Wednesday, December 15, 2010

Powershell LSOF/Parsing Netstat Part II

Two 'lsof for Powershell' scripts covering v4 and v6 have been placed here:

hhttp://rmfdevelopment.com/PowerShell_Scripts/PS_LSOF.ps1
http://rmfdevelopment.com/PowerShell_Scripts/PS_LSOF_gwmi.ps1

This is a second update to this script which matches the port to the process in Powershell by parsing netstat for TCP and UDP and then appending 'ps' or 'gwmi' information associated with the process related to that port.  There's nothing in this function (but sorted port order) which carries through a relational tie from port to process information. There is a lot of information produced in this script, as I print all of netstat -ano and then query the corresponding network process with either 'ps' or 'gwmi'. (Click to enlarge):