Sunday, August 27, 2017

Script to Log TCP Connections by Powershell


Logging TCP connection is useful for troubleshooting or for auditing purpose. You can use TCPView to view the real-time the incoming and outgoing TCP connections between servers and clients. To save the log into file, you need to use TCPLogView. But, the limitation is the duration of TCP capture, or based on log file size without actually doing the custom scripting. Windows has a built-in netstat command which can capture the TCP/UDP connection. So, with the help of powershell, I loop the execution of netstat command & capture the new TCP connection based on previous connections. With this script, you can capture new TCP connections to a specific time or until the log file size is reached to avoid the disk space consumption.
On my testing machine, I run the below command and it will capture the incoming/outgoing TCP connections for 90 minutes (See Fig-1).
.\Get-TcpLog.ps1 -min 1 -sec 30 -CsvFile | ft



Fig-1: Logging TCP Connections for 90 seconds

Wednesday, August 23, 2017

A Quick Start Guide: How to Manage Veeam Backup & Replication 9 with Powershell

Most enterprise backup software has come with powershell support to make backup administrators life easier. In this post, we will play some veeam powershell
commands to backup/restore VMs or for listing current backup jobs. The veeam powershell has more cmdlets for advanced Vss aware backup (such as SQL, Exchange) which I do not cover here. Here, I will show only VM level backup/restore with powershell.

Wednesday, August 16, 2017

Batch/Powershell: How to check Pending Computer Restart after Installing Windows Update

Some windows updates require a system restart after installation because it needs to change some system files which are currently used by running processes, or changes in registry. You'll be prompted with the yellow icon shield like in fig-1.
Fig-1: Pending Restart after windows update install

Windows created a registry subkey RebootRequired under HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\ to detect this pending state.