NOTES:
Posh stands for PowerShell
The keywords are preceded by the “-” (dash) sign, followed by a respective string
ex: -Logname Application
-After 07/10/2014
-Before -07/01/2014
-Source ESENT
Using Capital letters for the first letter is more elegant but not necessary
The numbers provided here refer to my research on a Windows 8 workstation
You can use command line (CLI) commands in Posh
Event Viewer Logs commands:
Get-Help Get-Eventlog
Get-Eventlog -Logname Application -Before 07/10/2014 -Source ESENT -newest 15
Get-Eventlog -Logname Application -After 07/01/2014 -Source ESENT -Newest 1 -Computername HPW8
Get-verb (provides a list of all existing verbs in Posh; as of this writing There are 99 verbs; Get is one of them, so is Ping, Trace, Test, etc.)
Get-Command -Verb Get (There are at least 197 Get commands on a Windows 8 machine)
Get-Help Get-Process -Examples (lists the correct syntax for the command and the aliases already available that can be used for the command; e.g. Get-Process has 2 aliases: “gps” and “ps” therefore the 3 Posh cmdlets below they all accomplish the same:
- Get-Process (command)
- gps (alias of Get-Process)
- ps (alias of Get-Process)
You can explicitly check one process:
ps explorer
Storing cmdlets results on a variable:
$a = get-process (This command gets all the processes on the computer and then stores them in the $a variable – source: http://technet.microsoft.com/library/hh849832.aspx
get-process -inputobject $a | format-table -view priority (The second command uses the InputObject parameter to pass the process objects that are stored in the $a variable to the Get-Process cmdlet)
