Subscribe to Windows IT Pro

PowerShell with a Purpose Blog

by Don Jones

Creating and Comparing Configuration Baselines


Posted @ 9/6/2010 12:44 PM By Don Jones

 
There are a few simple facts about PowerShell that, when taken individually, don't seem like much. For example, it can export objects to XML files. It can also compare one set of objects to another and show you the differences. But taken together, those two little facts can be quite powerful.

Let's start with an example that might not seem all that useful at first. 

Get-Process | Export-CliXML c:\procs.xml

Now you have a snapshot of the processes running on your system, saved in an XML file. Let's say you do this on a server, where the running processes should be pretty predictable and unchanging. That XML file is a baseline - and you can get PowerShell to show you variations. Sometime later, go back and run this:

Compare-Object (Import-CliXML c:\procs.xml) (Get-Process)

Hmm. Not useful - because most of a process' properties, like memory and CPU usage, are constantly changing. Let's narrow that down so that, rather than comparing the entire object, we're just looking at process names.

Compare-Object (Import-CliXML c:\procs.xml) (Get-Process) -property Name

Now that's useful. The output will show any differences between those two sets. So this is a neat example - but the real magic is that PowerShell can do this with just about anything. Query service information via WMI, for example. OS configuration information. Memory configuration. You name it. For example:

Get-WmiObject Win32_OperatingSystem | Export-CliXML c:\os_baseline.xml
Compare-Object (Import-CliXML c:\os_baseline.xml) (Get-WmiObject Win32_OperatingSystem)

Ideally, you don't want to see any differences - but if you do, it tells you that something has changed. This is the pattern to use with almost any cmdlet or WMI class: Export it to a CliXML file. Then, when you're ready to compare, run the same command again as one of the inputs to Compare-Object, with the other input being the import of that previously-created CliXML file.

What sorts of things would YOU baseline and compare?

Related Content:


Want to use this article? Click here for options!

Comments

Add A Comment
  • Posted @ October 12, 2010 08:59 PM by Arnold60

    Nice job!, You certainly are giving your visitors a lot of precious info. This blog will be a hit!
    I just love blogging and as i get spare time from busy schedule i start working on it. Wonderful post, I really enjoyed reading it!

  • Posted @ September 29, 2010 03:33 PM by Kevin Marquette

    Thanks for this idea. I added creating a baseline to our server maintenance procedures. So far I get services, processes, local group membership, open ports, and an ipconfig for good measure.

    I figure I can use this information later when tracking down strange processes or services.

  • Posted @ September 16, 2010 04:44 PM by Don Jones

    Thanks, pogotech! I'm always looking for other article ideas, too, so if you have any feel free to share, either in a comment her eon the blog, or to my Twitter handle @concentrateddon.

  • Posted @ September 07, 2010 07:34 AM by pogotech

    This is very helpful, little bits of information like this are helpful in locking down a server and making sure the other servers that you are running are locked down the same.

You must log on before posting a comment.

Are you a new visitor? Register Here

Cloud IT Pro DevProConnections Left-Brain Mobile Dev Pro SharePoint Pro SQL Server Pro SuperSite for Windows Windows IT Pro

© 2012 Penton Media, Inc.

Home About Us Advertise Customer Service Privacy Statement Subscribe/Renew Terms Of Use

Windows is a trademark of the Microsoft group of companies. Windows IT Pro is used by Penton Media Inc. under license from owner.