PS: Compare Files

1 minute read

Description:

Many administrators create baselines for systems when they are working and then take snapshots afterwards to compare. Follow these steps to compare files in PS.

To Resolve:

  1. Let’s use Processes for example. We will compare current processes with a “baseline” test (a snapshot of when the system was stable).

    1
    
    Get-Process | Export-Clixml C:\Procs.Xml
    
  2. Open a few “notepad.exe” instances. Now run:

    1
    
    Compare-Object (Import-Clixml C:\Procs.Xml) | (Get-Process)
    
  3. Type:

    1
    
    Compare-Object (Import-Clixml C:\Procs.Xml) (Get-Process) -Property Name
    
  4. Use the above steps to compare just about anything in Powershell. CliXML is preferred because it holds the most properties similar to an object.

  5. Another example:

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    
    # Shows same between 1 and 2  
    # This shows all the servers that are the same between the vuln.txt and prod.txt.  
    Compare-Object -ReferenceObject $( Get-Content "c:\_gwill\temp\vuln.txt" ) -DifferenceObject $( Get-Content "c:\_gwill\temp\prod.txt" ) -IncludeEqual -ExcludeDifferent
    
    # Shows what is in 2 that is not in 1.  
    # Shows all the servers that are in prod.txt, but not in vuln.txt
    
    Compare-Object -ReferenceObject $( Get-Content "c:\_gwill\temp\vuln.txt" ) -DifferenceObject $( Get-Content "c:\_gwill\temp\prod.txt" ) |
    Where-Object -Property SideIndicator -eq '=>'
    
    # Shows what is in 1 that is not in two  
    # Shows all the servers that are in vuln.txt, but not in prod.txt
    
    Compare-Object -ReferenceObject $( Get-Content "c:\_gwill\temp\vuln.txt" ) -DifferenceObject $( Get-Content "c:\_gwill\temp\prod.txt" ) |
    Where-Object -Property SideIndicator -eq '<='
    

Comments