Creating a Unix like tail with Get-content

Wow I haven’t written a blog in a long time ….

Hi everyone hope you’re doing well . A very short blog about the Get-Content cmdlet . Get-content has a very nice parameter called -wait . I have been using this for example to find users that lock out there AD accounts frequently and don’t know why they are getting locked out . The netlogon.log captures this info (If your DC is set up for debugging this info ) so it makes it easy to catch these lockouts . What -wait does is monitor the log file or text file so that anything added to it it will display . If you pipe that to a regex statement you can narrow down your search and pinpoint what you’re looking for … So for example if Bob.Roberts is locking out is account and doesn’t know why you can do this :


gc \\DcName\c$\Windows\debug\netlogon.log -wait | ? {$_ -match "Bob.Roberts"}

So now any entries that contain Bob.Roberts will be displayed and if not it will just sit there and wait and monitor the log . A great way to just put the powershell window to the side and do other things will waiting for results 🙂 .

Hope you like this tip 🙂

Chris

Advertisements