Skip to main content

Comparing Optimization of Filtering in PowerShell

This morning in my Hunt Valley, MD PowerShell class, I extended yesterdays lesson (see yesterday’s post) into filtering optimization.  In the PowerShell world, we have a saying: “Filter to the Left”.  That means that you filter out as many objects as possible as close to the beginning of the piped commands as possible.  What we did was use the Get-EventLog cmdlet and filtered it in two ways.  We wanted to filter for Event ID 12.  In the Get-EventLog cmdlet, we used the InstanceID parameter with a value of 12.  In the second execution of Get-EventLog, we piped everything to Where-Object and filtered on the property InstanceID for a value of 12.  We then executed our code from yesterday to test the runtime for each one.

# Optimizing for Performance.

# Get-Help Get-EventLog -Parameter Newest

 

# Execute each section individually by highlighting

# the code and pressing F8.

Clear-History

 

# This is optimized

Get-EventLog -LogName System -InstanceId 12

 

# This is not Optimized

Get-EventLog -LogName System |

Where-Object InstanceID -eq 12

 

 

# Get the history information and execution times.

Get-History |

    Select-Object -Property CommandLine,

    @{N="ExecutionTime";

        E={($_.EndExecutionTime - $_.StartExecutionTime).TotalSeconds}} |

    Select-Object -Last 2

Here is the output from the fourth section.

CommandLine                                                                  ExecutionTime

-----------                                                                  -------------

Get-EventLog -LogName System -InstanceId 12                                      8.9346474

Get-EventLog -LogName System |...                                               14.6560631

You can see that the first command using its built in filtering capabilities is much faster than piping all the objects to Where-Object.

Comments

Popular posts from this blog

How to run GPResult on a remote client with PowerShell

In the past, to run the GPResult command, you would need to either physically visit this client, have the user do it, or use and RDP connection.  In all cases, this will disrupt the user.  First, you need PowerShell remoting enabled on the target machine.  You can do this via Group Policy . Open PowerShell and type this command. Invoke-Command –ScriptBlock {GPResult /r} –ComputerName <ComputerName> Replace <ComputerName> with the name of the target.  Remember, the target needs to be online and accessible to you.

How to force a DNS zone to replicate

For many implementations of DNS in a Windows environment, DNS is configured as being Active Directory integrated.  In other words, the DNS zone information is actually stored as a partition in the active directory database.  When Active Directory replicates, the zone data transfers.  For standard DNS deployments, the data is stored in a file.  You have to configure zone transfers manually in the DNS console.   The question in class was how to initiate replication manually.  Once you have properly configured a Primary and secondary DNS server and configured the Primary server to allow zone transfers, you can manually initiate a zone transfer.   Below you can see our test environment.  The image is of to RDP sessions to two different servers.  The DNS console on the left is the primary.  You can see and entry for Test2 that is not in the secondary database.  The servers are named NYC-DC2 (Primary DNS) and NYC-DC1 (Secondary DNS).  The DNS zone is named test.contoso.com . On the se

Disable SMB signing

It never fails.  Once ever couple of months I have a delegate in my class that has to keep a Windows NT4 box running.  There is nothing wrong with that.  Many applications build on Windows NT4 are solid.  Why upgrade and incur cost when no upgrade is really required?  That is generally the reason why Windows NT4 is being used.  Another reason is the vender went out of business, but the application that is required is really good and paid for. Two things to take note of.  If these Windows NT4 clients are going to be authenticating on a Windows Sever 2008 DC, then you may have a problem.  For WinNT 4.0 SP2 and earlier, SMB signing was not supported.  For WinNT4.0 SP3 and earlier, secure channel was not supported. SMB signing helps to prevent Man-in-the-middle attacks.  To open GPMC, click Start , click Run , type gpmc.msc , and then click OK . In the console tree, right-click Default Domain Controllers Policy in Domains\ Current Domain Name \Group Policy objects\Default Domain Co