#
Sysinternals Powershell Module
#
Sysinternals Suite 🧰
Yeah when I think of Sysinternals I do kind of think about Bloodshot the comic character (not Vin Diesel) as this guy is unstoppable with multiple abilities who is not a one-trick pony. So that pretty much sums up Sysinternals, if you don't know about it you should know about it
Seriously this guy is about as close to a superhero you get. He not only out-smarted Microsoft with troubleshooting their own product, he also created an amazing toolkit ❤️ 🧰 yes that's right FREE as my mate Mark (we are on first name basis) now works for the mighty Microsoft the Sysinternals Suite is also an official Microsoft download.
#
Not convinced? 🤔
Honestly any Microsoft Windows bug, feature or problem can be solved with the Sysinternals Suite. Why do I keep using the word suite? Well because this really is a bunch of tools in a toolbox. It would take me too long to write about each tool and why you should know how to use it. Essentially it is either a GUI executable or a command-line executables that are included. Please check the link below if you want more information on this brilliant toolkit:-
#
What about Powershell? 🤨
So sadly I didn't make it to the Powershell European Conference mainly because I don't have an in-date passport. But if I did make it there...I would of for sure been to the talks Adam Driscoll presented. This guy is another legend in not only Powershell but many other things. This guy is the genius behind Powershell Universal, Powershell Pro Tools and a good number of other projects and modules. If you have not visited this site you really need to:-
Back to the Powershell European Conference I missed. Personally I really look up to Adam (yes we're on first names too) he is such a sound bloke who really cares about his customers and the product he invents by making them better, and listening to the community using them, and what they would like added to them and well somehow he basically makes that happen. Anyways so as I follow Adam on twitter I saw that he posted a link to the recent Sysinternals module he had released using Crescendo. So as soon as I read Sysinternals 👀 I wanted to know more. He kindly posted this link:-
I was like 😶 lost for words as it now adds the output as objects not strings. So I made a 🍴 fork of the project and added to it, following the instructions and template provided.
#
I contributed 💥
I have so much respect for Adam as he is such an inspirational person to me. So as it happens I had recently applied a temporary fix for a bug in a program to automatically fox this issue. Whilst applying this fix I was querying the event log of a remote machine, and well I was using Powershell ISE to do this. I found trying to cancel the query by pressing CTRL+C just made the notification change to stopping and well not much else. Now yeah I could have killed the process or end task, but I had other important script jobs running on this same ISE session and didn't want to loose that information. So I used good old handle.exe to save the day. So when I saw this was part of the Powershell Module Sysinternals that Adam Driscoll had put together I was like damn I can now use this. However it didn't include the close capability so I added that. I then added a couple of other tools from the Sysinternals Suite to the module. I then see today that Adam approved the changes and pushed the new release to the Powershell Gallery
#
Wait there's more 😯
I bought the first edition of the Sysinternals book that Mark wrote. I cannot recommend this book enough. You will have your kids asleep in no-time reading this as bedtime stories. You will also 😕 all non-technical 👽 people you know. They will think you work for 👨🚀 NASA or something. There is now a second edition book out for Sysinternals which you can buy at many different places, but here is a link on Amazon offering this book
#
Find time to learn 📚
I cannot recommend learning as many of these tools as you can, although the Powershell Module does not include the complete suite of tools, you can make that possible by also contributing. Only today I used Process Explorer to remove a 56GB log file that was pretty much using the majority of space on the main operating system drive. Why did I use process explorer? Well because a colleague was stuck trying to delete it, by getting the dreaded Cannot delete this file as the file is in use message. Within minutes I had closed the handle using that and deleted the file meaning the disk was no longer close to being completely full and the alert went away on the system. It certainly is worth learning as many as your 🧠 brain can handle and reading the book to get a really good understanding of how you can see what is going on under the hood on your Windows systems you manage. Thanks for reading 👍