Important Powershell Commands For Beginners
Let’s look into a few windows commands, the basic commands are often times very important when troubleshooting and even looking into security issues. This isn’t necessarily for windows gurus and experienced administrators, but for those in the beginning stages of their career, that seek to learn powershell. Most windows administration can be done from the GUI (graphic user interface), but sometimes, powershell lends itself to more detailed and more power information. We’ll give a few scenarios, that we’re looking into when discussing why certain commands are used.
Let’s say you have a server, locking up or moving slowly and it is affecting your applications, that your employees or yourself use in order to work on a daily basis. The first thing you’ll want to do is find out which processes are hogging up the CPU, creating the issue. The command that you want to use for this is:
Get-Process
2. Let’s say you come in in the morning, or turn on your server and you get an error concerning an improper reboot overnight. Or perhaps you were getting periodic alerts to your phone throughout the night from whatever alert system that you use (we won’t name for free 😊). Then you will want to check the event log for that time period, and go through it investigating for off activity. Just simply typing the Get-EventLog command is not enough you will also need to specify which log that you want to see. In this example, we are going to view the application log. Check the screenshot below:
Get-EventLog
3. Let’s take the first scenario (1.) in which something is hogging up resources and assume that it could also be a service. Or maybe you have a service that affects and application used by your clients, customers, fellow employees, whomever, but after reboot it isn’t working. In this case you’ll need to check which services are running and which are stopped (hint: spool..you will run into this). The command to view this is get-service. Here you can view what is running and stop and decide if any services are missing, or need to be started or stopped.
Get-Service
Finally, your favorite and often used fix, otherwise known as the reboot. The reboot command for powershell is , this will reboot that server that you are logger into via the powershell command.
To see these commands in action check out the video below in which we used bandicam for the purposes of this tutorial. There are also additional commands in the video, such as get-help and get-command.