It has come to my attention that, starting from February 9, 2021,
Microsoft Security Response Center has removed registrations requirements to their CVRF API.
That could be a nice way to programmatically identify, download and apply security updates and, for example, provisioning fully patched systems.
That being the case, I was trying to identify, the latest cumulative update for a given Windows version, say 20H2, to be later downloaded
from Microsoft Update Catalog, which lacks a proper API.
Currently, I can just think of parsing the call:
curl -X GET --header 'Accept: application/json' 'https://api.msrc.microsoft.com/cvrf/v2.0/cvrf/2021-Feb'
Is there a more specific and reliable way?
I haven't found a straightforward way to parse the JSON output. However, this sort of works:
$product = "Windows 10"
$version = "20H2"
$raw = Invoke-WebRequest 'https://api.msrc.microsoft.com/cvrf/v2.0/cvrf/2021-feb' -Headers #{"accept"="application/json"}
$json = $raw.Content | ConvertFrom-Json
$search = "$product*$version*x64-based*"
$prd = $json.ProductTree.Branch[0].Items.Items | where{$_.Value -like $search}
$prdID = $prd.ProductID
($prd | Out-String) | Write-Host
$json.Vulnerability.Remediations | where{$_.ProductID -eq $prdID} |
%{echo $_.URL} | Sort-Object | Get-Unique | Select -Last 1
Above code wouldn't work for me on newer platforms, but if you check if ProductID array is greater than 0 and select the 0th element, you can string compare properly. The where-object doesn't allow you to do this to my knowledge. So I put $rem in place and did nested loops of prdID and $rem inside of that. I'd paste the code but the rules to post code I can't figure out. Just PM me if any questions.
Related
I found on this post how to print the the Azure Subscription ID:
(Get-AzContext).Subscription.id
But if I look in the official documentation of the command Get-AzContext I don't see anywhere that the .Subscription.id or .id would print that information.
How the guy who replied to that question knew such information?
Where can I find a list of properties for each command?
Commmands like Get-AzContext | fl * or Get-AzContext | gm or get-help Get-AzContext -full don't provide such list.
I want to be able to see all properties provided by commands like Get-AzResource or Get-AzSqlDatabase or any other.
Problably not the cleanest way, but as I use this trick very often and since I shared to some teammates I noticed they are using it now I guess it worths sharing :) .
Use the convertto-json -depth xx (where xx is big enough for your need and depending on the objet's complexity) to get the whole view of an object
Then you can redirect to a file and look for what you need quite easily.
In case you run Get-AzContext | convertto-json -depth 10 you will find back the subscription and the ID.
I'm trying to get the current list of azure vms on first run of script -> Stores to Storage Account in CSV File
O the 2nd run - Current List should be compared with existing csv file in Storage Account incase of any vms decommisioned that should be recorded and stored in 2nd File in Storage Account
This works fine for me but the issue is when we create a new azure vm which was also gets added to decommission csv list
$Difference = Compare-Object $existingVmCsv $vmrecordFile -Property VmName -PassThru | Select-Object VmName,ResourceGroupName,SubscriptionName
I tried couple of side indicators but dint work
$Difference = Compare-Object -ReferenceObject #($vmrecordFile | Select-Object) -DifferenceObject #($existingVmCsv | Select-Object) -PassThru -Property VmName,ResourceGroupName,SubscriptionName | Where-Object {$_sideIndicator -eq "<="}
$Difference = Compare-Object -ReferenceObject $vmrecordFile -DifferenceObject $existingVmCsv -PassThru -Property VmName,ResourceGroupName,SubscriptionName | Where-Object {$_sideIndicator -eq "<="}
Thank you User Cpt.Whale - Stack Overflow . Posting your suggestions as answer to help other community members.
It seems, you have a typo in a syntax. Object property references should use a "." , like Where-Object { $_.sideIndicator -eq '<=' }
'<=' This indicates that property value appears only in the -ReferenceObject setReferences: powershell - compare two files and update the differences to 2nd file - Stack Overflow , Powershell : How to Compare Two Files, and List Differences | | Dotnet Helpers (dotnet-helpers.com) and compare-object not working : PowerShell (reddit.com)
I am executing a Get-ADDomain command
I was fetching the output given by the command
And I noticed that it is not giving the full list of objects it is just listing some of those and then end with ... have attached the image for reference
I realized it might be problem with the width of the output and it must be using the default width
So while executing the command I also set Out-Width as 1000 but it gives more values but still the same problem persists and increasing the width any further does not have any impact on the output
Is there any way by which I can capture the whole value itself. I have faced this issue with other commands as well. This is the command I executed :
Get-ADDomain | Select-Object LinkedGroupPolicyObjects| Out-String -Width 1000
You should use -ExpandProperty and work with the objects, rather then converting them to a string with out-string.
$LinkedGPOs = Get-ADDomain | Select-Object -ExpandProperty LinkedGroupPolicyObjects
foreach($LinkedGPO in $LinkedGPOs) {
}
So the below is where I'm at so far:
import-module activedirectory
$domain = "ourdomain"
Get-ADUser -Filter {enabled -eq $true} -Properties whenCreated,EmailAddress,CanonicalName |
select-object Name,EmailAddress,CanonicalName,whenCreated | export-csv C:\Data\test.csv
Unfortunately, when I run the above I get dates in two different formats in the CSV, e.g.:
01/01/2017
1/01/2017 8:35:56 PM
The issue this poses is that there isn't really a clean way to sort them. Excel's formatting doesn't change either of these formats to be more like the other, both because of the inclusion of time in one and not the other, and because the time-inclusive format doesn't use trailing zeroes in the single digit numbers, but the time-exclusive format does.
We have an existing script that captures users using the LastLogonTimestamp attribute that does this correctly by changing the bottom line to the following:
select-object Name,EmailAddress,CanonicalName,#{Name="Timestamp"; Expression={[DateTime]::FromFileTime($_.whenCreated).ToString('yyyy-MM-dd_hh:mm:ss')}}
For some reason this expression runs properly when we query the LastLogonTimestamp attribute, but when we run this version querying the whenCreated attribute, we get an entirely blank column underneath the Timestamp header.
I'm not particularly knowledgeable about PowerShell itself, and my colleague who had found the original script for the LastLogonTimestamp just found it online and adapted it as minimally as possible to have it work for us, so I don't know if something in this line would work properly with one of these attributes and not the other. It seems strange to me though that two attributes using dates in the same program would store them in different formats though, so I'm not convinced that's it.
In any case, any help anyone can offer to help us get a uniform date format in the output of this script would be greatly appreciated - it needn't have the time included if it's easier to do away with it, though if they're equally easy we may as well keep it.
whencreated is already a [DateTime]. Notice the difference between the properties when you run something like this:
Get-ADUser TestUser -Properties lastlogon,whenCreated | select lastlogon,whenCreated | fl
(Get-ADUser TestUser -Properties lastlogon).lastlogon | gm
(Get-ADUser TestUser -Properties whenCreated).whenCreated | gm
This means that you don't have to convert to a DateTime before running the toString() method.
select-object #{Name="Timestamp"; Expression={$_.whenCreated.ToString('yyyy-MM-dd_hh:mm:ss')}}
Please help. Trying to figure out how to replace a string in PowerShell, but don't know the rest of the string. I have this:
(Get-Content $file) -replace[regex]::Escape('file='*''),('file='+$_.BaseName) | Set-Content $file
I don't know what comes after file=
I tried my code, but it replaces it multiple times instead of just once.
So trying to replace file=* with filename=$_.BaseName.
Thanks for looking.
Just an FYI for anyone using the latest version of PowerShell Community Extensions (http://pscx.codeplex.com), there is a new command called Edit-File that handles this sort of thing nicely (works hard to preserve the file's original encoding):
Get-Item test.txt | Foreach {$bn=$_.BaseName; $_} |
Edit-File -Pattern '(file=).*' -Replace "`${1}$bn"
In theory I shouldn't need the Foreach stage but it seems I've found a limitation in how -PipelineVariable does not work with parameters that aren't pipeline bound. Hmm, add that to the Pscx backlog.