文档建议反馈控制台
首页
学习
活动
专区
圈层
工具
MCP广场
文章/答案/技术大牛
发布
社区首页 >问答首页 >Powershell如何在其属性下列出列中的值?

Powershell如何在其属性下列出列中的值?
EN

Stack Overflow用户
提问于 2021-06-02 19:54:00
回答 2查看 129关注 0票数 0

我想改变一个对象的输出,这样所有的数据都可以显示出来。

代码语言:javascript
复制
$filepath = "C:\Users\vansteenkistea\Desktop\scriptExerciseProcessesWindows.csv"

$data = import-csv $filepath 

$processes = get-process| Select-Object Path

$known = New-Object System.Collections.Generic.List[System.Object]
$malicious = New-Object System.Collections.Generic.List[System.Object]

#Creating the arrays
$malArray = @()
$knownArray = @()
$unknownArray= @()

#fill up arrays with data

foreach ($line in $data)
{
   $known.add($line.known)
   $malicious.add($line.malicious)
}

foreach ($process in $processes)
{
    foreach ($mal in $malicious) 
    {
        if ([bool]($process -like '*' + $mal +'*' )) 
        {
            Write-Host "$($process.path) is mall"
            $malArray+= $process.Path
        }
    }

    foreach ($know in $known)
    {
        if ([bool]($process -like '*' + $know +'*' ))
        {
            Write-Host "$($process.path) is known"
            $knownArray += $process.Path
        }
        elseif ($process.Path.Length -ne 0) 
        {
            Write-Host "$($process.path) is unknown"
            $unknownArray+= $process.Path
        }
    }
}

$yourData = @(
  @{known=$knownArray;Unknwon=$unknownArray;Malicious=$malArray}| % { New-Object object | Add-Member -NotePropertyMembers $_ -PassThru }
)

$yourData

我的输出:

所需输出:

看起来像这样的东西

我尝试过多种方法,比如格式化表格,将数据放在对象中而不是数组中,等等。

shell
object
scripting
powershell
EN

回答 2

Stack Overflow用户

发布于 2021-06-02 20:56:51

也许是一个遍历列表的for循环?

代码语言:javascript
复制
$filepath = "C:\Users\vansteenkistea\Desktop\scriptExerciseProcessesWindows.csv"

$data = import-csv $filepath 

$processes = get-process| Select-Object Path

$known = New-Object System.Collections.Generic.List[System.Object]
$malicious = New-Object System.Collections.Generic.List[System.Object]

#Creating the arrays
$malArray = @()
$knownArray = @()
$unknownArray= @()

#fill up arrays with data

foreach ($line in $data)
{
   $known.add($line.known)
   $malicious.add($line.malicious)
}

foreach ($process in $processes)
{
    foreach ($mal in $malicious) 
    {
        if ([bool]($process -like '*' + $mal +'*' )) 
        {
            Write-Host "$($process.path) is mall"
            $malArray+= $process.Path
        }
    }

    foreach ($know in $known)
    {
        if ([bool]($process -like '*' + $know +'*' ))
        {
            Write-Host "$($process.path) is known"
            $knownArray += $process.Path
        }
        elseif ($process.Path.Length -ne 0) 
        {
            Write-Host "$($process.path) is unknown"
            $unknownArray+= $process.Path
        }
    }
}

    for ($i=0; $i -lt ($knownArray.Count + $unknownArray.Count + $malArray.Count); $i++){
        [PSCustomObject]@{
            Known     = $knownArray[$i]
            UnKnown   = $unknownArray[$i]
            Malicious = $malArray[$i] }
    }
票数 0
EN

Stack Overflow用户

发布于 2021-06-03 00:16:33

或者这样做:

代码语言:javascript
复制
$filepath  = "C:\Users\vansteenkistea\Desktop\scriptExerciseProcessesWindows.csv"
$data      = Import-Csv $filepath

# create two strings, with non-empty fields are combined with the regex 'OR' pipe symbol
$regexKnown     = ($data.known -ne '' | Select-Object -Unique | ForEach-Object { [regex]::Escape($_) }) -join '|'
$regexMalicious = ($data.malicious -ne ''| Select-Object -Unique | ForEach-Object { [regex]::Escape($_) }) -join '|'

$processes = (Get-Process).Path

$result = foreach($process in $processes) {
    $known = $malicious = $false
    if ([string]::IsNullOrWhiteSpace($process)) {
        $unknown = $true
    }
    elseif ($process -match $regexMalicious) {
        $malicious = $known = $true
        $unknown = $false
    }
    elseif ($process -match $regexKnown) {
        $known = $true
        $unknown = $false
    }

    # output an object
    [PsCustomObject]@{
        Process   = $process
        Malicious = $malicious
        Known     = $known
        Unknown   = $unknown
    }
}

# output on screen (if 'Format-Table -AutoSize' doesn'n fit, replace with 'Out-GridView'
$result | Format-Table -AutoSize

# save to Csv if you want
$result | Export-Csv -Path 'C:\Users\vansteenkistea\Desktop\WindowsProcesses.csv' -NoTypeInformation

输出如下:

代码语言:javascript
复制
Process                                                                                          Malicious Known Unknown
-------                                                                                          --------- ----- -------
C:\WINDOWS\system32\notepad.exe                                                                  False      True   False
C:\WINDOWS\explorer.exe                                                                          False      True   False
C:\Windows\System32\oobe\UserOOBEBroker.exe                                                      False     False    True
                                                                                                 False     False    True
C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19122.89.0_x64__8wekyb3d8bbwe\YourPhone.exe   True       True   False
票数 0
EN
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:

https://stackoverflow.com/questions/67804604

复制
相关文章

相似问题

领券

腾讯云开发者

扫码关注腾讯云开发者

扫码关注腾讯云开发者

领取腾讯云代金券

热门产品

热门推荐

更多推荐

Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有 

深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 粤公网安备44030502008569号

腾讯云计算(北京)有限责任公司 京ICP证150476号 |  京ICP备11018762号

问题归档专栏文章快讯文章归档关键词归档开发者手册归档开发者手册 Section 归档