PowerShell for Windows Admins


February 22, 2011  4:16 PM

WMI and Performance Counters: I

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

We are always worried about the performance of our systems for one reason or another. We usually turn to sysmon/perfmon to find out how the system is doing.

We can actually use WMI to retrieve this data!

CPU performance is always an issue. We can see what is available

PS> Get-WmiObject -List Win32_Perf*Processor | select name

Name
—-
Win32_PerfFormattedData_PerfOS_Processor
Win32_PerfRawData_PerfOS_Processor

The two classes do exactly what they say – they return the raw data or formatted data. You may think that returning the raw data is the best bet but you will need to perform a set of calculations on the data to get the results you expect. We’ll stick with the formatted data for now.

PS> Get-WmiObject -Class Win32_PerfFormattedData_PerfOS_Processor | select Name

Name
—-
0
1
_Total

I have two cores on my windows 7 system so this works. if we just look at the _Total data

__GENUS               : 2
__CLASS               : Win32_PerfFormattedData_PerfOS_Processor
__SUPERCLASS          : Win32_PerfFormattedData
__DYNASTY             : CIM_StatisticalInformation
__RELPATH             : Win32_PerfFormattedData_PerfOS_Processor.Name="_Total"
__PROPERTY_COUNT      : 24
__DERIVATION          : {Win32_PerfFormattedData, Win32_Perf, CIM_StatisticalInformation}
__SERVER              : RSLAPTOP01
__NAMESPACE           : root\cimv2
__PATH                : \\RSLAPTOP01\root\cimv2:Win32_PerfFormattedData_PerfOS_Processor.Name="_Total"
C1TransitionsPersec   : 307
C2TransitionsPersec   : 0
C3TransitionsPersec   : 0
Caption               :
Description           :
DPCRate               : 0
DPCsQueuedPersec      : 116
Frequency_Object      :
Frequency_PerfTime    :
Frequency_Sys100NS    :
InterruptsPersec      : 190
Name                  : _Total
PercentC1Time         : 96
PercentC2Time         : 0
PercentC3Time         : 0
PercentDPCTime        : 0
PercentIdleTime       : 100
PercentInterruptTime  : 0
PercentPrivilegedTime : 0
PercentProcessorTime  : 0
PercentUserTime       : 0
Timestamp_Object      :
Timestamp_PerfTime    :
Timestamp_Sys100NS    :

This dumps all of the counters for a set.  If you’ve looked the Processor counters before these should be familiar. The drawback to the formatted counters is that we lose the timestamp information.  Either we use the raw data and calculate all of the results or we add the timestamp ourselves. My vote goes to option 2.

001
002
003
004
005
006
007
008
009
010
011
012
013
014
015
016
017
018
019
020
021
022
023
024
025
026
027
028
029
030
$source=@"
public class CPUcounter
{
    public string Timestamp {get; set;}
    public string Name {get; set;}
    public ulong PercProcTime {get; set;}
}
"@

Add-Type -TypeDefinition $source -Language CSharpversion3

$data = @()

1..3 | foreach {

$date = (Get-Date).ToString()

Get-WmiObject -Class Win32_PerfFormattedData_PerfOS_Processor | 
foreach
 {
   
$value = New-Object -TypeName CPUCounter -Property
 @{
       TimeStamp 
= $date
       Name = $_.
Name
       PercProcTime 
= $_.
PercentProcessorTime
    }
   
$data += $value
}

Start-Sleep -Seconds 1
}

$data | Format-Table -AutoSize

 

 

We create our own object to hold the counter values and add the timestamp.  This can be the basis of a performance baseline as we will see next time

February 20, 2011  1:32 PM

Windows 7 SP1

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Installed the RTM version of SP1 today – its one download to cover Windows 7 and Windows 2008 R2.  Install is straight forward. No real issues seen.  I’ll report any problems that come up


February 12, 2011  5:04 AM

IT lemmings

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

IT seems to be in a continuous cycle of hype. We keep getting “new” technologies or ways of supplying IT that will solve all of your organisations problems at a stroke. Some examples of this phenomenon include:

  • outsourcing – IT isn’t a core activity for you business so hand over the running of your IT systems to a specialist company who have the experts to deliver what you need and the economy of scale to do it cheaper
  • virtualisation – You don’t need lots of physical servers. Virtualise so that you are running a number of big servers really hard and they host a bunch of virtual servers that are doing the work
  • web services – everything will be available as a web service. Don’t write your own code just string together a set of pre-supplied services and nirvana is reached
  • cloud computing – move everything to Internet access. Let the supplier host the application and you just use it (How is this different from the failed Application Service Provider idea of the late 1990’s?)

Now before you start jumping up and down calling me a luddite let me point out that I am currently working in a environment that utilises three out of these four concepts. I am actively designing new services that employ two of them.

My concern is the misinformation and hype that surrounds “new” technologies. I keep calling it “new” because a number of these are recycled. I’ve already mentioned ASP/Cloud computing. I was working with “virtualisation” technologies on mainframes back in the 1980’s. What goes around comes around.

Each wave of “new” technologies brings a bubble of hype that is totally out of proportion to the benefits to be gained. The IT analyst companies start the ball rolling and the IT press (who usually don’t understand what they are talking about) jump on the bandwagon. Suddenly, the only way your organisation can survive is to throw away everything that has gone before and embrace this new way of doing things.

Reality Check

How many organisations have completely virtualised their environment. I have applications that can’t be virtualised because the vendor won’t support it in a virtual environment?

How many external web services does you company really use?

Can you run your organisation in the cloud? Many can’t because of regulatory or commercial restrictions that prevent it. This is often due to access to the data.

 

All of the ideas that are bandied about need consideration. Just because its new doesn’t mean that it suits your organisation.

This is where the good architect earns their money. Separate out what will benefit your organisation and utilise it. Ignore the rest. ignore the analysts and IT press telling you what you should be doing when they don’t have a clue what your organisation really needs.

There are organisations that will benefit from cloud computing. There are others that it will harm. Virtualisation is delivering benefits to the organisation I work with – but don’t forget the overheads that come with it.

One of my favourite phrases when discussing technology is “so what”.  Meaning what does it actually do for us? Does the benefit of implementing out weigh the cost?

This continual jumping towards the next shiny toy is why many businesses hold their IT departments in such low regard? The planning should always be from business process to applications to infrastructure to support them. Leading with technology doesn’t work and will continue to cost businesses money they possibly can’t afford.


February 4, 2011  11:46 AM

Don’t forget

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

The UK PowerShell group has a Live Meeting on Tuesday 8 February at 7.30pm GMT.

Details from:

http://msmvps.com/blogs/richardsiddaway/archive/2011/01/18/uk-user-group-february-live-meeting.aspx


January 28, 2011  1:17 PM

Science or Art

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Infrastructure Architecture = Science or Art. Discuss.

We claim the titles of architect and/or engineer but is what we do as infrastructure architects really based on solid scientific/engineering principles.

I would claim not. Much of what we do is recycling the designs of the past – possibly adapting them as new versions of particular technologies appear. But how many times have you seen an implementation of version 3 of product that is implemented in exactly the same way as version 1 would have been. The reason is usually the very lame “but we’ve always done it that way”. The real reason in many cases is that the people involved haven’t bothered to keep up to date with changes in the technologies they are relying on. This means their organisations aren’t getting the full benefit of those applications.

There are a number of fundamental architectural decisions that in many cases are driven by the existing environment. How many truly green field sites are there these days?

There are a larger number of design decisions which are often based on the products we select.

In this way we are more like the master masons that built the great cathedrals of the Middle Ages. We know what works and we stick with it.

So. Science or Art?


January 25, 2011  2:08 PM

System Restore Points pt 2

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

 

We have seen how to discover the available restore points.  What about creating one.

001
002
003
004
005
006
007
008
009
010
011
012
013
function new-systemrestorepoint {
[CmdletBinding()]
param ( 
[string]$computername=“.”,
[string]$description=“Testing123″
) $test = Test-Connection -ComputerName $computername -Count 1
if (-not ($test)){Throw “Computer $computername not reachable”

}

 $sr = [wmiclass]“\\$computername\root\default:SystemRestore”
 $sr.CreateRestorePoint($description, 0, 100)
}

 

 

 

 

We need to use [wmiclass] to create a new instance of the SystemRestore class. We can then use the CreateRestorePoint method with the description we’ve input as a parameter. The other paarmeters define it as an application install and begin system change respectively. This are generic enough to be left as is.  They can be made parameters if required


January 23, 2011  1:10 PM

System Restore Points

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

 

PowerShell 2.0 supplies 4 cmdlets for working with system restore points. 

Disable-ComputerRestore
Enable-ComputerRestore
Get-ComputerRestorePoint
Restore-Computer

This is great but they only work with the local machine. You can test this easily by either looking at the help for each one or use

get-help * -Parameter computer*

to view all of the cmdlets with a computer related parameter.

YOU HAVE TO BE RUNNING POWERSHELL WITH ELEVATED PRIVILEGES FOR THIS TO WORK

Let’s start with Get-ComputerRestorePoint. We can perform this task using

Get-WmiObject -Namespace ‘root\default’ -Class SystemRestore

This starts the display with the oldest restore point. I want it the other way up. 

Get-WmiObject -Namespace ‘root\default’ -Class SystemRestore |
sort SequenceNumber -Descending

I also only want the CreationTime, Sequence number and description

Get-WmiObject -Namespace ‘root\default’ -Class SystemRestore |
sort SequenceNumber -Descending |
Format-Table SequenceNumber, CreationTime, Description –AutoSize

At this point we loose the formatting on the date and it reverts to WMI format.  Well, we know how to deal with that.

Get-WmiObject -Namespace ‘root\default’ -Class SystemRestore |
sort SequenceNumber -Descending |
Format-Table SequenceNumber,
@{Name="Date"; Expression={$($_.ConvertToDateTime($_.CreationTime))}},
Description –AutoSize

Now I want to wrap this into a function

001
002
003
004
005
006
007
008
009
010
011
012
013
014
015
016
function get-systemrestorepoint {
[CmdletBinding()]
param ( 
[string]$computername="."
) 

$test = Test-Connection -ComputerName $computername -Count 1
if (-not ($test)){Throw "Computer $computername not reachable"
}

 Get-WmiObject -Namespace ‘root\default’ -Class SystemRestore `
 
-ComputerName $computername |
 
 
sort SequenceNumber -Descending |
 Format-Table SequenceNumber,
 
 @{Name
="Date"; Expression={$($_.ConvertToDateTime($_.CreationTime))}},
 Description -AutoSize
}

 

 

 

 

I can use this to access the system restore points on remote machines.  This becomes the first function in a new PAM module.  I’ll develop the rest over a series of posts.


January 22, 2011  2:12 PM

Environmental variables

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

 

Get-WmiObject -Class Win32_Environment | sort Name | select Name, VariableValue

shows the environmental variables that can be seen on the control panel system dialog.

Useful for checking remote machines if the computername parameter is added to Get-WmiObject


January 21, 2011  12:26 PM

First time sighting

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

I received an unsolicited job spec today – first time I’ve seen one with PowerShell listed as the essential skill

Now is definitely the time to start learning PowerShell if you haven’t already


January 19, 2011  2:07 PM

get-scripting PowerShell Podcast

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

I recently recorded an episode of the get-scripting podcast which is produced by fellow PowerShell MVP Jonathan Medd.  The podcast is available from

http://get-scripting.blogspot.com/2011/01/get-scripting-podcast-episode-21.html

 

During the session we discuss:

 

I enjoyed recording the podcast and hope you will support Jonathan’s efforts by continuing to listen to future episodes


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: