Powershell字符串到csv答案

【问题标题】：Powershell String to csvPowershell字符串到csv
【发布时间】：2021-03-28 11:53:14
【问题描述】：

我正在编写一个脚本来收集 netstat 信息并存储在 sql server 表中。为此，我使用以下命令来收集 netstats。

$data = Invoke-Command -Computername LocalPC -ScriptBlock {netstat -ano}
$data| ConvertTo-Csv -NoTypeInformation -Delimiter "," | Select-Object -Skip 1 | % {$_ -replace '"', ""}

但是，我得到的结果如下。

LocalPC,def60bb5-4a27-4d6c-ac13-a08ef0f9b7da,True,76 LocalPC,def60bb5-4a27-4d6c-ac13-a08ef0f9b7da,True,76 LocalPC,def60bb5-4a27-4d6c-ac13-a08ef0f9b7da,True,76 LocalPC,def60bb5-4a27-4d6c-ac13-a08ef0f9b7da,True,76 LocalPC,def60bb5-4a27-4d6c-ac13-a08ef0f9b7da,True,76

我想得到如下结果。

LocalPC,TCP,0.0.0.0:22,0.0.0.0:0,LISTENING,3080 本地PC,TCP,0.0.0.0:135,0.0.0.0:0,LISTENING,976 LocalPC,TCP,0.0.0.0:445,0.0.0.0:0,LISTENING,4

【问题讨论】：

这能回答你的问题吗？ Get specific value from `netstat` command in windows
"Get-NetTCPConnection -State Listen" 是不是相当于"netstat -ano"？
Get-NetTCPConnection 有很多类似的参数，但最大的不同在于它是一个本地 PowerShell cmdlet，它输出对象而不是文本流。
但是如果你真的想使用外部的 NetStat 命令，看看Is there a way to convert tables of text into a PowerShell Object。例如NetStat -ano | Select -Skip 2 |ConvertFrom-SourceTable

标签： powershell csv powershell-4.0 netstat

【解决方案1】：

这是一个小脚本，可以将netstat -ano的输出变成对象

switch -Regex (netstat -ano){
    'TCP' {
        , -split $_ | ForEach-Object {
            $localaddr,$localport = -split ($_[1] -replace '(^.+):(.+$)','$1 $2')
            $remoteaddr,$remoteport = -split ($_[2] -replace '(^.+):(.+$)','$1 $2')
            [PSCustomObject]@{
                Protocol      = $_[0]
                LocalAddress  = $localaddr
                LocalPort     = $localport
                RemoteAddress = $remoteaddr
                RemotePort    = $remoteport
                ProcessID     = $_[4]
                State         = $_[3]
            }
        }
    }
    'UDP' {
        , -split $_ | ForEach-Object {
            $localaddr,$localport = -split ($_[1] -replace '(^.+):(.+$)','$1 $2')
            $remoteaddr,$remoteport = -split ($_[2] -replace '(^.+):(.+$)','$1 $2')
            [PSCustomObject]@{
                Protocol      = $_[0]
                LocalAddress  = $localaddr
                LocalPort     = $localport
                RemoteAddress = $remoteaddr
                RemotePort    = $remoteport
                ProcessID     = $_[3]
                State         = 'Stateless'
            }
        }
    }
}

您可以将其输出分配给一个变量，然后将该变量转换/导出为 Csv，或者在远程机器上运行的情况下，如您在此处使用Invoke-Command 显示的那样，您可以使用以下内容

$data = Invoke-Command -ComputerName Win10-Admin -Scriptblock {
    switch -Regex (netstat -ano){
        'TCP' {
            , -split $_ | ForEach-Object {
                $localaddr,$localport = -split ($_[1] -replace '(^.+):(.+$)','$1 $2')
                $remoteaddr,$remoteport = -split ($_[2] -replace '(^.+):(.+$)','$1 $2')
                [PSCustomObject]@{
                    Protocol      = $_[0]
                    LocalAddress  = $localaddr
                    LocalPort     = $localport
                    RemoteAddress = $remoteaddr
                    RemotePort    = $remoteport
                    ProcessID     = $_[4]
                    State         = $_[3]
                }
            }
        }
        'UDP' {
            , -split $_ | ForEach-Object {
                $localaddr,$localport = -split ($_[1] -replace '(^.+):(.+$)','$1 $2')
                $remoteaddr,$remoteport = -split ($_[2] -replace '(^.+):(.+$)','$1 $2')
                [PSCustomObject]@{
                    Protocol      = $_[0]
                    LocalAddress  = $localaddr
                    LocalPort     = $localport
                    RemoteAddress = $remoteaddr
                    RemotePort    = $remoteport
                    ProcessID     = $_[3]
                    State         = 'Stateless'
                }
            }
        }
    }
} -HideComputerName | Select-Object -Property * -ExcludeProperty RunSpaceId

$data | ConvertTo-Csv -NoTypeInformation

【讨论】：