Selecting, sorting, and measuring objects

Lesson 2: Selecting, sorting, and measuring objects

In this lesson, you will learn to manipulate objects in the pipeline by using commands that sort, select, and measure objects. Selecting, sorting, and measuring objects is essential to successfully creating automation in Windows PowerShell.

Lesson objectives

After completing this lesson, you will be able to:

•	Explain how to sort objects by a specified property.
•	Sort objects by using the Sort-Object command.
•	Explain how to measure objects’ numeric properties.
•	Measure objects by using the Measure-Object command.
•	Explain how to display a subset of objects in a collection.
•	Explain how to display a customized list of objects’ properties.
•	Select objects by using the Select-Object command.
•	Explain how to create calculated properties.
•	Create custom calculated properties for display.

Sorting objects by a property

Some Windows PowerShell commands produce their output in a specific order. For example, the Get-Process and Get-Service commands produce output that is sorted alphabetically by name. Get-EventLog produces output that is sorted by time. In other cases, the output may not appear to be sorted at all. Sometimes, you may want command output sorted differently from the default. The Sort-Object command, which has the alias sort, can do that for you.

Sort-Object

The Sort-Object command accepts one or more property names to sort by. By default, the command sorts in ascending order. If you want to reverse the sort order, add the -Descending parameter. If you specify more than one property, the command first sorts by the first property, then by the second property, and so on. It is not possible in a single command to sort by one property in ascending order and another in descending order.

The following commands are all examples of sorting:

Get-Service | Sort-Object –Property Name –Descending

Get-Service | Sort Name –Desc

Get-Service | Sort Status,Name

By default, string properties are sorted without regard to case. That is, lowercase and uppercase letters are treated the same. The parameters of Sort-Object allow you to specify a case-sensitive sort, a specific culture’s sorting rules, and other options. As with other commands, you can view the help for Sort-Object for details and examples.

Grouping objects by property

Sorting objects also allows you to display objects in groups. The Format-List, Format-Table, and Format-Wide formatting cmdlets all have a -GroupBy parameter that accepts a property name. By using the -GroupBy parameter, you can group the output by the specified property. For example, the following command displays the names of services running on the local computer in two two-column lists that are grouped by the Status property:

Get-Service | Sort-Object Status,Name | fw -GroupBy Status

The -GroupBy parameter works similarly to the Group-Object command. The Group-Object command accepts piped input and gives you more control over the grouping of the objects. Group-Object has the alias group.

Working with Windows PowerShell pipeline | How to Format Pipeline Output

Formatting pipeline output

Windows PowerShell provides several ways to control the formatting of pipeline output. The default formatting of the output depends on the objects that exist in the output and the configuration files that define the output. After Windows PowerShell decides on the appropriate format, it passes the output to a set of formatting cmdlets without your input.

The formatting cmdlets are:

•	Format-List
•	Format-Table
•	Format-Wide
•	Format-Custom

You can override the default output formatting by specifying any of the preceding cmdlets as part of the pipeline.

Note: The Format-Custom cmdlet requires creating custom XML configuration files that define the format. It is used infrequently and is beyond the scope of this course.

Each formatting cmdlet accepts the -Property parameter. The -Property parameter accepts a comma-separated list of property names, and it then filters the list of properties that display and the order in which they appear. Keep in mind that when you specify property names for this parameter, those properties must have been returned by the original command—that is, the command that passed its output to the formatting cmdlet.

For example, the Get-ADUser cmdlet returns only a subset of properties, unless you specify its -Properties parameter. Therefore, if you specify the City property in the -Property parameter for a formatting cmdlet, it will appear as if the property is not set, unless you make sure that the City property is one of the properties returned for the users queried.

Some cmdlets default to passing a different set of properties for each formatting cmdlet. For example, the Get-Service cmdlet displays three properties (Status, Name, and DisplayName) in a table format by default. If you display the output of Get-Service as a list by using the Get-Service | Format-List command, six additional properties will display.

Format-List

The Format-List cmdlet, as the name suggests, formats the output of a command as a simple list of properties, where each property appears on a new line. If the command passing output to Format-List returns multiple objects, a separate list of properties for each object displays. List formatting is particularly useful when a command returns a large number of properties that would be hard to read in table format.

Note: The alias for the Format-List cmdlet is fl.

To display a simple list in the console of the default properties for the processes running on the local computer, type the following command, and then press Enter:

Get-Process | Format-List 

Format-Table

The Format-Table cmdlet formats output as a table, where each row represents an object, and each column represents a property. The table format is useful for displaying properties of many objects at the same time and comparing the properties of those objects.

By default, the table includes the property names as the column headers, which are separated from the data by a row of dashes. The formatting of the table depends on the returned objects. You can modify this formatting by using a variety of parameters, such as:

•	- AutoSize. Adjusts the size and number of columns based on the width of the data. In Windows PowerShell 5.0 and newer, -AutoSize is set to true by default. In older versions of Windows PowerShell, the default values might truncate data in the table.
•	- HideTableHeaders. Removes the table headers from the output.
•	- Wrap. Causes text that is wider than the column width to wrap to the next line.

Note: The alias for the Format-Table cmdlet is ft.

To display the Name, ObjectClass, and Description properties for all Windows Server Active Directory objects as a table, with the columns set to automatically size and wrap the text, type the following command in the console, and then press Enter:

Get-ADObject -filter * -Properties * | ft -Property Name, ObjectClass, Description -AutoSize -Wrap

Format-Wide

The output of the Format-Wide cmdlet is a single property in a single list displayed in multiple columns. This cmdlet functions like the /w parameter of the dir command in cmd.exe. The wide format is useful for displaying large lists of simple data, such as the names of files or processes, in a compact format.

By default, Format-Wide displays its output in two columns. You can modify the number of columns by using the -Column parameter. The -AutoSize parameter, which works the same way it does for Format-Table, is also available. You cannot use -AutoSize and -Column together, however. The -Property parameter is also available, but in the case of Format-Wide, it can accept only one property name.

Note: The alias for the Format-Wide cmdlet is fw.

To send the DisplayName property of all the Group Policy Objects (GPOs) in the current domain as output in three columns, type the following command in the console, and then press Enter:

Get-GPO -all | fw -Property DisplayName -Column 3.

How to Re-name Network Interface in Linux and Configuring Network Bonding or NIC Teaming

Re-naming Network Interface and Configuring Network Bonding or NIC Teaming in CentOS 7|RedHat 7 Linux

1. Previous versions of linux will have interface name like eth0 and eth1 and CentOS 7 later versions will have enp2s0f0  like that. but if you would like to rename  then follow the below steps.

1. Edit file /etc/default/grub and add following

# GRUB_CMDLINE_LINUX="crashkernel=auto rd.lvm.lv=centos/root rd.lvm.lv=centos/swap net.ifnames=0 biosdevnames=0 rhgb quiet"

2. Regenerate a GRUB configuration file

# grub2-mkconfig -o /boot/grub2/grub.cfg

3. Edit NAME and DEVICE parameter in ifcfg file /etc/sysconfig/network-scripts

# mv ifcfg-enp2s0f0 ifcfg-eth0 
# mv ifcfg-enp2s0f1 ifcfg-eth1
# mv ifcfg-ens1f0 ifcfg-eth2
# mv ifcfg-ens1f1 ifcfg-eth3
# mv ifcfg-ens2f0 ifcfg-eth4
# mv ifcfg-ens2f1 ifcfg-eth5

4. Edit NAME and DEVICE parameter in ficfg file

# vi ifcfg-eth0 and rename NAME and DEVICE to eth0. similarly for all ifcfg-eth*

# systemctl disable NetworkManager

5. Then reboot the server to apply the changes.

# Shutdown -r now 

Configuring Network Bonding or Teaming:

1. Edit and update each of the all physical NIC per below configuration.

# [] ifcfg-eth0 - kickstart interface

	TYPE=Ethernet
	PROXY_METHOD=none
	BROWSER_ONLY=no
	BOOTPROTO=dhcp
	DEFROUTE=yes
	IPV4_FAILURE_FATAL=no
	IPV6INIT=yes
	IPV6_AUTOCONF=yes
	IPV6_DEFROUTE=yes
	IPV6_FAILURE_FATAL=no
	IPV6_ADDR_GEN_MODE=stable-privacy
	NAME=eth0
	UUID=1c126857-adca-436d-8ffe-5cf1a6497937
	DEVICE=eth0
	ONBOOT=no
	
        
  
	     [] ifcfg-bond0 - Bonging interface [Master]
	
	DEVICE=bond0
	BONDING_OPTS="mode=4 miimon=100 updelay=6000 lacp_rate1"
	BONDING_MASTER=yes
	BOOTPROTO=none
	NM_CONTROLLED=no
	IPV6INIT=no
	NAME=bond0
	ONBOOT=0
	   
	    [] ifcfg-bond0.351
	
	DEVICE=bond0.351
	BOOTPROTO=none
	IPADDR=192.168.46.131
	NETMASK=255.255.255.0
	DOMAIN="acg.com corp.acg.com"
	GATEWAY=192.168.46.1
	DNS1=192.168.24.30
	DNS2=192.168.25.30
	ONBOOT=yes
	NM_CONTROLLED=no
	IPV6INIT=no
	NAME=bond0.351
	VLAN=yes
	
	     [] ifcfg-eth1 - Slave interface
	
	TYPE=Ethernet
	IPV6INIT=NO
	NAME=eth1
	UUID=1a008bd9-f21d-42f9-905e-c5dc09f87745
	DEVICE=eth1
	ONBOOT=yes
	MASTER=bond0
	SLAVE=yes
	NM_CONTROLLED=no
	
	    [] ifcfg-eth2 - Slave interface
	
	TYPE=Ethernet
	IPV6INIT=no
	NAME=eth2
	UUID=9233e629-70a0-49cb-9f1d-b7deb39b1571
	DEVICE=eth2
	ONBOOT=yes
	MASTER=bond0
	SLAVE=yes
	NM_CONTROLLED=no
	
	    [] ifcfg-eth3 - iSCSI interface [Physical]
	
	TYPE=Ethernet
	BOOTPROTO=none
	IPV6INIT=no
	NAME=eth3
	UUID=8c233834-8d55-4071-9890-839989c15f85
	DEVICE=eth3
	ONBOOT=yes
	NM_CONTROLLED=no
	
	    [] ifcfg-eth3.705 - iSCSI interface
	
	DEVICE=eth3.705
	BOOTPROTO=none
	ONBOOT=yes
	IPADDR=172.16.5.131
	PREFIX=24
	NETWORK=172.16.5.0
	VLAN=yes
	
	
	    [] ifcfg-eth4 - iSCSI interface [Physical]
	
	TYPE=Ethernet
	BOOTPROTO=none
	IPV6INIT=no
	NAME=eth4
	UUID=9f5656af-ef5d-4073-a85f-856a3bcd1c17
	DEVICE=eth4
	ONBOOT=yes
	NM_CONTROLLED=no
	
	    [] ifcfg-eth4.706 - iSCSI interface
	
	DEVICE=eth4.706
	BOOTPROTO=none
	ONBOOT=yes
	IPADDR=172.16.6.131
	PREFIX=24
	NETWORK=172.16.6.0
	VLAN=yes
	
	    [] ifcfg-eth5
	
	TYPE=Ethernet
	PROXY_METHOD=none
	BROWSER_ONLY=no
	BOOTPROTO=dhcp
	DEFROUTE=yes
	IPV4_FAILURE_FATAL=no
	IPV6INIT=yes
	IPV6_AUTOCONF=yes
	IPV6_DEFROUTE=yes
	IPV6_FAILURE_FATAL=no
	IPV6_ADDR_GEN_MODE=stable-privacy
	NAME=eth5
	UUID=7aafaebe-dad8-4bfd-a778-f1a8e8f143b0
	DEVICE=eth5
	ONBOOT=no

2. Restart the server or network service

# systemctl restart network

How to Increase or Extend iSCSI Volume

Increasing or Extending iSCSI Volume on CentOS 7/RedHat 7 server. 

1. Increase the preferred storage value on the storage array. For example: on the Dell EMC, navigate to Storage -> Block -> LUNs and then increase the requires LUN size.

2. Check which multipath its using and their corresponding device like sdb, sdc etc.. on the linux server

3. Using below command you can find the multipath that has been using.

# multipath -l

dev-vm1_vws1 (3600601600ed04500bfc4f95ab84860ae) dm-3 DGC     ,VRAID           
	size=1.0T features='2 queue_if_no_path retain_attached_hw_handler' hwhandler='1 alua' wp=rw
	`-+- policy='round-robin 0' prio=0 status=active
	  |- 1:0:0:0 sdb 8:16  active undef running
	  |- 2:0:0:0 sdc 8:32  active undef running
	  |- 3:0:0:0 sdd 8:48  active undef running
	  |- 4:0:0:0 sde 8:64  active undef running
	  |- 5:0:0:0 sdf 8:80  active undef running
	  |- 6:0:0:0 sdg 8:96  active undef running
	  |- 7:0:0:0 sdh 8:112 active undef running
  `- 8:0:0:0 sdi 8:128 active undef running

2. Rescan the device for the respective device. In the above example, it lists sdb, sdc, sdd, sde, sdf, sdg, sdh and sdi

# echo 1 > /sys/block/sdb/device/rescan 
# echo 1 > /sys/block/sdc/device/rescan 
# echo 1 > /sys/block/sdd/device/rescan 
# echo 1 > /sys/block/sde/device/rescan 
# echo 1 > /sys/block/sdf/device/rescan 
# echo 1 > /sys/block/sdg/device/rescan 
# echo 1 > /sys/block/sdh/device/rescan 
# echo 1 > /sys/block/sdi/device/rescan

3. Resize the multipath

# multipathd resize map dm-3

4. Resize the file system using xfs_growfs or resize2fs

# xfs_growfs /dev/mapper/dev-vm1_vws1 (use resize2fs for ext4 file system)

5. Then use df -h with the mount point for the extended file system to make sure it got updated.

How to Configure NIS client on Ubuntu_20 and Ubuntu_18

Configuring NIS Client on Ubuntu_20 and Ubuntu_18 version

1. Use the following nisclient_ubuntu20.sh script to configure the nisclient on ubuntu 20 system.

# nisclient_ubuntu20.sh

#!/bin/bash

## Install NIS and RPCbind packages
## During this step you need to enter the domain for NIS

apt-get install -y rpcbind nis

## domain can be updated under incase if you have entered wrong one during the setup /etc/defaultdomain 

## Add the following line to /etc/yp.conf

NISSERVER1="<NIS Server FQDN Name"
NISSERVER2="NIS Server2 FQDN Name"
DOMAIN="<NIS domain that has configured in your network>"
echo "domain $DOMAIN server $NISSERVER1" >> /etc/yp.conf
echo "domain $DOMAIN server $NISSERVER2" >> /etc/yp.conf

## Edit /etc/nsswitch.conf
## For Ubuntu 20.04

sed -i 's/systemd$/systemd nis/g;s/files$/files nis/g;s/dns$/dns nis/g' /etc/nsswitch.conf

##update NIS Domain

echo "<NIS Domain>" > /etc/defaultdomain

## Restart NIS service

systemctl restart rpcbind
systemctl restart nis

2. Use the following nisclient.sh script to configure the nisclient on ubuntu 18 system.

# nisclient_ubuntu18.sh

#!/bin/bash

## Install NIS and RPCbind packages
## During this step you need to enter the NIS domain 

apt-get install -y rpcbind nis

## domain can be updated under /etc/defaultdomain

## Add the following line to /etc/yp.conf

NISSERVER1="<NIS Server FQDN Name"
NISSERVER2="<NIS Server2 FQDN Name"
DOMAIN="NIS Domain"
echo "domain $DOMAIN server $NISSERVER1" >> /etc/yp.conf
echo "domain $DOMAIN server $NISSERVER2" >> /etc/yp.conf

## Edit /etc/nsswitch.conf
## For Ubuntu 20.04

sed -i 's/systemd$/systemd nis/g;s/compat$/compat nis/g;s/dns$/dns nis/g' /etc/nsswitch.conf

##update NIS Domain

echo "NIS Domain" > /etc/defaultdomain

## Restart NIS service

systemctl restart rpcbind
systemctl restart nis

How to check or restart nagios service

Checking Nagios service status and/or restarting the nagios service. 

1. Checking the status of nagios service using the following command:

# omd status
Doing 'status' on site nagios:
mkeventd:       running
rrdcached:      running
npcd:           running
nagios:         running
apache:         running
stunnel:        running
xinetd:         running
crontab:        running
-----------------------
Overall state:  running

2. Restarting nagios service.

# omd restart
Doing 'restart' on site nagios:
OK
Removing Crontab...OK
Stopping xinetd...OK
Stopping stunnel...waiting for termination...OK
Stopping apache...killing 54173.................OK
Stopping nagios...not running...OK
Stopping npcd...OK
Stopping rrdcached.../omd/sites/nagios/etc/rc.d/20-rrdcached: line 77: kill: (54117) - No such process
Failed
Stopping mkeventd...killing 54107....OK
Starting mkeventd...OK
Starting rrdcached...removing stale pid file...
OK
Starting npcd...OK
Starting nagios...OK
Starting apache...OK
Starting stunnel...OK
Starting xinetd...OK
Initializing Crontab...OK

saltstack command for installing packages

Saltstack command for installing a package on the remote server or salt-minion the client

1. The following command is to install, activate and start the qualys-cloud-agent on RedHat and CentOS

# vi qualys-cloud-agent-redhat.sls 

---

{% if grains['os_family'] == "RedHat" -%}

install qualys-cloud-agent:
  pkg.installed:
    - sources:
      - qualys-cloud-agent: salt://_files//qualys-cloud-agent.x86_64.rpm

activate qualys-cloud-agent:
  module.run:
    - name: cmd.run
    - cmd: "/usr/local/qualys/cloud-agent/bin/qualys-cloud-agent.sh ActivationId=c4171172-7e24-47d8-a995-4364923c3b54 CustomerId=aac8d569-c20c-3a9f-e040-10ac130471e6"

enable qualys-cloud-agent service:
  service.running:
    - name: qualys-cloud-agent
    - enable: True
    - reload: True

{% endif %}

2. The following command is to install, activate and start the qualys-cloud-agent on RedHat and CentOS

# vi qualys-cloud-agent-debian.sls 

---

{% if grains['os_family'] == "Debian" -%}

install qualys-cloud-agent:
  pkg.installed:
    - sources:
      - qualys-cloud-agent: salt://_files//qualys-cloud-agent.x86_64.deb

activate qualys-cloud-agent:
  module.run:
    - name: cmd.run
    - cmd: "/usr/local/qualys/cloud-agent/bin/qualys-cloud-agent.sh ActivationId=c4171172-7e24-47d8-a995-4364923c3b54 CustomerId=aac8d569-c20c-3a9f-e040-10ac130471e6"

enable qualys-cloud-agent service:
  service.running:
    - name: qualys-cloud-agent
    - enable: True
    - reload: True

{% endif %}

3. To push / install the package to the single host use the following command and for group of systems you can use nodegroup name so push it.

# salt dev-vm1.acg.com state.apply qualys-cloud-agent-debian

4. Use the following command to create sshusers list and this group will be pushed to /etc/group on the client and only this sshusers will have access to ssh and rest of them will be blocked

# vi sshusers.sls

---
sshusers admin access:
  group.present:
    - name: sshusers
    - members:
      - root
      - dev_user1
      - dev_user2
     

5. Use the following state file to give sudo access to the list of users mentioned in the server_admins list under below mentioned path.

# vi sudoers.sls

setup server_admins sudoers access:
  file.managed:
    - name: /etc/sudoers.d/server_admins
    - source: salt://_files/sudoers/server_admins
    - user: root
    - group: root
    - mode: 440

6. Use the following state file to mount file systems per auto.master configuration in the specified server

# vi automount.sls

---
# RHEL5 & RHEL6
{% if salt['my_helpers.occurrences']('ldap', '/etc/auto.master') > 0 %}
Remove all brocade data:
  file.absent:
    - name: /etc/auto.master
{% endif %}

## RHEL7
{% if salt['my_helpers.occurrences']('sss', '/etc/auto.master') > 0 %}
Remove all brocade data:
  file.absent:
    - name: /etc/auto.master
{% endif %}

copy /etc/auto.master:
  file.managed:
    - name: /etc/auto.master
    - source: salt://_files/asic/_etc_auto.master

reload autofs daemon:
  service.running:
    - name: autofs
    - enable: True
    - reload: True
    - watch:
      - file: /etc/auto.master

7. To restrict other than sshusers for ssh use the following state file

# vi sshd-server.sls

---

include:
  - nisclient

{% if grains['os_family'] == "RedHat" -%}
{% if grains['osmajorrelease'] == 5  %}
{% if grains['osarch'] == "x86_64"  %}

/usr/local/sbin/sshd:
  file.managed:
  - source: salt://_files/el5/_usr_local_sbin_sshd
  - user: root
  - group: root
  - mode: 755

/etc/sysconfig/sshd:
  file.managed:
  - source: salt://_files/el5/_etc_sysconfig_sshd
  - user: root
  - group: root
  - mode: 644

{% if salt['file.file_exists']('/usr/local/sbin/sshd') -%}

/etc/init.d/sshd:
  file.replace:
    - name: /etc/init.d/sshd
    - pattern: SSHD=.*
    - repl: SSHD=/usr/local/sbin/sshd
    - append_if_not_found: True
    - backup: master
	service.running:
    - name: sshd
    - watch:
      - file: /etc/init.d/sshd

{% endif %}
{% endif %}

{% endif %}
{% endif %}

Disable GSSAPIAuthentication:
  file.line:
    - name: /etc/ssh/sshd_config
    - match: 'GSSAPIAuthentication yes'
    - mode: delete

Disable GSSAPICleanupCredentials:
  file.line:
    - name: /etc/ssh/sshd_config
    - match: 'GSSAPICleanupCredentials yes'
    - mode: delete

Enable UseDNS:
  file.replace:
    - name: /etc/ssh/sshd_config
    - pattern: ^#UseDNS .*
    - repl: UseDNS no
    - append_if_not_found: True
	- backup: master

Set UseDNS to "no":
  file.replace:
    - name: /etc/ssh/sshd_config
    - pattern: UseDNS .*
    - repl: UseDNS no
    - append_if_not_found: True
    - backup: master
  service.running:
    - name: sshd
    - watch:
      - file: /etc/ssh/sshd_config

sshusers group access:
  group.present:
    - name: sshusers
    - gid: 1000
    - system: True
    - addusers:
      - root

Copy nologin script:
  file.managed:
    - name: /opt/script/nologin
    - source: salt://_files/_nologin
    - mode: 755
    - makedirs: True
	/etc/ssh/sshd_config:
  file.append:
    - name: /etc/ssh/sshd_config
    - text: |

        # Allow access to sshusers group
        Match Group *,!sshusers
            ForceCommand /opt/script/nologin

8. Use the following script to force users not login for everyone other than mentioned Match group

# nologin

#!/bin/sh
echo -ne "\e[31m\e[1m"
cat << EOF
####################################################
#                                                  #
# You are not authorized to log on to this machine #
#                                                  #
####################################################
EOF
echo -ne "\e[0m"

9. Use the following command for sudoers file

# vi ~/_file/sudoers/server_admins

#
# server_admins sudoers file
#
User_Alias DEV=dev_user1,dev_user2,dev_user3
DEV        ALL=(ALL) NOPASSWD: ALL
qa_user1   ALL = (root) ALL

10. To get full inventory of a host

# salt nc-efabuild-01.extremenetworks.com grains.items

# salt nc-efabuild-01.extremenetworks.com grains.items os_faimily