An Introduction to Microsoft PowerShell - A Look at Cmdlets

(Page 3 of 4 )

So, “what the fruit is a cmdlet?” you ask.  A cmdlet (pronounced command-let) is basically a miniature program that can be compared to an application’s dll file.  It is executable, but only within the PowerShell environment.  Cmdlets are created as PowerShell scripts.

As I’ve stated you call specific methods in cmdlets by supplying a verb.  There are over 50 verbs, but only a few perform the most common tasks.  They are as follows:

 

• Add (Add-content, works like append)
• Clear (Clear-variable)
• Expand
• Export
• Format (Format-list or format-table)
• Get (Default verb, not always necessary, often assumed)
• Group (Group-object often abbreviated to plain group)
• Import
• Measure (Measure-object)
• Move
• New (New-object, opens up a whole world of com or net objects)
• Out (Out-file, also out-printer, even out-host)
• Pop
• Push
• Read (Read-host is a method of obtaining console input)
• Remove * (Remove-item.  PowerShell's way of deleting)
• Resume (Service)
• Restart (Service)
• Set (Set-location, like cmd's cd)
• Sort (Strictly speaking sort-object)
• Start (Start-service)
• Stop (Stop-service)
• Write (Write-host, also write-output)

 

Constructing a command is as simple as choosing a verb and a noun.  Here are some of most commonly used nouns in PowerShell:

 

• Acl  (get-acl)
• Alias
• Childitem (get-childitem has an Alias of dir)
• Command (get-command)
• Content (get-content, has an Alias of type)
• Drives
• Env
• Eventlog
• File (Out-file)
• Item (get-item d:scripts)
• Process
• Property (Get-property c:boot.ini)
• Provider
• Service
• WmiObject

 

Obviously not all of the verbs will work with all of the nouns, but it’s very simple to try them and see which ones do.  Of course, as I stated, PowerShell has a very extensive help system that lists all of the native objects including their verb-noun pairs.

Try opening a PowerShell window and trying the Get-EventLog pair.  You will be asked to supply the name of the Event Log you’d like to view.  Just type System and press return.  Alternatively you can supply it in the original command line by typing Get-EventLog System.  You should see a return that looks something like the following.

Index Time          Type Source                EventID Message                                                        

----- ----          ---- ------                ------- -------                                                         

10439 Feb 25 19:31  Warn Tcpip                    4226 TCP/IP has reac…

10438 Feb 25 19:04  Warn Tcpip                    4226 TCP/IP has reac…

10437 Feb 25 18:56  Info Service Control M...     7036 The LiveUpdate…

10436 Feb 25 18:55  Info Service Control M...     7036 The LiveUpdate…

10435 Feb 25 18:55  Info Service Control M...     7035 The LiveUpdate…

10434 Feb 25 18:54  Info Service Control M...     7036 The LiveUpdate…

10433 Feb 25 18:54  Info Service Control M...     7036 The LiveUpdate…

10432 Feb 25 18:54  Info Service Control M...     7035 The LiveUpdate…

10431 Feb 25 18:51  Info Service Control M...     7036 The WMI Perform…

10430 Feb 25 18:51  Info Service Control M...     7035 The WMI Perform…

10429 Feb 25 18:51  Info Service Control M...     7036 The WMI Perform…

10428 Feb 25 18:51  Info Service Control M...     7036 The LiveUpdate…

10427 Feb 25 18:51  Info Service Control M...     7036 The WMI Perform…

10426 Feb 25 18:51  Info Service Control M...     7035 The WMI Perform…

10425 Feb 25 18:51  Info Service Control M...     7036 The WMI Perform…

10424 Feb 25 18:51  Info Service Control M...     7036 The Application…

…

If that’s too hard for you to read, then you should try pipelining.  Support for pipelining is very strong.  The command we want is Get-EventLog System | Format-List.  The Format-List cmdlet is used to control the output of the Get-EventLog cmdlet.  The output should look similar to the following:

Index              : 10439

EntryType          : Warning

EventID            : 4226

Message            : TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Category           : (0)

CategoryNumber     : 0

ReplacementStrings : {}

Source             : Tcpip

TimeGenerated      : 2/25/2007 7:31:14 PM

TimeWritten        : 2/25/2007 7:31:14 PM

UserName           :

 

Index              : 10438

EntryType          : Warning

EventID            : 4226

Message            : TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Category           : (0)

CategoryNumber     : 0

ReplacementStrings : {}

Source             : Tcpip

TimeGenerated      : 2/25/2007 7:04:44 PM

TimeWritten        : 2/25/2007 7:04:44 PM

UserName           :

 

Index              : 10437

EntryType          : Information

EventID            : 7036

Message            : The LiveUpdate service entered the stopped state.

Category           : (0)

CategoryNumber     : 0

ReplacementStrings : {LiveUpdate, stopped}

Source             : Service Control Manager

TimeGenerated      : 2/25/2007 6:56:29 PM

TimeWritten        : 2/25/2007 6:56:29 PM

UserName           :

Next: Harnessing the Power >>
 

More Windows Scripting Articles
More By Nilpo/Developer Shed Staff Writer

Comments On: An Introduction to Microsoft PowerShell

· You've heard all of the buzz around Microsoft's latest scripting technology. Now we...    · Nice introduction, but the last example does not work:It was:Get Process |...    · Thanks so much for catching that typo. I've fixed it. I'm glad you enjoyed the...   >>> Post your comment now!