Scripting

Using PowerShell to Write to Event Log

https://blogs.msdn.microsoft.com/kenobonn/2014/03/29/create-event-log-sources-using-powershell/

https://4sysops.com/archives/logging-to-the-windows-event-log-in-your-powershell-scripts/

Advertisements
Scripting

Launching PowerShell from VBScript

If you need to launch PowerShell from VBScript, use this.


Set objShell = CreateObject("Wscript.shell")

strPSScript = "D:\temp\msg.ps1"
strCMD = "powershell.exe -nologo -file " & Chr(34) & strPSScript & Chr(34)
objShell.run strCMD, 0, false

'WScript.Echo strCMD

Set objShell = Nothing

This will launch the PowerShell script and hides the window as well.

If you encounter issues with the above such that the PS script needs the PS shell window to remain open, use the script below:


strPSScript = "<script path>"
Set objShell = CreateObject("Wscript.Shell")
objShell.Run("powershell.exe -noexit -windowstyle minimized " & chr(34) & strPSScript & chr(34))

 

Scripting

PS Tip: Parsing HTML from a local File or a String

If you are familiar with Invoke-WebRequest cmdlet then you are aware that you can get a parsed HTML from the requested Web URL. DOM structure of this parsed HTML could be utilised to get access to HTML elements of the web page (see below).


$webRequest = Invoke-WebRequest "google.com"

$webRequest.ParsedHTML.getElementsByTagName("span") | % textContent

WebRequest1

Problem

What if we have the HTML files locally saved in the computer or in a string? Do we have any mechanism to parse it from a local file/string?

Solution

Answer is Yes.

Microsoft provides the HTML document class in .Net framework class library, which has a Write() method to write HTML Document using DOM 2 (Document Object Model Level 2)

WebRequest2

Solution 1 : From a string

$html = New-Object -ComObject "HTMLFile"

$html.IHTMLDocument2_write($content)

$html.all.tags("A") | % innerText

Solution 2 : From a file

Similarly we can parse HTML document from a local HTML file.


$html = New-Object -ComObject "HTMLFile"

$html.IHTMLDocument2_write($(Get-Content .\file.html -raw))

$html.all.tags("A") | % innerText

 

Note

Even the parsed HTML from Invoke-Webrequest has the type HTML Document Class


$WR = Invoke-WebRequest "http://google.com"

$WR.ParsedHtml.GetType()

Output is: HTMLDocumentClass

 

 

Scripting

PowerShell Exception 0x800A01B6 while using getElementsByTagName, getElementsByName or getElementByID

Recently, I have started writing automation scripts to automate IE websites and make use of the com-object “InternetExplorer.Application” to automate an internet explorer session.

$ie = New-Object -com "InternetExplorer.Application"
$ie.visible = $true
$ie.silent = $true

$ie.Navigate($IURL)
while ($ie.Busy) {
  [System.Threading.Thread]::Sleep(10)
}

Using $ie.Document.getElementsByTagName(“Input”) enables me to enumerate the form fields and buttons. This works for the first website that I am visiting. If I then navigate to another site, $xe.Document.getElementsByTagName(“Input”) generates the following exception:


Exception from HRESULT: 0x800A01B6
At line:1 char:1
+ $Global:ie.Document.getElementsByTagName("Input")
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 + CategoryInfo : OperationStopped: (:) [], NotSupportedException
 + FullyQualifiedErrorId : System.NotSupportedException

Workaround

Always use the following methods instead of the native ones:


IHTMLDocument3_getElementsByTagName
IHTMLDocument3_getElementsByName
IHTMLDocument3_getElementByID

Example


$ie = New-Object -com "InternetExplorer.Application"
$ie.visible = $true
$ie.silent = $true
$ie.Navigate($IURL)
while ($ie.Busy)
{
[System.Threading.Thread]::Sleep(10)
}
$ie.Document.IHTMLDocument3_getElementsByTagName("Input") $ie.Navigate($IURL2) while ($ie.Busy)
{
[System.Threading.Thread]::Sleep(10)
}
$ie.Document.IHTMLDocument3_getElementsByTagName("Input")

Scripting

Which is the fastest tool to search through Windows Event Logs?

If you need to comb through tons of Windows Event Logs especially Security logs, it may take a long time due to the size. There are many different tools/scripts out there which can search the logs but each one has its own strengths and weaknesses.

I’ve done some comparison and the champion turns out to be wevtutil.exe tool.  It’s many many times a lot faster than any other tools.  Do try it out!