing enough to give it a try. I always try to put the “fun” in function and today I have one that will enumerate all the WMI namespaces, but using Get-CimInstance, or the “modern” way to work with WMI. You probably know about the root\Cimv2 namespace but there are many others and if you explore you might find some other namespaces and classes that are useful.
I expect that most of you with enterprise wide antivirus installations probably have vendor tools for managing all of your clients. If so, don’t go away just yet. Even though I’m going to demonstrate how to get antivirus product status with PowerShell, the scripting techniques might still be useful. Or you might learn a bit more about WMI and the CIM cmdlets. Let me start with a simple command to get antivirus information from your local computer, assuming you are running PowerShell 3.0 or later.
I’m always on the lookout for new ways to do things. Often I’m trying to find a way to create something that is easy to use without requiring a lot of PowerShell scripting. I also like using the final result as teaching aids so even if you don’t need the end product, I hope you’ll pick up a trick or two that you can use in your own scripting projects. The task I had in mind today is a better way to get event log information. Not the events themselves, but rather the event log file. How many entries are in it? How big is it? How much of the configured log is being used? Here’s what I came up with.
I’ve started a new project and I’m hoping a few of you will give it a spin and let me know how it works for you. I’ve created a PowerShell module called MemoryTools that uses a few WMI classes and performance counters to provide insight into memory utilization and configuration on your servers. The module has several commands including one that skips the pipeline (exception to the rule!) and uses Write-Host to display memory status in living color.
The project is up on GitHub at https://github.com/jdhitsolutions/MemoryTools if you’d like to give it a try. The Readme file should give you a overview of what to expect. Use GitHub to report any bugs or feature requests. I know I still need to add command help.
The module should work on any computer running v3 or later. Note that the Get-PhysicalMemory command, which queries the Win32_PhysicalMemory class, may not show results for some properties. There are a few new class properties that require Windows Server 2016 but I decided to include them anyway.
I look forward to hearing about your experiences.