asked on read in IP addresses from file and export DNS name | powershell
i have ran netstat -ano on a server and i now need to know what the A record for each IP is.
Is this possible using powershell
Is this possible using powershell
Powershell
Last Comment
Guy Lidbetter
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
how do you export that to a csv or text file?
Add either
For a CSV
For a TXT
BEFORE the closing "}"
Regards
Guy
For a CSV
| Export-CSV Filename.csv -NoTypeInformation
For a TXT
| Out-File filname.txt
BEFORE the closing "}"
Regards
Guy
If you pipe the output of the netstat command to a text file, then the following script will read the contents of the file and return the DNS A records
1. from command prompt run: netstat -ano > netstat-ano.txt
1a. make sure the netstat-ano.txt file is in the same directory as the PowerShell script.
2. update the script in the following place:
2a. line 1: replace <YourServerTcpIpAddress> with the real IP address of the server you ran the netstat on
3. from a PowerShell prompt, navigate to the directory where the script and text file is
4. run PS script
The script will read the text file, look for entries that have the server's IP, save the remote address into an array, sort and dedup the array, then run a lookup on the addresses remaining in the list.
This way, you can just use the raw output from netstat... no need to reformat or rework the contents of the text file.
Dan
1. from command prompt run: netstat -ano > netstat-ano.txt
1a. make sure the netstat-ano.txt file is in the same directory as the PowerShell script.
2. update the script in the following place:
2a. line 1: replace <YourServerTcpIpAddress> with the real IP address of the server you ran the netstat on
3. from a PowerShell prompt, navigate to the directory where the script and text file is
4. run PS script
The script will read the text file, look for entries that have the server's IP, save the remote address into an array, sort and dedup the array, then run a lookup on the addresses remaining in the list.
$serverip = "<YourServerTcpIpAddress>"
$file = Get-Content netstat-ano.txt
$arrTemp = @()
$arrDeduppedList = @()
foreach ($line in $file)
{
if ($line.Contains($serverip))
{
$output = (($line -split (" "))[4] -split (":"))[0]
$arrTemp += $output.Trim()
}
}
$arrDeduppedList = $arrTemp | sort | get-unique
foreach ($thing in $arrDeduppedList)
{
[System.Net.dns]::GetHostbyAddress($thing)
}
This way, you can just use the raw output from netstat... no need to reformat or rework the contents of the text file.
Dan
Why don't you just get rid of the file create\import and stick it in a variable
Instead of
$File = Netstat -ano
Instead of
$file = Get-Content netstat-ano.txt
Thanks Guy! For some reason I thought it wasn't that easy, was playing with start-process. But hey! Learned something new today.
Updated script:
Dan
Updated script:
$serverip = "<YourServerTcpIpAddress>"
$arrTemp = @()
$arrDeduppedList = @()
$file = netstat -ano
foreach ($line in $file)
{
if ($line.Contains($serverip))
{
$output = (($line -split (" "))[4] -split (":"))[0]
$arrTemp += $output.Trim()
}
}
$arrDeduppedList = $arrTemp | sort | get-unique
foreach ($thing in $arrDeduppedList)
{
[System.Net.dns]::GetHostbyAddress($thing)
}
Dan
One more update. I wanted to remove as much manual editing as possible. This will work for devices with a single IP. I haven't tested it on a device with multiple addresses.
Removed the need to edit the script with the IP address of interest. This line:
- is replaced by this -
Edit is no longer necessary. Just run the script on the computer/server you are interested in.
Full script:
Dan
Removed the need to edit the script with the IP address of interest. This line:
$serverip = "<YourServerTcpIpAddress>"
- is replaced by this -
$servername = $env:computername + "." + $env:userdnsdomain
$serverip = [System.Net.Dns]::GetHostbyName($servername).AddressList.IPAddressToString
Edit is no longer necessary. Just run the script on the computer/server you are interested in.
Full script:
$arrTemp = @()
$arrDeduppedList = @()
$servername = $env:computername + "." + $env:userdnsdomain
$serverip = [System.Net.Dns]::GetHostbyName($servername).AddressList.IPAddressToString
$file = netstat -ano
foreach ($line in $file)
{
if ($line.Contains($serverip))
{
$output = (($line -split (" "))[4] -split (":"))[0]
$arrTemp += $output.Trim()
}
}
$arrDeduppedList = $arrTemp | sort | get-unique
foreach ($thing in $arrDeduppedList)
{
[System.Net.Dns]::GetHostbyAddress($thing)
}
Dan
You could use this to get a list of IPv4 addresses on a server
And I suppose you could wrap the whole script up in ForEach IP.....
$IPAddresses = Get-NetIPAddress | where {($_.AddressFamily -eq "IPv4") -AND ($_.IPAddress -ne "127.0.0.1")} | select IPAddress
And I suppose you could wrap the whole script up in ForEach IP.....
Yes, it would. But, I believe Get-NetIPaddress is only available on Server 2012 & 2012 R2 (Win8 & 8.1).
The OP didn't specify the server OS.
Dan
The OP didn't specify the server OS.
Dan
If you want to process all the results of netstat -ano and turn it into objects, you could use this.
http://poshcode.org/2701
It would easy enough to add [System.Net.Dns]::GetHostB
http://poshcode.org/2701
It would easy enough to add [System.Net.Dns]::GetHostB
Actually, instead of the poscode link, looks like someone has already extended it to add this functionality.
https://gallery.technet.microsoft.com/scriptcenter/Get-NetworkStatistics-66057d71
https://gallery.technet.microsoft.com/scriptcenter/Get-NetworkStatistics-66057d71
OH! Good point...
How about:
How about:
$IPAddressTable = Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter 'IPEnabled = True'
$IPAddresses = $IPAddressTable.ipaddress | where {$_ -like "*.*"}
Foreach ($IPAddress in $IPAddresses) { <Script here> }