How to collect system monitor information remotly using powershell? - windows

I have code to collect system information remotely and create a csv file ,below,
Param(
[Parameter(Mandatory=$true, position=0)][string]$infile,
[Parameter(Mandatory=$true, position=1)][string]$outfile
)
#Column header in input CSV file that contains the host name
$ColumnHeader = "ComputerName"
$HostList = import-csv $infile | select-object $ColumnHeader
$out = #()
foreach($object in $HostList) {
$os = Get-WmiObject -computername $object.("ComputerName") -class win32_operatingsystem
$vol = Get-WmiObject -computername $object.("ComputerName") -class Win32_Volume
$net = Get-WmiObject -computername $object.("ComputerName") -class Win32_NetworkAdapterConfiguration | where-object { $_.IPAddress -ne $null }
$DeviceInfo= #{}
$DeviceInfo.add("Operating System", $os.name.split("|")[0])
$DeviceInfo.add("Version", $os.Version)
$DeviceInfo.add("Architecture", $os.OSArchitecture)
$DeviceInfo.add("Serial Number", $os.SerialNumber)
$DeviceInfo.add("Organization", $os.Organization)
$DeviceInfo.add("Disk Capacity", "$([math]::floor($vol.Capacity/ (1024 * 1024 * 1024 )) )" + " GB" )
$DeviceInfo.add("Free Capacity", "$([math]::floor($vol.FreeSpace/ (1024 * 1024 * 1024 )))" + " GB" )
$DeviceInfo.add("System Name", $vol.SystemName)
$DeviceInfo.add("File System", $vol.FileSystem)
$DeviceInfo.add("IP Address", ($net.IPAddress -join (", ")))
$DeviceInfo.add("Subnet", ($net.IPSubnet -join (", ")))
$DeviceInfo.add("MAC Address", $net.MACAddress )
$out += New-Object PSObject -Property $DeviceInfo | Select-Object `
"System Name", "Organization", "Serial Number","Operating System", `
"Version","Architecture","File System","Disk Capacity", `
"Free Capacity","MAC Address","IP Address","Subnet"
Write-Verbose ($out | Out-String) -Verbose
$out | Export-CSV $outfile -NoTypeInformation
}
and i have a script to get monitor information
function Decode {
If ($args[0] -is [System.Array]) {
[System.Text.Encoding]::ASCII.GetString($args[0])
}
Else {
"Not Found"
}
}
ForEach ($Monitor in Get-WmiObject WmiMonitorID -Namespace root\wmi) {
$Manufacturer = Decode $Monitor.ManufacturerName -notmatch 0
$Name = Decode $Monitor.UserFriendlyName -notmatch 0
$Serial = Decode $Monitor.SerialNumberID -notmatch 0
$ManufactureWeek = (Get-WmiObject WmiMonitorID -Namespace root\wmi).WeekofManufacture
$ManufactureYear = (Get-WmiObject WmiMonitorID -Namespace root\wmi).YearOfManufacture
echo "Manufacturer: $Manufacturer`nName: $Name`nSerial Number: $Serial"
echo "Week of Manufacture: $ManufactureWeek"
echo "Year of Manufacture: $ManufactureYear"
}
how can i combine these codes to get monitor information remotly,
how can i get monitor information remotely???????????


You may also update your monitor script. With more than one monitor, it will not work correctly.
function Decode {
If ($args[0] -is [System.Array]) {
[System.Text.Encoding]::ASCII.GetString($args[0])
}
Else {
"Not Found"
}
}
ForEach ($Monitor in Get-WmiObject WmiMonitorID -Namespace root\wmi) {
$Manufacturer = Decode $Monitor.ManufacturerName -notmatch 0
$Name = Decode $Monitor.UserFriendlyName -notmatch 0
$Serial = Decode $Monitor.SerialNumberID -notmatch 0
$ManufactureWeek = $Monitor.WeekofManufacture
$ManufactureYear = $Monitor.YearOfManufacture
echo "Manufacturer: $Manufacturer`nName: $Name`nSerial Number: $Serial"
echo "Week of Manufacture: $ManufactureWeek"
echo "Year of Manufacture: $ManufactureYear"
}

Related

Powershell Get-Service report wrong information

I've created a powershell script to list all domain controllers under current trusted forest, and than check each individual server for specific services if it's running or not and send an email with report.
I found 2 issues so far.
Get-Service -name "MyService" -ComputerName $myComputer "will say no service is found with that name, but if I list all the services : Get-Service -ComputerName $myComputer it will say "This operation might require other privileges." This is a problem because I'm reporting that the service doesn't exist but it is actually there.
For some reason if I just run the powershell script from command line manually it lists way more servers and most of the info is correct. But I schedule the powershell script from windows task manager with that same account the information is all wrong and it reports way less servers.
Script:
#$domain = [system.directoryservices.activedirectory.domain]::GetCurrentDomain().Name
#$numerOfDomainControlers= nslookup $domain
Clear-Content .\log.txt
$startTime = Get-Date
$allDCs = ((Get-ADForest).Domains | %{ Get-ADDomainController -Filter * -Server $_ } | Where-Object { $_.hostname -notlike '*root*' }).hostname
foreach( $allDC in $allDCs){
$testConnection = Test-Connection $allDC -Quiet -Count 1 -ErrorAction SilentlyContinue
Write-Host
if($testConnection -like "true") {
$SyncStatus = Get-Service -name "MyServicesName" -ComputerName $allDC -ErrorAction SilentlyContinue
if($SyncStatus.length -eq 0) {
Write-Host "MyServicesName doesn't exists on:"$allDC
$SyncStatus = "MyServicesName doesn't exists on:" + $allDC
$logs = $SyncStatus |Out-File .\log.txt -Append
}
else{
write-host "MyServicesName on "$allDC "is: " $SyncStatus.status
$SyncStatus = "MyServicesName on " + $allDC + "is: " + $SyncStatus.status
$logs = $SyncStatus |Out-File .\log.txt -Append
}
}
else
{
Write-Host "Test Connection to Server failed:"$allDC
$SyncStatus = "Test Connection to Server failed:" + $allDC
$logs = $SyncStatus |Out-File .\log.txt -Append
}
}
$endTime = Get-Date
$totalTime = New-TimeSpan -start $startTime -end $endTime
Write-Host $totalTime
$logs = "Total Time in Seconds:" + $totalTime |Out-File .\log.txt -Append
#send Email
$logs = Get-Content .\log.txt
$serverName = $env:computername
$LogTime = Get-Date -Format "MM/dd/yyyy hh:mm:ss"
$FromAddress = "email.com"
$ToAddress = "email.com"
foreach($log in $logs)
{
$Messagebody = $messagebody + $log + "`r`n" |Out-String
}
[string] $MessageSubject ="Status Report runing on " + $serverName +" " + $endTime
$SendingServer = "server"
Send-MailMessage -to $ToAddress -from $FromAddress -subject $MessageSubject -smtpServer $SendingServer -body $Messagebody -Attachments .\log.txt

Export a list of BitLocker Devices on AD

Im trying extract a report from AD of a list of devices that have BitLocker enabled.
We have a Win 2008 r2 Domain Controller and most of our devices are Win 10 with a few Win 8.1 in the mix.
I'm no expert in power shell but have used it in the past on an amateur level. I found the following command online and tried it but when viewing the .CSV all fields are populated except for the "BitlockerPasswordSet" field.
Does anyone have any ideas on how to fix this or better yet a solution they have used that works?
Thanks in advance!
Param (
[string]$SearchBase = "OU=Office-UK,DC=MyDomainName,DC=local"
)
Try { Import-Module ActiveDirectory -ErrorAction Stop }
Catch { Write-Warning "Unable to load Active Directory module because $($Error[0])"; Exit }
Write-Verbose "Getting Workstations..." -Verbose
$Computers = Get-ADComputer -Filter * -SearchBase $SearchBase -Properties LastLogonDate
$Count = 1
$Results = ForEach ($Computer in $Computers)
{
Write-Progress -Id 0 -Activity "Searching Computers for BitLocker" -Status "$Count of $($Computers.Count)" -PercentComplete (($Count / $Computers.Count) * 100)
New-Object PSObject -Property #{
ComputerName = $Computer.Name
LastLogonDate = $Computer.LastLogonDate
BitLockerPasswordSet = Get-ADObject -Filter "objectClass -eq 'msFVE-RecoveryInformation'" -SearchBase $Computer.distinguishedName -Properties msFVE-RecoveryPassword,whenCreated | Sort whenCreated -Descending | Select -First 1 | Select -ExpandProperty whenCreated
}
$Count ++
}
Write-Progress -Id 0 -Activity " " -Status " " -Completed
$ReportPath = "C:\temp\BitLockerComputerReport.csv"
Write-Verbose "Building the report..." -Verbose
$Results | Select ComputerName,LastLogonDate,BitLockerPasswordSet | Sort ComputerName | Export-Csv $ReportPath -NoTypeInformation
Write-Verbose "Report saved at: $ReportPath" -Verbose

VMWare VMDK mapping to Windows Drive Letters

this code almost works, it maps VWare VMDK to windows drives. The code is not mine.
Among other info it will return "DD-SERV-01_15.vmdk for VM MAIN is Drive letter G:"
The script will prompt for credentials and proceeds to map however something goes wrong and only the last VM / Drive is is saved as output - I was hoping someone could take a look and update / fix the code so that it saves all output please?
Thanks.
#Get VMware Disk Usage
# Created by Hugo Peeters
# http://www.peetersonline.nl
# VARIABLES
$Decimals = 1
$VCServer = "SERVERNAME"
# SCRIPT
# Connect to VC
Write-Progress "Gathering Information" "Connecting to Virtual Center" -Id 0
$VC = Connect-VIServer $VCServer
# Create Output Collection
$myCol = #()
# List Datastores (Datastore Name)
Write-Progress "Gathering Information" "Listing Datastores" -Id 0
$Datastores = Get-Datastore | Sort Name
# List vms
Write-Progress "Gathering Information" "Listing VMs and Disk Files" -Id 0
$VMSummaries = #()
ForEach ($vm in (Get-VM))
{
$VMView = $VM | Get-View
ForEach ($VirtualSCSIController in ($VMView.Config.Hardware.Device | Where {$_.DeviceInfo.Label -match "SCSI Controller"}))
{
ForEach ($VirtualDiskDevice in ($VMView.Config.Hardware.Device | Where {$_.ControllerKey -eq $VirtualSCSIController.Key}))
{
$VMSummary = "" | Select VM, HostName, PowerState, DiskFile, DiskName, DiskSize, SCSIController, SCSITarget
$VMSummary.VM = $VM.Name
$VMSummary.HostName = $VMView.Guest.HostName
$VMSummary.PowerState = $VM.PowerState
$VMSummary.DiskFile = $VirtualDiskDevice.Backing.FileName
$VMSummary.DiskName = $VirtualDiskDevice.DeviceInfo.Label
$VMSummary.DiskSize = $VirtualDiskDevice.CapacityInKB * 1KB
$VMSummary.SCSIController = $VirtualSCSIController.BusNumber
$VMSummary.SCSITarget = $VirtualDiskDevice.UnitNumber
$VMSummaries += $VMSummary
}
}
Clear-Variable VMView -ErrorAction SilentlyContinue
}
# Loop through Datastores
ForEach ($Datastore in $Datastores)
{
# List vmdk files in datastore (vmdk Name)
Write-Progress "Gathering Information" ("Processing Datastore {0}" -f $Datastore.Name) -Id 0
$DSView = $Datastore | Get-View
$fileQueryFlags = New-Object VMware.Vim.FileQueryFlags
$fileQueryFlags.FileSize = $true
$fileQueryFlags.FileType = $true
$fileQueryFlags.Modification = $true
$searchSpec = New-Object VMware.Vim.HostDatastoreBrowserSearchSpec
$searchSpec.details = $fileQueryFlags
$searchSpec.sortFoldersFirst = $true
$dsBrowser = Get-View $DSView.browser
$rootPath = "["+$DSView.summary.Name+"]"
$searchResult = $dsBrowser.SearchDatastoreSubFolders($rootPath, $searchSpec)
ForEach ($result in $searchResult)
{
ForEach ($vmdk in ($result.File | ?{$_.Path -like "*.vmdk"} | Sort Path))
{
Write-Progress "Gathering Information" ("Processing VMDK {0}" -f $vmdk.Path) -Id 1
Write-Host "=============================================================================="
# Find vm using the vmdk (VM Name)
$VMRef = ($VMSummaries | ?{$_.DiskFile -match $Datastore.Name -and $_.DiskFile -match $vmdk.Path})
"VMDK {0} belongs to VM {1}" -f $vmdk.Path, $VMRef.VM
If ($VMRef.Powerstate -eq "PoweredOn")
{
Write-Host "VM is powered on" -ForegroundColor "yellow"
$Partitions = Get-WmiObject -Class Win32_DiskPartition -ComputerName $VMRef.HostName
If ($?)
{
$Disks = Get-WmiObject -Class Win32_DiskDrive -ComputerName $VMRef.HostName
$LogicalDisks = Get-WmiObject -Class Win32_LogicalDisk -ComputerName $VMRef.HostName
$DiskToPartition = Get-WmiObject -Class Win32_DiskDriveToDiskPartition -ComputerName $VMRef.HostName
$LogicalDiskToPartition = Get-WmiObject -Class Win32_LogicalDiskToPartition -ComputerName $VMRef.HostName
Write-Host "Read partition and disk information" -ForegroundColor "yellow"
# Match disk based on SCSI ID's
$DiskMatch = $Disks | ?{($_.SCSIPort - 1) -eq $VMRef.SCSIController -and $_.SCSITargetID -eq $VMRef.SCSITarget}
If ($DiskMatch -eq $null){Write-Warning "NO MATCHES!"}
Else
{
Write-Host "Found match:" -ForegroundColor "yellow"
$DiskMatch
# Find the Partition(s) on this disk
$PartitionsOnDisk = ($DiskToPartition | ?{$_.Antecedent -eq $DiskMatch.__PATH})
If ($PartitionsOnDisk -eq $null){Write-Warning "NO PARTITIONS!"}
Else
{
ForEach ($PartitionOnDisk in $PartitionsOnDisk)
{
Write-Host "Disk contains partition" -ForegroundColor "yellow"
$PartitionOnDisk.Dependent
$PartitionMatches = $Partitions | ?{$_.__PATH -eq $PartitionOnDisk.Dependent}
ForEach ($PartitionMatch in $PartitionMatches)
{
$LogicalDiskRefs = $LogicalDiskToPartition | ?{$_.Antecedent -eq $PartitionMatch.__PATH}
If ($LogicalDiskRefs -eq $null)
{
Write-Warning "NO LOGICAL DISKS!"
}
Else
{
ForEach ($LogicalDiskRef in $LogicalDiskRefs)
{
$LogicalDiskMatches = $LogicalDisks | ?{$_.__PATH -eq $LogicalDiskRef.Dependent}
ForEach ($LogicalDiskMatch in $LogicalDiskMatches)
{
Write-Host "Matching Logical Disk:" -ForegroundColor "yellow"
$LogicalDiskMatch
# Create Output Object
$myObj = "" | Select Datastore, DSSizeGB, DSFreeGB, DSPercentFree, DiskFile, VM, HardDisk, DriveLetter, DiskSizeGB, DiskFreeGB, PercFree
# List datastore name
$myObj.Datastore = $Datastore.Name
# Determine datastore size in GB
$myObj.DSSizeGB = [Math]::Round(($Datastore.CapacityMB * 1MB / 1GB),$Decimals)
$myObj.DSFreeGB = [Math]::Round(($Datastore.FreeSpaceMB * 1MB / 1GB),$Decimals)
# Determine datastore free space (DS%Free)
$myObj.DSPercentFree = [Math]::Round((100*($Datastore.FreeSpaceMB/$Datastore.CapacityMB)),$Decimals)
# List disk file name
$myObj.DiskFile = $vmdk.Path
# List VM Name
$myObj.VM = $VMRef.VM
# Determine virtual hard disk / logical drive
$myObj.HardDisk = $VMRef.DiskName
# Report driveletter
$myObj.DriveLetter = $LogicalDiskMatch.DeviceID
# Report Size
$myObj.DiskSizeGB = [Math]::Round(($LogicalDiskMatch.Size / 1GB),$Decimals)
# Report Free Space
$myObj.DiskFreeGB = [Math]::Round(($LogicalDiskMatch.FreeSpace / 1GB),$Decimals)
# Calculate Percentage free space
$myObj.PercFree = [Math]::Round((100 * ([int]($LogicalDiskMatch.FreeSpace / 1MB) / [int]($LogicalDiskMatch.Size / 1MB))),$Decimals)
Write-Host "RESULT:" -ForegroundColor "yellow"
$myObj
# Add output object to output collection
$myCol += $myObj
}
Clear-Variable LogicalDiskMatches -ErrorAction SilentlyContinue
}
}
Clear-Variable LogicalDiskRefs -ErrorAction SilentlyContinue
}
Clear-Variable PartitionMatches -ErrorAction SilentlyContinue
}
}
Clear-Variable PartitionsOnDisk -ErrorAction SilentlyContinue
}
Clear-Variable DiskMatch -ErrorAction SilentlyContinue
Clear-Variable Disks -ErrorAction SilentlyContinue
Clear-Variable LogicalDisks -ErrorAction SilentlyContinue
Clear-Variable DiskToPartition -ErrorAction SilentlyContinue
Clear-Variable LogicalDiskToPartition -ErrorAction SilentlyContinue
}
Clear-Variable Partitions -ErrorAction SilentlyContinue
}
Else
{
Write-Host "VM is powered off" -ForegroundColor "yellow"
}
Clear-Variable VMRef -ErrorAction SilentlyContinue
Write-Progress "Gathering Information" ("Processing VMDK {0}" -f $vmdk.Path) -Id 1 -Completed
}
}
}
# Disconnect from VC
Disconnect-VIServer -Confirm:$False
# OUTPUT
Write-Host "==================================================="
Write-Host "==================================================="
$TotalDSFree = ($myCol | Select Datastore, DSFreeGB -Unique | Measure-Object DSFreeGB -Sum).Sum
$TotalDSSize = ($myCol | Select Datastore, DSSizeGB -Unique | Measure-Object DSSizeGB -Sum).Sum
$AverageDSFree = [Math]::Round(100 * ($TotalDSFree / $TotalDSSize),$Decimals)
$AverageDiskFree = [Math]::Round(100 * (($myCol | Measure-Object DiskFreeGB -Sum).Sum / ($myCol | Measure-Object DiskSizeGB -Sum).Sum),$Decimals)
Write-Host "Total DS Free: $TotalDSFree"
Write-Host "Total DS Size: $TotalDSSize"
Write-Host "Average DS Free Percentage: $AverageDSFree"
Write-Host "Average Disk Free Percentage: $AverageDiskFree"
$myCol | Export-Csv -NoTypeInformation 'C:\TEMP\VMwareDiskUsage.csv'

Try adding the -Append parameter to your export-csv, so it does not overwrite the last entry:
$myCol | Export-Csv -Append -NoTypeInformation 'C:\TEMP\VMwareDiskUsage.csv'

WMI not return all install programs on Windows 7 64

Today we try to list all installed programs on each VM with following script to query WMI.
We find out it will list out all 64 bit applications, plus some of 32 bit applications.
But not all applications (32bit + 64bit) will list out.
param(
[string] $ExportPath = ''
)
$InstalledProducts = get-wmiobject -class Win32_Product
if (($InstalledProducts -ne $null) -and ($InstalledProducts.Count -gt 0))
{
$fileName = ($env:COMPUTERNAME) + "-" + (Get-Date -f "yyyy-mm-dd-hhmmss") + ".csv"
$fileExport = $fileName
if(Test-Path $ExportPath) {
$fileExport = Join-Path (Resolve-Path $ExportPath) $fileName
}
$InstalledProducts |
Select-Object #{Name="HostName"; Expression={"$env:COMPUTERNAME"}}, Name, Version, Vendor |
Export-CSV -Path $fileExport -Encoding UTF8
}
else
{
Write-Host "!!!ERROR!!!"
}
We also try "wmic product" it has the similar issue.
https://superuser.com/questions/681564/how-to-list-all-applications-displayed-from-add-remove-winxp-win7-via-command-li

At last, we need to merge all items both in
HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall
HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall
Code:
param (
[String] $ExportPath = '<NetworkPath>'
)
$fileName = ($ENV:COMPUTERNAME) + "-" + (Get-Date -f "yyyy-mm-dd-HHmmss") + ".csv"
$fileExport = $fileName
if (Test-Path $ExportPath) {
$fileExport = Join-Path (Resolve-Path $ExportPath) $fileName
}
$UninstallRegList = ('HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\*',
'HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*')
$UninstallRegList |
Get-ItemProperty |
foreach{
if (($_.DisplayName -ne $NULL) -and ($_.DisplayName -ne "")){
$_
}
} | Select-Object DisplayName, DisplayVersion, Publisher |
Export-CSV -Path $fileExport -Encoding UTF8
Here post explains that
The Win32_InstalledSoftwareElement and Win32_Product will only give
you information about software that is installed by Microsoft
Installer.
ref: WMI "installed" query different from add/remove programs list?

Clearing temp items stored by Powershell

We use this script to try and get information from some of our servers. Issue that I have is the script somehow "saves" the last server IP, so when the next server in the list is unreachable we still get a "success" response from the previous IP. I have tried using the Clear-Item variable: command after every test but it doesn't seem to release the value.
$enddate = (Get-Date).tostring("yyyyMMdd")
$filename_SRM = 'C:\Scripts\' + $enddate + '_SRM_Scan.csv'
$compArray = get-content C:\Scripts\Servers.txt
foreach($strComputer in $compArray)
{
$ErrorActionPreference = “SilentlyContinue”
$ping = new-object system.net.networkinformation.ping
$ping.send(“$strComputer”) | Where-Object{$_.Name -eq 'Address'}
$pingreturns = $ping.send(“$strComputer”).Status
$socket = new-object Net.Sockets.TcpClient
$port = 135 #445
$socket.Connect($strComputer, $port)
$Network = Get-WMIObject -class Win32_NetworkAdapterConfiguration -Computername $strComputer | `
Where-Object {$_.IPEnabled -match "True"} | `
Select-Object -property DNSHostName,#{N="DNSServerSearchOrder";
E={"$($_.DNSServerSearchOrder)"}},
#{N='IPAddress';E={$_.IPAddress}}
$IP = [System.Net.Dns]::GetHostAddresses(“$strComputer”)
if ($socket.Connected)
{
$Netlogon = Get-WMIObject Win32_Service -ComputerName $strComputer | Where-Object{$_.Name -eq 'Netlogon'}
if ($Netlogon) {
$OS = Get-WmiObject -class Win32_OperatingSystem -computername $strComputer
$services = Get-WMIObject -class Win32_Service -ComputerName $strComputer
"$strComputer ; $pingreturns ; connected ; $($OS.CSName) ; $($Network.IPAddress) "
}else{
"$strComputer ; $pingreturns ; WMI Unavailable ; ; $IP"
}
}
if (!$socket.Connected)
{
echo "$strComputer ; $pingreturns ; Unable to connect ; ; $IP"
}
$socket.Close()
}

Instead of Clear-Item <variable name>, try Remove-Variable <variable name> or alternatively you could use the syntax $variable = $null. Either should work fine.

Resources