Basically all cmdlets look like so: verb-noun
Get-Command **to find command I may needGet-Alias [-Definition] **to find its aliases
Help **to get help for its usageGet-Memberfor its functions and roperties- or try with GUI
Show-Command
- or try with GUI
List all available verbs
get-verbList help and filter for specific name
get-help asdf*To prevent scrolling to the bottom when having a long output, pipe to |more
get-help * | moreHelp is a function that combines get-help with a pipe to |more
help asdf*To get help for PS internal functions, search for about_ files
help about_*List and filter available cmdlets
get-command
get-command -type function
get-command -type cmdlet
get-command -name *ipconf*
get-command -verb new* -module Hyper-V
get-command -noun VM* -module Hyper-VFind aliases
get-command dir
# shorthand
gcm dir
CommandType Name
----------- ----
Alias dir -> Get-ChildItemFind related cmdlet to an alias
get-alias dir
get-alias -definition Get-ChildItem
CommandType Name
----------- ----
Alias dir -> Get-ChildItem
Alias gci -> Get-ChildItem
Alias ls -> Get-ChildItemOpen a GUI form for a specific command. Shows possible parameters and corresponding input fields
show-command get-serviceShow history of commands, list previous commands in posh
get-historyInvoke command from history (from current session)
invoke-history -id 1Show full history for all sessions
more ([System.Environment]::ExpandEnvironmentVariables("%userprofile%\AppData\Roaming\Microsoft\Windows\Powershell\PSReadline\ConsoleHost_history.txt"))record transcript of commands and save to a file
start-transcript .\transcript.txt
pwd
dir
stop-transcriptUse the get-members cmdlet to see what properties and methods returned objects have
get-history | get-membersformat to table + use line wrap
get-history | format-table -wrapformat to list + select specific properties
get-service | format-list Name, Status, ServiceTypeforward output to GUI grid view for further filtering etc.
get-service | out-gridviewget a counted subset of return objects (here -newest)
Get-EventLog Application -Newest 10List avail. PsProviders
get-PsProvider
Name Capabilities Drives
---- ------------ ------
Registry ShouldProcess, Transactions {HKLM, HKCU}
Alias ShouldProcess {Alias}
Environment ShouldProcess {Env} \
FileSystem Filter, ShouldProcess, Credentials {C, D}
Function ShouldProcess {Function}
Variable ShouldProcess {Variable}
Certificate ShouldProcess {Cert}
WSMan Credentials {WSMan}e.g. registry, environment variables, installed certificates
cd hkml:
cd env:
cd cert:
help dir -ExamplesGet the value of records in e.g. env PsDrive
$env:tmp
$env:path
$env:home
cd $env:USERPROFILEget-PsDrive
Name Used (GB) Free (GB) Provider Root
---- --------- --------- -------- ----
Alias Alias
C 139.50 97.92 FileSystem C:\
Cert Certificate \
D 238.24 227.40 FileSystem D:\
Env Environment
Function Function
HKCU Registry HKEY_CURRENT_USER
HKLM Registry HKEY_LOCAL_MACHINE
Variable Variable
WSMan WSManFor dynamic hardware monitoring
get-counterSee also: 📝 systemProfile.ps1
These are used to get information about OS and hardware.
WMI Repository \
CIMv2 namespace
class
properties
Get-Counter [-listset *cpu/memory*]
Get-WMIobject
Get-CimInstance
Get-EventlogSee also: 📝 systemProfile.ps1
List entries from specific windows event logs
Get-EventLog -log System -Newest 400See also: 📝 systemProfile.ps1
´´´ps # attribute filter get-childItem -Attributes !Directory+Hidden,!Hidden,Directory dir -att !d+h,!h,d
# shorthand
gci *.png
# recursive
move-item .\* ~\newDir -recurse
# verbose / preview
move-item .\* ~\newDir -recurse -verbose
´´´
icacls .# sum up, select sum, map to GB size
(((Get-PSDrive).Used | measure -SUM).Sum / 1gb ) / (((Get-PSDrive).Free | measure -SUM).Sum / 1gb)
# use Math lib to round
[Math]::Round(((Get-PSDrive).Free | measure -SUM).Sum / 1gb ,2)# global variables
get-variable
# set a variable
$myInt = 1
$myStr = "asdf"
$myCmdReturnObj = Get-Services
Write-Output "$myStr ist: $myInt aber nicht $myCmdReturnObj"