Building tools: Gathering information - PowerShell Tutorial

For this lesson, we're going to build a tool. I'm referring to a tool as a PowerShell script you can reuse over and over again in different circumstances without changing the code. We simply change the way it's run. In this lesson's example, we're going to use our PowerShell foo we've gotten throughout this course, and create a script that can query a remote server and return some information like, memory, CPU speed and more. By the end of this upcoming demo you'll come away with a script you can begin using today in your own environment. So I'm now in my Visual Studio Code editor and I've already created some information for you. Some of the things that we're going to be talking about, we haven't talked about in the course. I firmly believe that you need to set some kind of stretch goal. We need to able to not completely understand the code we're working with, but give you just give the incentive to come to work on your own and figure these things out. So with that being said, let's continue on. So to do this, the first thing I want to do is I want to build a script that will allow me to pull information such as the computer name, operating system, and memory from a remote server. To do that, we need to use CIM or WMI. PowerShell Core has support for CIM. First off, let's bring up the PowerShell Core console. And we'll bring this in the same vein here because by default Visual Studio Code, the integrated editor is actually Windows PowerShell, it's not PowerShell Core. So we need to actually close this out, so we can get these both on the same screen so you can understand what's going on. Now that these are both on the screen let's continue. All right so the first thing you want to do is mention namespaces. So PowerShell Core has a command-let called Get-CimInstance that we can query namespaces. Namespaces are essentially containers that contain all kinds of information. As you can see here, this is how you would pull all the various namespaces. Now in WMI, WMI has a namespace called root CIM V2 this is a very common namespace. And a lot of these namespaces inside of here, they start with Win32, a reference to Windows 32 bit, which is a little old school, I know. We can run this. This will get back all of the Win32 classes. So you can see here just be looking at these, Win32 tape drives, system processes, software. All kinds of information about various things about a Windows operating system. All this stuff can be pulled from CIM and PowerShell. There are a few common classes. We're going to be using the Win32 operating system and Win32 physical memory classes. So I would just pull these out of here and show you what kind of information comes up with these classes. See that we've got reboot, shut down, class methods, Win32 physical memory, it looks like that doesn't show up very good, so let's bring... bring this back and see what this looks like. There we go. So we have caption, description, these are the important ones, install date. All of this stuff you can see you can see. I'll show you how the values look. We can dive into those CIM class properties here by piping the CIM class to select object and using the expand property parameter, to see all the information in here. Now we can see inter leave data depth, max voltage, min voltage, SMB memory type. Again lots of useful information, speed. All this information we'll be able to pull out in our tool. So now let's check out and see what the CIM instance is of Win32 operating system. By copying and pasting in here. Now we have build number organization system directory. Okay that's good information. Now let's check out Win32 physical memory. Capacity, that looks good. Tag. Serial number. Lots of good information. This is just demonstration of what you can pull from WMI and CIM. Essentially anything you want. If you can Google enough to figure out where it's actually located in CIM and WMI, you can pull it out with PowerShell. So let's clear the screen, and now since CIM uses PowerShell Remoting, we've already went over PowerShell Remoting, and we've already enabled all that stuff so I'm not going to go over that here.