OK, maybe not my favorite, and maybe I need to get out more
but the more I learn about PowerShell the more excited I get. It is actually
fun, not kidding, it is reminiscent of that feeling I had 30 years ago
troubleshooting my first BBS or first code. And also, right now at this moment, I have two
favorites. These are subject to change!
Get-Help
After listening to Jeffrey Snover –Microsoft Distinguished
Engineer and God Father of PowerShell, Don Jones, author or ‘PowerShell in a
Month of Lunches’, and other PowerShell MVPs the most important aspect of
PowerShell is the help system and you need to learn how to use it. In using the
help system and simply playing around, you will easily figure out how to
perform tasks simply and more efficiently. So… learn the help system.
Here is a good start. Open the PowerShell Console
‘as administrator’. Important. Run the PowerShell Apps (Console or
ISE) as Administrator to get the most bang for your buck. Run the following
command
PS
c:\ Update-help
The system
begins with no help information. You have to update the help system to get
started.
Next choose
a command you want to work with. As a segue into the next cmdlet we'll use Get-EventLog. Try the following.
PS
c:\ Get-Help Get-EventLog –Full
Make sure
to use the –Full switch as it will ensure all of the
interesting info is present. Look around, learn the cmdlet, play a bit and see
what you find.
What I
find, is how to solve my problem of the moment, how to troubleshoot
issues related to deployment, or pretty much anything else my imagination can
come up with.
Get-EventLog
By using the Help system you will begin to better understand
PS syntax, positional parameters, mandatory parameters, what can be piped into
other cmdlets, what can’t and lots more. When learning the Get-EventLog cmdlet and playing around
I began thinking of one of the most basic troubleshooting tasks we perform
typically manually.
How often, when troubleshooting do we open the event viewer
to look for issues and hints to what is happening? Often, very often. Then you
switch to another machine and look at the event logs over there, in event
viewer. Next you go back to the first machine because you can’t remember what
you read in the first place… fun times! No more. I’ll share these parameters
one at a time so show how powerful this actually is.
-LogName
PS
c:\ Get-EventLog –LogName <string>
The –LogName
parameter is what is called positional and mandatory, and it takes a string.
The string is the name of the Windows Log. You don’t even have to use –LogName as long as you explicitly
call out the name of the actual log you are looking for so in this example I
could have written;
PS
c:\ Get-EventLog Application
I’m going
to leave the –LogName parameter in my examples to make sure they are as
explicit as possible.
-ComputerName
Pretty self-explanatory. This allows you to explicitly call
out the name of the machine(s) you want to query for their event logs.
PS
c:\ Get-EventLog –LogName Application –ComputerName
srv1
Now my
command will reach across the wire to a machine called srv1 and grab the
contents of the Application log! Awesome!
-Newest
OK, so no
one wants to grab the entire contents of the windows log and output that to a
screen. It is way too noisy. The –Newest parameter allows you to specific how
many of the most recent events you want to grab.
PS
c:\ Get-EventLog –LogName Application –ComputerName srv1 –Newest 20
I know, the line is
getting longer but look how intuitive this is. Amazing.
-Source
Source essentially
specifies where the events actually come from. So in my environment I want to
see if anything interesting is happening wrt Specops Product. Srv1 is my
Specops Deploy Server in this case.
PS
c:\ Get-EventLog –LogName Application –ComputerName srv1 –Newest 20 –Source
*Spec*Depl*
Did I
forget to tell you the –Source parameter (and –Message and others) take Wildcards? What? That is amazing! Why yes it
is. So when I run this command I don’t leave my desk, I grab all pertinent
events from remote system on the fly to help troubleshoot and get to know my
environment. That above command may wrap by the way… but you get it.
Here is the
console output.
 |
Console Output Get-EventLog
Play around
with this. Use Get-Help, learn the syntax. It is fun and
has a huge impact on how much time you spend on repetitive tasks. And it is so
much more intuitive than VBScript or Kix or any other attempt at providing a
shell or automation to Windows. There is so much more you can do, pipe results
to a file or a web page!, run against multiple machines at a time, format the
output, only output errors, or warnings, endless possibilities.
Enjoy
Playing!
|
No comments:
Post a Comment