Select-Object (Alias: Select)

PowerShell provides powerful cmdlets like Select-Object, Sort-Object, and Group-Object to manipulate and organize data in pipelines. These cmdlets allow you to filter, sort, and group objects based on specific properties, making it easier to work with large datasets.

1. Select-Object (Alias: Select)

The Select-Object cmdlet is used to select specific properties or a subset of objects from a pipeline. It creates new objects with only the selected properties or objects.

Selecting Properties

To select specific properties of an object:

Get-Process "powershell*" | Select-Object -Property Name, CPU

Expanding Properties

If a property is an array (e.g., Modules in a process object), you can expand it to extract individual items:

Get-Process "powershell*" | Select-Object -ExpandProperty Modules

Selecting First, Last, or Unique Items

First: Select the first n objects.
Last: Select the last n objects.
Unique: Select only unique items based on a property.

Examples:

# Select the first 5 services
Get-Service | Select-Object -First 5

# Select the last 10 events from the System event log
Get-EventLog -LogName System | Select-Object -Last 10

# Select unique Event IDs from the Application event log
Get-EventLog Application | Select-Object EventID -Unique

2. Select-String: PowerShell's Version of GREP

The Select-String cmdlet is used to search text using regular expressions, similar to grep in Unix or findstr in Windows.

Searching Files

To search for a pattern in files:

Select-String 'K5.*[efg]lex' $env:WINDIR\Inf\*.inf | Format-List Path, Line

Searching Command Output

To search the output of a command:

ipconfig.exe | Select-String 'IP.*Address' -CaseSensitive

Output of Select-String

Select-String outputs objects with properties like:

Path: The file or input stream where the match was found.
LineNumber: The line number of the match.
Line: The matching line of text.

Example:

Select-String 'pattern' *.log | Select-Object Path

Quiet Mode

To return $true if a match is found, or nothing otherwise:

netstat.exe -ano -p tcp | Select-String ':139' -Quiet

3. Sort-Object (Alias: Sort)

The Sort-Object cmdlet sorts objects based on one or more properties.

Sorting by Property

To sort objects by a specific property:

# Sort files by size (ascending)
Get-ChildItem C:\ | Sort-Object Length

# Sort files by size (descending)
Get-ChildItem C:\ | Sort-Object Length -Descending

Sorting by Multiple Properties

To sort by multiple properties:

Get-ChildItem C:\Windows\System32\*.exe, C:\Windows\System32\*.dll |
    Sort-Object Length, Extension, Name -Descending |
    Select-Object -First 20 -Property Length, FullName

Named Calculated Properties

You can create custom properties for sorting or selecting:

Get-ChildItem HKLM:\System\CurrentControlSet\Control |
    Sort-Object @{Expression={$_.SubkeyCount + $_.ValueCount}} |
    Select-Object Name, @{Expression={$_.SubkeyCount + $_.ValueCount}; Name="Item Count"} -Last 10

4. Group-Object

The Group-Object cmdlet groups objects based on one or more properties.

Grouping by Property

To group objects by a property:

# Group files by extension
Get-ChildItem C:\Windows\System32 -Recurse |
    Group-Object -Property Extension |
    Where-Object { $_.Count -gt 10 } |
    Sort-Object Count -Descending

Counting Items in Groups

To count items in each group:

Get-Process | Group-Object -Property Name | Sort-Object Count -Descending

PreviousExporting, Importing, an d Converting Pages Reusable content Files Object Data NextArrays Are like In-Memory Database Tables

Last updated 9 months ago