ps1

Event logs log almost any aspect of Windows so if something goes wrong or stops working as expected, it is a good idea to include event log forensic...

Let’s assume you are invited to the 37th birthday of a friend. What can you put on the birthday card? Try this: PS> Invoke-RestMethod -Uri...

When you split texts, you typically lose the splitting character. That’s why the backslash in this example is lost: PS>...

In the previous tip we showed that Sort-Object accepts property names, hash tables or plain script blocks to sort things, and we used script blocks...

In the previous tip we showed that Sort-Object accepts property names, hash tables or plain script blocks to sort things. Let’s check out why...

In the previous tip we showed how Sort-Object can sort multiple properties, and how you can use hash tables to control sort direction individually...

Sort-Object is your cmdlet to sort things: simply specify the property you like to sort, and Sort-Object covers the rest, including picking the...

PowerShell comes with Get-FileHash which reads a file and calculates a unique hash value. That’s great to test whether files have identical...

In the previous tip we illustrated that accessing the WinRT class AnalyticsInfo seems to be the only supported way to read the current Windows 10...

In the previous tip we reported that ReleaseId is deprecated and can no longer be used to correctly identify the current Windows 10 version....

The current Windows version can be read easily from the Windows Registry: PS> Get-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows...

There are tons of PowerShell scripts floating around pretending they can decode the original Windows 10 product key. Most of these scripts use...

In the previous tip we looked at Get-WinEvent and how you can use calculated properties to directly access the “Properties” attached to...

In the previous tip we looked at Get-WinEvent and how you can use a hash table to specify your query. The previous tip used below code to list all...

Event logs contain hugely useful information about almost any aspect of your Windows system. When using the deprecated Get-EventLog cmdlet, however,...

In the previous tip we explained that most log files can be treated as CSV files and read by Import-Csv. All you need to do is tell Import-Csv where...

Most raw log files come in tabular form: even though they may not be full-featured CSV format, they typically have columns and some sort of...

In the previous tip we pinpointed a general problem when converting objects to CSV: any property containing an array will display the array data...

When you convert data to CSV you may discover a pretty disturbing phenomenon: some properties no longer display the original data. Here is an...

PowerShell comes with a bunch of Export- and ConvertTo- cmdlets so you can serialize object data to CSV, JSON, XML, and other formats. That’s...

In the previous tip we shadowed the original Get-Help cmdlet with a custom proxy function. The function checked whether there was online help for...

In the previous tip we changed the default parameter values of Get-Help to automatically show the rich online help when you use Get-Help or the...

Many cmdlets provide rich online help, and you can automatically open the web page for a cmdlet by using Get-Help and submitting the -Online...

In the previous tip we introduced the free PowerShell module Get-WLANs which can access the Windows Wi-Fi framework and return information such as...