All Tags » PowerShell and WMI (RSS)

Browse Blog Posts by Tags

Showing related tags and posts for the Blogs application. See all tags in the site

  • WMICookbook: Read Routing Table

    When we need to troubleshoot networking problems we will sometimes need to read the routing table on a machine. The routing table contains the information on the routes known to the network interfaces. This can be created automatically or manually . On the local machine we can use the route command to...
    Posted to Richard Siddaway's Blog by RichardSiddaway on Fri, Nov 20 2009
    Filed under: Filed under: ,

  • WMI CookBook: WMI Presentation

    As with other PowerShell objects there is a default format for the display of WMI objetcs. If we look at the NetworkAdapter class PS> Get-WmiObject -Class Win32_NetworkAdapter -Filter "DeviceId='11'" ServiceName      : athr MACAddress      ...
    Posted to Richard Siddaway's Blog by RichardSiddaway on Tue, Nov 17 2009
    Filed under: Filed under: ,

  • WMI CookBook: Associators Pt I

    WMI is a wonderful thing and like many people I have a love-hate relationship with it. It is incredibly powerful, and can take you deep into the system, but it is not easy to find your way. I have decided to spend some time digging into WMI and will document the findings in a (long) series of blog posts...
    Posted to Richard Siddaway's Blog by RichardSiddaway on Mon, Nov 16 2009
    Filed under: Filed under: ,

  • PowerShell WMI events

    In my previous post ( http://richardsiddaway.spaces.live.com/blog/cns!43CFA46A74CF3E96!2598.entry   or http://richardsiddaway.spaces.live.com/blog/cns!43CFA46A74CF3E96!2598.entry ) I started to look at WMI events in PowerShell v2.  The win32_process class was used but all that showed us was...
    Posted to Richard Siddaway's Blog by RichardSiddaway on Sat, Nov 7 2009
    Filed under: Filed under: ,

  • PowerShell Eventing

    This isn’t the latest sport added for the 2012 Olympics but a way to dig deeper into what is happening on your machine.  There is a continuous stream of events occurring on a computer – programs stop or start, files open or close etc etc.  Some, but all, of these events are recorded in the...
    Posted to Richard Siddaway's Blog by RichardSiddaway on Sat, Nov 7 2009
    Filed under: Filed under: ,

  • System Up Time

    The PowerShell team have just posted about obtaining system up time using a .NET class to convert the WMI date format to something thats readable http://blogs.msdn.com/powershell/archive/2009/08/12/get-systemuptime-and-working-with-the-wmi-date-format.aspx There is a WMI only way of doing this $os =...
    Posted to Richard Siddaway's Blog by RichardSiddaway on Wed, Aug 12 2009
    Filed under: Filed under:

  • Creating a process

    I've looked at creating a process before - using [WMIClass]. With CTP3 we have a few more options Start-Process -Filepath notepad.exe Invoke-WMIMethod -Class Win32_process -Name Create -ArgumentList notepad.exe Set-WMIinstance -Class Win32_process -Arguments @{Path=c:\windows\system32\notepad.exe...
    Posted to Richard Siddaway's Blog by on Tue, Apr 28 2009
    Filed under: Filed under:

  • WMI Methods and Properties

    Its odd how we discover things. I need to check the WMI classes for network adapters so used Get-WmiObject -List -Class *network* I intended to check out the data returned so used Get-WmiObject -List -Class win32_networkadapterconfiguration Notice I’ve left the –List parameter in the command by mistake...
    Posted to Richard Siddaway's Blog by on Tue, Mar 17 2009
    Filed under: Filed under:

  • Discovering WMI

    One thing that seems to come up rather frequently on the newsgroups is what WMI class do I need to use to do X. The really confusing thing about WMI is knowing just what is available. I have done far more with WMI since discovering PowerShell than I ever did with VBScript. That’s for 2 reasons. Firstly...
    Posted to Richard Siddaway's Blog by on Thu, Feb 19 2009
    Filed under: Filed under:

  • W2KSG: Unique file names

    Having seen how to back up our event logs we will need to do this periodically so we need to create unique file names for the backups. The obvious candidate is to base it on the date. Listing 12.7 $date = Get-Date Get-WmiObject -Class Win32_NTEventLogFile | Where {$_.NumberofRecords -gt 5} | Foreach...
    Posted to Richard Siddaway's Blog by on Thu, Oct 16 2008
    Filed under: Filed under:

  • W2KSG: Triggered Event Log backups

    We have seen how to backup and clear the event log. What about checking all of the event logs and doing a backup and clear if they have reached a certain size Listing 12.6 Get-WmiObject -Class Win32_NTEventLogFile | Where {$_.FileSize -gt 10MB} | Foreach { $file = "c:\test\" + $_.LogFileName...
    Posted to Richard Siddaway's Blog by on Thu, Oct 16 2008
    Filed under: Filed under:

  • W2KSG: Backup Event Log

    We have see how to modify event log properties - lets look at backing them up and clearing out the entries. Preferably in that order. Listing 12.5 $log = Get-WmiObject -Class Win32_NTEventLogFile -Filter "LogFileName = 'Application'" $ret = $log.BackupEventLog("c:\test\applog.evt"...
    Posted to Richard Siddaway's Blog by on Tue, Oct 14 2008
    Filed under: Filed under:

  • W2KSG: Log Properties

    Having seen how to view the log properties lets see how we can change them. One possibility is with WMI. Lets start by viewing the event logs Get-WmiObject -Class Win32_NTEventLogFile one thing to note is that the property with the log file name is LogFileName rather than name Listing 12.4 $applog =...
    Posted to Richard Siddaway's Blog by on Mon, Oct 13 2008
    Filed under: Filed under:

  • W2KSG: Page File

    In theory Listing 10.19 Get-WmiObject -Class Win32_PageFile | Select CreationDate, Description, Drive, FileName, FileSize, InitialSize, InstallDate, MaximumSize,Name, Path should return information about the page file. On my Vista machine it doesn't return anything which is due to my allowing the...
    Posted to Richard Siddaway's Blog by on Fri, Oct 10 2008
    Filed under: Filed under:

  • W2KSG: File System Type

    Skipping forward to Listing 10.16 Get-WmiObject -Class Win32_LogicalDisk | Select DeviceId, FileSystem We can quickly scan the disks for the file system. One interesting point from this is that offline files are given a file system type of CSC-CACHE Share this post : Technorati Tags: PowerShell , WMI...
    Posted to Richard Siddaway's Blog by on Fri, Oct 10 2008
    Filed under: Filed under:

  • W2KSG: Free Disk Space

    Nope - not a 1960's political slogan. Previously we found out how to discover the logical disk drives on our machines. Having found them we want to know how much free space is available. Listing 10.6 $HardDisk = 3 Get-WmiObject -Class Win32_LogicalDisk -Filter "DriveType = $HardDisk" |...
    Posted to Richard Siddaway's Blog by on Thu, Oct 9 2008
    Filed under: Filed under:

  • W2KSG: Logical disks

    Physical disks support partitions and logical disks. To discover the logical disks on a machine we would use Listing 10.3 Get-WmiObject -Class Win32_LogicalDisk | Select Compressed,Description, DeviceID, DriveType, FileSystem, FreeSpace, MediaType, Name, Size, SupportsFileBasedCompression, SystemName...
    Posted to Richard Siddaway's Blog by on Thu, Oct 9 2008
    Filed under: Filed under:

  • W2KSG: Disk Partitions

    After we have found the physical drives we need to think about the partitions on those drives Script Center Home > Microsoft Windows 2000 Scripting Guide > Scripting Solutions for System Administration > Disks and File Systems > Managing and Monitoring Disk Drives Managing Disk Partitions...
    Posted to Richard Siddaway's Blog by on Wed, Oct 8 2008
    Filed under: Filed under:

  • W2KSG: Physical Disk Drive Properties

    Lets stick with WMI and jump forward to chapter 10 where we will concentrate on disks and the file system Starting point is physical disks. The WMI class the logically named Win32_DiskDrive. If you want to see all properties use Get-WmiObject Win32_DiskDrive | select * This display is a little odd as...
    Posted to Richard Siddaway's Blog by on Tue, Oct 7 2008
    Filed under: Filed under:

  • W2KSG: Startup Commands

    What commands are run when your system starts? Probably more than you think. The information is held in a number of places in the registry and the startup folder of the start menu. We can access all of that with WMI Listing 8.20 Get-WmiObject win32_startupcommand | Select Command, Description, Location...
    Posted to Richard Siddaway's Blog by on Sat, Oct 4 2008
    Filed under: Filed under:
Page 1 of 3 (46 items) 1 2 3 Next >