Get-BluGenieChildItemList

Get-BluGenieChildItemList [[-SearchPath] <Object>] [-Recurse] [[-FilterType] <String>] [[-Pattern] <Object>] [-Remove] [[-StopWatchCounter] <Int32>] [[-SleepTimerSec] <Int32>] [[-Algorithm] <String>] [-Signature] 
[-Permissions] [-ShowProgress] [-ClearGarbageCollecting] [-UseCache] [[-CachePath] <String>] [-RemoveCache] [[-DBName] <String>] [[-DBPath] <String>] [-UpdateDB] [-ForceDBUpdate] [-NewDBTable] [-Walkthrough] 
[-ReturnObject] [-OutUnEscapedJSON] [-OutYaml] [[-FormatView] <String>] [<CommonParameters>]

Command: Get-BluGenieChildItemList -SearchPath C:\Temp -Recurse -Pattern '^notepad\.\w{3}$'

Description: Search C:\Temp and all sub directories for any file or directory named Notepad.*
Notes:

Command: Get-BluGenieChildItemList -SearchPath C:\Temp,C:\Trash,C:\Users -Recurse -Pattern '^notepad\.\w{3}$'

Description: Search multiple directories and all sub directories for any file or directory named Notepad.*.
Notes:

Command: Get-BluGenieChildItemList -SearchPath C:\Temp,C:\Trash,C:\Users -Recurse -Pattern '0e61079d3283687d2e279272966ae99d' -FilterType

HashDescription: Search multiple directories and the sub directories for a Hash value determined by the default Algorithm type of MD5
Notes:

Command: Get-BluGenieChildItemList -SearchPath C:\Windows -Pattern '^notepad\.\w{3}$' -Permissions -ShowStreamValue -Signature

Description: Query the C:\Windows dir for a file or directory named Notepad.* and return all associated Permissions, Alternate Data
Streams, and Signature information
Notes:

Command: Get-BluGenieChildItemList -SearchPath Temp -Recurse

Description: Search for all file(s) under (All Temp Locations for each user and the system) and sub directories
Notes:

Command: Get-BluGenieChildItemList -SearchPath Temp -Recurse -UseCache

Description: Cache found objects to disk to not over tax Memory resources
Notes: By default the Cache location is %SystemDrive%\Windows\Temp

Command: Get-BluGenieChildItemList -SearchPath Temp -Recurse -UseCache -RemoveCache

Description: Remove Cache data
Notes:

Command: Get-BluGenieChildItemList -SearchPath Temp -Recurse -UseCache -CachePath $Env:Temp

Description: Change the Cache path to the current users Temp directory
Notes: By default the Cache location is %SystemDrive%\Windows\Temp

Command: Get-ChildItem -path $env:temp -File | Get-BluGenieChildItemList -SearchPath Temp -Recurse -UseCache -ClearGarbageCollecting

Description: Scan large directories and limit the memory used to track data
Notes:

Command: Get-BluGenieChildItemList -SearchPath 'Temp' -Recurse -FilterType NameIncludeAll -UpdateDB

Description: Search every user and system Temp directory for all normal file information including hash and save the return to a DB
Notes: The default path is $('{0}\BluGenie' -f $env:ProgramFiles)  Example: C:\Program Files\BluGenie

Command: Get-BluGenieChildItemList -Help

Description: Call Help Information
Notes: If Help / WalkThrough is setup as a parameter, this script will be called to setup the Dynamic Help Menu if not the normal
Get-Help will be called with the -Full parameter

Command: Get-BluGenieChildItemList -WalkThrough

Description: Call Help Information [2]
Notes: If Help / WalkThrough is setup as a parameter, this script will be called to setup the Dynamic Help Menu if not the normal
Get-Help will be called with the -Full parameter

Command: Get-BluGenieChildItemList -SearchPath Temp -Recurse -OutUnEscapedJSON

Description: Return a detailed function report in an UnEscaped JSON format
Notes:  The OutUnEscapedJSON is used to Beautify the JSON return and not Escape any Characters.  Normal return data is a Hash Table.

Command: Get-BluGenieChildItemList -SearchPath Temp -Recurse -OutYaml

Description: Return a detailed function report in YAML format
Notes:  The OutUnEscapedJSON is used to Beautify the JSON return and not Escape any Characters.  Normal return data is a Hash Table.

Command: Get-BluGenieChildItemList -SearchPath Temp -Recurse -ReturnObject

Description: Return Output as a Object
Notes:  The ReturnObject is used to return a PowerShell Object.  Normal return data is a Hash Table.
This parameter is also used with the ForMat

Command: Get-BluGenieChildItemList -SearchPath Temp -Recurse -ReturnObject -FormatView Yaml

Description: Output PSObject information in Yaml format
Notes:  Current formats supported by default are ('Table','Custom','CustomModified','None','JSON','OutUnEscapedJSON','CSV', 'Yaml', 'XML')
Default is set to (None) and normal PSObject.

-SearchPath <Object>
   Description: The path to start your search from
   Notes:
           If you specify "Temp" in the SearchPath field all the %SystemDrive%\Users\* Temp directories and the
           %SystemRoot%\Temp will be searched only.
   
           If you specify "AllUsers" in the SearchPath path all User Profiles from %SystemDrive%\Users will be
           prefixed to the rest of the path.
               Example:  -SearchPath 'AllUsers\AppData\Roaming'
   
               Output:     C:\Users\Administrator\AppData\Roaming
                           C:\Users\User1\AppData\Roaming
                           C:\Users\User2\AppData\Roaming
                           C:\Users\User3\AppData\Roaming
                           C:\Users\User4\AppData\Roaming
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    1
   Default value                $(Get-Location).Path
   Accept pipeline input?       false
   Accept wildcard characters?  false

-Recurse [<SwitchParameter>]
   Description: Recurse through subdirectories
   Notes:
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

-FilterType <String>
   Description:  Which property to filter by
   Notes:
           Filter Option = "Path"					-   Path Query with general file information
           Filter Option = "PathIncludeAll"        -   Path Query with extended file metadata
           Filter Option = "Name"                 	-   Name Query with general file information
           Filter Option = "NameIncludeAll"        -   Name Query with extended file metadata
           Filter Option = "Type"             		-   File Type Query with general file information
           Filter Option = "TypeIncludeAll"        -   File Type Query with extended file metadata
           Filter Option = "Hash"                  -   Hash Value Query with general file information
           Filter Option = "HashIncludeAll"		-	Hash Value Query with extended file metadata
           Filter Option = "ADS"					-	Alternate Data Stream Query (True Only) with general file information
           Filter Option = "ADSIncludeAll"		    -	Alternate Data Stream Query (True Only) with extended file metadata
   
           Default is a "Name" Query
   Alias:
   ValidateSet: 'Path','PathIncludeAll','Name','NameIncludeAll','Type','TypeIncludeAll','Hash','HashIncludeAll','ADS','ADSIncludeAll'
   
   Required?                    false
   Position?                    2
   Default value                Name
   Accept pipeline input?       false
   Accept wildcard characters?  false

-Pattern <Object>
   Description: Search Pattern using RegEx
   Notes: Using -SearchHidden will convert the Pattern to RegEx Automatically but without the comma or
   the -SearchHidden the -Pattern is viewed as as a Command Console Search pattern.  You can use (*) wildcards.
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    3
   Default value                .*
   Accept pipeline input?       false
   Accept wildcard characters?  false

-Remove [<SwitchParameter>]
   Description: Remove the File(s) and Directory(s) found
   Notes:
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

-StopWatchCounter <Int32>
   Description: Determine how many times the recheck for removing a file or directory happenes.  By default (12) times with a 5 second sleep
   Notes:  Determine how many times the recheck for removing a file or directory happenes.  By default (12) times with a 5 second sleep
           inbetween which is (60 seconds total)
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    4
   Default value                12
   Accept pipeline input?       false
   Accept wildcard characters?  false

-SleepTimerSec <Int32>
   Description: Determine the Sleep time in seconds before the next recheck.  By default this is a 5 second sleep with 12 rechecks
   Notes:  Determine the Sleep time in seconds before the next recheck.  By default this is a 5 second sleep with 12 rechecks which is
           (60 seconds total)
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    5
   Default value                5
   Accept pipeline input?       false
   Accept wildcard characters?  false

-Algorithm <String>
   Description:  Specifies the cryptographic hash to use for computing the hash value of the contents of the specified file.
   Notes:  The acceptable values for this parameter are:
   
           - SHA1
           - SHA256
           - SHA384
           - SHA512
           - MACTripleDES
           - MD5 = (Default)
           - RIPEMD160
   Alias:
   ValidateSet: 'MACTripleDES','MD5','RIPEMD160','SHA1','SHA256','SHA384','SHA512'
   
   Required?                    false
   Position?                    6
   Default value                MD5
   Accept pipeline input?       false
   Accept wildcard characters?  false

-Signature [<SwitchParameter>]
   Description: Query Signature information
   Notes:
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

-Permissions [<SwitchParameter>]
   Description: Query Access Control List (ACL) information
   Notes:
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

-ShowProgress [<SwitchParameter>]
   Description: Display file count information to the Host to show query progress
   Notes:
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

-ClearGarbageCollecting [<SwitchParameter>]
   Description: Garbage Collection in Powershell to Speed up Scripts and help lower memory consumption
   Notes: This is enabled by default.  To disable use -ClearGarbageCollecting:$False
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

-UseCache [<SwitchParameter>]
   Description: Cache found objects to disk.  This is to not over tax Memory resources with found artifacts
   Notes: By default the Cache location is %SystemDrive%\Windows\Temp
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

-CachePath <String>
   Description: Path to store the Cache information
   Notes: By default the Cache location is %SystemDrive%\Windows\Temp
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    7
   Default value                $('{0}\Windows\Temp\{1}.log' -f $env:SystemDrive, $(New-BluGenieUID))
   Accept pipeline input?       false
   Accept wildcard characters?  false

-RemoveCache [<SwitchParameter>]
   Description: Remove Cache data on completion
   Notes: Cache information is removed right before the data is returned to the calling process
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

-DBName <String>
   Description: Database Name (Without extention)
   Notes: The default name is set to 'BluGenie'
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    8
   Default value                BluGenie
   Accept pipeline input?       false
   Accept wildcard characters?  false

-DBPath <String>
   Description: Path to either Save or Update the Database
   Notes: The default path is $('{0}\BluGenie' -f $env:ProgramFiles)  Example: C:\Program Files\BluGenie
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    9
   Default value                $('{0}\BluGenie' -f $env:ProgramFiles)
   Accept pipeline input?       false
   Accept wildcard characters?  false

-UpdateDB [<SwitchParameter>]
   Description: Save return data to the Sqlite Database
   Notes:
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

-ForceDBUpdate [<SwitchParameter>]
   Description: Force an update of the return data to the Sqlite Database
   Notes: By default only new items are saved.  The primary key is ( FullName )
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

-NewDBTable [<SwitchParameter>]
   Description: Delete and Recreate the Database Table
   Notes:
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

-Walkthrough [<SwitchParameter>]
   Description:  Start the dynamic help menu system to help walk through the current command and all of the parameters
   Notes:
   Alias: Help
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

-ReturnObject [<SwitchParameter>]
   Description: Return information as an Object
   Notes: By default the data is returned as a Hash Table
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

-OutUnEscapedJSON [<SwitchParameter>]
   Description: Remove UnEsacped Char from the JSON information.
   Notes: This will beautify json and clean up the formatting.
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

-OutYaml [<SwitchParameter>]
   Description: Return detailed information in Yaml Format
   Notes: Only supported in Posh 3.0 and above
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

-FormatView <String>
   Description: Automatically format the Return Object
   Notes: Yaml is only supported in Posh 3.0 and above
   Alias:
   ValidateSet: 'Table','Custom','CustomModified','None','JSON','OutUnEscapedJSON','CSV', 'Yaml'
   
   Required?                    false
   Position?                    10
   Default value                None
   Accept pipeline input?       false
   Accept wildcard characters?  false