はじめに
PowerShellで大量のデータから必要な情報だけ絞り込む方法をアウトプットしたいと思います。
PowerShellスクリプトの開発でよく使用します。
ざっくりめに紹介したいと思います。
今回の環境
-
OS
WindowsServer2012R2 Datacenter
OS情報
PS C:\Users\Administrator> (Get-WmiObject Win32_OperatingSystem).Caption
Microsoft Windows Server 2012 R2 Datacenter
PS C:\Users\Administrator>
-
PowerShellバージョン
5.1.14409.1005
PowerShellバージョン情報
PS C:\Users\Administrator> $PSVersionTable
Name Value
---- -----
PSVersion 5.1.14409.1005
PSEdition Desktop
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...}
BuildVersion 10.0.14409.1005
CLRVersion 4.0.30319.34014
WSManStackVersion 3.0
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
使用コマンド
使用コマンドはこちらになります。
使用コマンド
任意のコマンド | Where-Object {$_.項目名 -eq "抽出したい文字列"}
オブジェクトをフィルタリングするためのコマンドレットになります。
使用例
使用例についてご紹介します・
使用例①
Get-Serviceコマンドの実行結果から「Status」が「Stopped」の項目を抽出したい場合
抽出前
PS C:\Users\Administrator> Get-Service
Status Name DisplayName
------ ---- -----------
Stopped AeLookupSvc Application Experience
Stopped ALG Application Layer Gateway Service
Stopped AppIDSvc Application Identity
Stopped Appinfo Application Information
Stopped AppMgmt Application Management
Stopped AppReadiness App Readiness
Stopped AppXSvc AppX Deployment Service (AppXSVC)
Stopped AudioEndpointBu... Windows Audio Endpoint Builder
Stopped Audiosrv Windows Audio
Running BFE Base Filtering Engine
Running BITS Background Intelligent Transfer Ser...
Running BrokerInfrastru... Background Tasks Infrastructure Ser...
Stopped Browser Computer Browser
Running CertPropSvc Certificate Propagation
Stopped COMSysApp COM+ System Application
Running CryptSvc Cryptographic Services
Running DcomLaunch DCOM Server Process Launcher
Stopped defragsvc Optimize drives
Stopped DeviceAssociati... Device Association Service
Stopped DeviceInstall Device Install Service
Running Dhcp DHCP Client
Running Dnscache DNS Client
Stopped dot3svc Wired AutoConfig
Running DPS Diagnostic Policy Service
Stopped DsmSvc Device Setup Manager
Stopped Eaphost Extensible Authentication Protocol
Stopped EFS Encrypting File System (EFS)
〜〜省略〜〜
実行コマンド
実行コマンド
Get-Service | Where-Object {$_.Status -eq "Stopped"}
抽出後(例)
PS C:\Users\Administrator> Get-Service | Where-Object {$_.Status -eq "Stopped"}
Status Name DisplayName
------ ---- -----------
Stopped AeLookupSvc Application Experience
Stopped ALG Application Layer Gateway Service
Stopped AppIDSvc Application Identity
Stopped Appinfo Application Information
Stopped AppMgmt Application Management
Stopped AppReadiness App Readiness
Stopped AppXSvc AppX Deployment Service (AppXSVC)
Stopped AudioEndpointBu... Windows Audio Endpoint Builder
Stopped Audiosrv Windows Audio
Stopped Browser Computer Browser
Stopped COMSysApp COM+ System Application
Stopped defragsvc Optimize drives
Stopped DeviceAssociati... Device Association Service
Stopped DeviceInstall Device Install Service
Stopped dot3svc Wired AutoConfig
Stopped DsmSvc Device Setup Manager
Stopped Eaphost Extensible Authentication Protocol
Stopped EFS Encrypting File System (EFS)
使用例②
Get-NetFirewallProfileコマンドの実行結果から「Name」が「Domain」の項目を抽出したい場合
抽出前
PS C:\Users\Administrator> Get-NetFirewallProfile
Name : Domain
Enabled : False
DefaultInboundAction : NotConfigured
DefaultOutboundAction : NotConfigured
AllowInboundRules : NotConfigured
AllowLocalFirewallRules : NotConfigured
AllowLocalIPsecRules : NotConfigured
AllowUserApps : NotConfigured
AllowUserPorts : NotConfigured
AllowUnicastResponseToMulticast : NotConfigured
NotifyOnListen : False
EnableStealthModeForIPsec : NotConfigured
LogFileName : %systemroot%\system32\LogFiles\Firewall\pfirewall.log
LogMaxSizeKilobytes : 4096
LogAllowed : False
LogBlocked : False
LogIgnored : NotConfigured
DisabledInterfaceAliases : {NotConfigured}
Name : Private
Enabled : False
DefaultInboundAction : NotConfigured
DefaultOutboundAction : NotConfigured
AllowInboundRules : NotConfigured
AllowLocalFirewallRules : NotConfigured
AllowLocalIPsecRules : NotConfigured
AllowUserApps : NotConfigured
AllowUserPorts : NotConfigured
AllowUnicastResponseToMulticast : NotConfigured
NotifyOnListen : False
EnableStealthModeForIPsec : NotConfigured
LogFileName : %systemroot%\system32\LogFiles\Firewall\pfirewall.log
LogMaxSizeKilobytes : 4096
LogAllowed : False
LogBlocked : False
LogIgnored : NotConfigured
DisabledInterfaceAliases : {NotConfigured}
〜〜省略〜〜
実行コマンド
実行コマンド
Get-NetFirewallProfile | Where-Object {$_.Name -eq "Domain"}
抽出後(例)
PS C:\Users\Administrator> Get-NetFirewallProfile | Where-Object {$_.Name -eq "Domain"}
Name : Domain
Enabled : False
DefaultInboundAction : NotConfigured
DefaultOutboundAction : NotConfigured
AllowInboundRules : NotConfigured
AllowLocalFirewallRules : NotConfigured
AllowLocalIPsecRules : NotConfigured
AllowUserApps : NotConfigured
AllowUserPorts : NotConfigured
AllowUnicastResponseToMulticast : NotConfigured
NotifyOnListen : False
EnableStealthModeForIPsec : NotConfigured
LogFileName : %systemroot%\system32\LogFiles\Firewall\pfirewall.log
LogMaxSizeKilobytes : 4096
LogAllowed : False
LogBlocked : False
LogIgnored : NotConfigured
DisabledInterfaceAliases : {NotConfigured}
PS C:\Users\Administrator>