Today I had to search for something in a Text file.
In Powershell theres a simple command
GET-CONTENT
Which lets me simply enough, GET CONTENT from a text file (or files). I’m going to deal with ONE file right now. Let’s pick on the WINDOWSUPDATE.LOG
It’s big beefy and full of stuff.
Type typing in
GET-CONTENT C:\WINDOWS\WINDOWSUPDATE.LOG
Dumps a pile of stuff on the screen.
“Yeah impressive!” (I hear everybody in the back) “TYPE Command did that for years”
True. But here’s the difference.
I can store the output of ANY Powershell command in a variable of my choosing without any thought
So.
$RESULT=GET-CONTENT C:\WINDOWS\WINDOWSUPDATE.LOG
Now here’s where TYPE command loses it’s luster
I can put that in this SCRIPT, and have it match lines that meet content in that logfile and save it as
“FINDAGENT.PS1” (Text format)
and run it anytime I want
-------------------------------------------------
# FINDAGENT.PS1
# This script will get the content of the WindowsUpdate.LOG file and search it for lines with the word “Agent” anywhere in the file
$RESULT=GET-CONTENT C:\WINDOWS\WINDOWSUPDATE.LOG
FOREACH ($LINE in $RESULT)
{
# Compare results in that “Object” that are “like” anything contained within the “Quotes”. The “*” before and after indicate it could be anywhere
if ($line.tostring() –like “*Agent* )
{
# write that output to the Console
write-host ( $line )
}
}
# No more script. All done
--------------------------------------------------------
That will output EVERY line that has the word “Agent” in it when you run the FINDAGENT.PS1 file in a Powershell session.
Now here’s where NOTEPAD and TYPE fall down and cry. I can take that SAME script and with minimal modification make it a FUNCTION I can call up all the time. So it took a little longer to write, but I can now have a reusable feature in the system.
And again. Not difficult
So we take the script and with the following changes
-------------------------------------------------------
FUNCTION FILESEARCH ($FILENAME, $CONTENT)
{
# This script will get the content of the file passed through $FILENAME and search it for lines with the content passed by the user in $CONTENT
$RESULT=GET-CONTENT $FILENAME
FOREACH ($LINE in $RESULT)
{
# Compare results in that “Object” that are “like” anything contained within the “Quotes”. The “*” before and after indicate it could be anywhere
if ($line.tostring() –like $CONTENT )
{
# write that output to the Console
write-host ( $line )
}
}
# No more function. All done
}
--------------------------------------------------------
Now again save that as FILEFIND.PS1 file and when you want to search things run
FILEFIND.PS1
which now gives you a new function / feature to run in your Powershell session called “FILESEARCH”
To run it just type
FILESEARCH C:\Windows\WindowsUpdate.log “*Agent*”
And that will give you the same results as the script.
But here’s where Powershell just is so better than sliced bread. That new script, that easily became a function (Under 10 lines or less) can now be used to search ANY file on the computer.
We can also with minor changes make this same function pipe data to a CSV file or other Powershell Cmdlets. With very small tweaks, you can use it to search the registry or WMI even.
I tell you. I love Powershell. Once you do something, you don’t have to think too hard to repurpose it.
Sean
The Energized Tech
.gif)
.gif)
Leave a comment