Collect file properties from running processes and append to variable for export to CSV

Dave Scott
Dave Scott used Ask the Experts™
on
Hi,

I'm trying to export particular meta data from exe files running processes. Ideally everything listed in the VersionInfo tabbed in section., plus the dates. I've been finding PowerShell pretty logical and straight forward so far, but this has me stumped.

I've been trying a whole host of different ways to do this,. And it works if I use out-file, but I'd like the data to be exported as a csv.

I guess I have 2 problems, 1 the Select-Object doesn't seem to access the VersionInfo sub-properties and when ever I try to export it to CSV it fails.

Is there a way of appending objects together, so that they can be handled correctly by the export-csv? Or selecting the data and converting to csv, before appending?

Thank you

$arr = Get-WmiObject Win32_Process -Computer $MachineName  | select ExecutablePath -ExpandProperty ExecutablePath
$data = $null

foreach ($File in $arr)
{
    if (-Not ([string]::IsNullOrWhitespace($file)))
    {
      $Data += Get-ItemProperty -Path $File | Format-list -Property * -Force
      #$Data += Get-ItemProperty -Path $File | Select-Object VersionInfo | ConvertTo-Csv
    }

}

$Data | export-csv $FullPath

Open in new window


This kind of data, but in a single CSV for all files.
VersionInfo       : File:             C:\Windows\system32\taskhostex.exe
                    InternalName:     taskhostex.exe
                    OriginalFilename: taskhostex.exe.mui
                    FileVersion:      6.3.9600.16384 (winblue_rtm.130821-1623)
                    FileDescription:  Host Process for Windows Tasks
                    Product:          Microsoft® Windows® Operating System
                    ProductVersion:   6.3.9600.16384
                    Debug:            False
                    Patched:          False
                    PreRelease:       False
                    PrivateBuild:     False
                    SpecialBuild:     False
                    Language:         English (United States)
CreationTime      : 22/11/2014 12:44:54 PM
CreationTimeUtc   : 22/11/2014 1:44:54 AM
LastAccessTime    : 25/08/2016 1:51:39 PM
LastAccessTimeUtc : 25/08/2016 3:51:39 AM
LastWriteTime     : 22/11/2014 12:44:54 PM
LastWriteTimeUtc  : 22/11/2014 1:44:54 AM
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Most Valuable Expert 2018
Distinguished Expert 2018
Commented:
The VersionInfo field has no defined values. For exes, you can usually rely on ProductVersion and FileVersion, but even those are not set for every file. Inother words: you have to pick a list of properties that are likely to be there if you want the resukts to be exported to a common csv.
$ComputerName = $ENV:ComputerName
Get-WmiObject Win32_Process -Computer $ComputerName |
	Select-Object -ExpandProperty ExecutablePath |
	Get-Item |
	Select-Object -Property `
		@{n='ComputerName'; e={$ComputerName}},
		Name,
		DirectoryName,
		@{n='FileVersion'; e={$_.VersionInfo.FileVersion}},
		@{n='ProductVersion'; e={$_.VersionInfo.ProductVersion}},
		@{n='OriginalFilename'; e={$_.VersionInfo.OriginalFilename}},
		@{n='Language'; e={$_.VersionInfo.Language}},
		CreationTime,
		LastWriteTime |
	Export-Csv -Path C:\Temp\ProcessList.csv -NoTypeInformation

Open in new window

Author

Commented:
Awesome thank you.

I would never have gotten that, I didn't even know that   `    was a character in use in powershell or any different from '
Most Valuable Expert 2018
Distinguished Expert 2018

Commented:
The backtick is Powershell's Escape character, and it can be used for line continuation as well.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial