Manual
  • BluSapphire Manuals
  • BluSapphire
    • Detections
      • Creating "Detections" Using BluSapphire Portal
    • Roles & Permissions
    • Knowledge Base
  • BluGenie
    • Full Function List
      • Add-BluGenieFirewallRule
      • Clear-BlugenieMemory
      • Connect-BluGenieToSystem
      • Convert-BluGenieSID2UserName
      • Convert-BluGenieSize
      • Convert-BluGenieUserName2SID
      • Convert-BluGenieUTCtoLocal
      • ConvertFrom-Yaml
      • ConvertTo-BluGenieDate
      • ConvertTo-Yaml
      • Disable-BluGenieAllFirewallRules
      • Disable-BluGenieFirewallRule
      • Enable-BluGenieAllFirewallRules
      • Enable-BluGenieFirewallRule
      • Enable-BluGenieWinRMoverWMI
      • Expand-BluGenieArchivePS2
      • Format-BluGenieEvent
      • Get-BluGenieADGroupMembers
      • Get-BluGenieADGroups
      • Get-BluGenieADMachineInfo
      • Get-BluGenieAuditProcessTracking
      • Get-BluGenieAutoRuns
      • Get-BluGenieChildItemList
      • Get-BluGenieCOMObjectInfo
      • Get-BluGenieCurrentSessionAliases
      • Get-BluGenieCurrentSessionFunctions
      • Get-BluGenieCurrentSessionVariables
      • Get-BluGenieErrorAction
      • Get-BluGenieFileADS
      • Get-BluGenieFilePermissions
      • Get-BluGenieFileSnapshot
      • Get-BluGenieFileStreams
      • Get-BluGenieFirewallRules
      • Get-BluGenieHashInfo
      • Get-BluGenieHelp
      • Get-BluGenieHostingVersion
      • Get-BluGenieIPrange
      • Get-BluGenieLiteralPath
      • Get-BluGenieLoadedRegHives
      • Get-BluGenieLockingProcess
      • Get-BluGenieMRUActivityView
      • Get-BluGenieProcessList
      • Get-BluGenieRegistry
      • Get-BluGenieRegistryProcessTracking
      • Get-BluGenieRegSnapshot
      • Get-BluGenieRunSpaceSessionAliases
      • Get-BluGenieRunSpaceSessionFunctions
      • Get-BluGenieRunSpaceSessionVariables
      • Get-BluGenieSchTaskInfo
      • Get-BluGenieScriptDirectory
      • Get-BluGenieServiceList
      • Get-BluGenieServiceStatus
      • Get-BluGenieSessionAliasList
      • Get-BluGenieSessionFunctionList
      • Get-BluGenieSessionVariableList
      • Get-BluGenieSettings
      • Get-BluGenieSignature
      • Get-BluGenieSystemInfo
      • Get-BluGenieToolsDirectory
      • Get-BluGenieTranscriptsDir
      • Get-BluGenieTranscriptsFile
      • Get-BluGenieTrapData
      • Get-BluGenieWindowsTitle
      • Get-BluGenieWindowsUpdates
      • Install-BluGenieHarvester
      • Install-BluGenieSysMon
      • Invoke-BluGenieAnalyzer
      • Invoke-BluGenieFileBrowser
      • Invoke-BluGenieLoadAllProfileHives
      • Invoke-BluGenieNetStat
      • Invoke-BluGenieParallel
      • Invoke-BluGenieProcess
      • Invoke-BluGenieProcessHash
      • Invoke-BluGeniePSQuery
      • Invoke-BluGeniePython
      • Invoke-BluGenieSQLLQuery
      • Invoke-BluGenieThreadLock
      • Invoke-BluGenieUnLoadAllProfileHives
      • Invoke-BluGenieWalkThrough
      • Invoke-BluGenieWipe
      • Invoke-BluGenieYara
      • Invoke-PSipcalc
      • Invoke-PSnmap
      • Invoke-SQLiteBulkCopy
      • Invoke-SqliteQuery
      • Invoke-WalkThrough
      • Join-BluGenieObjects
      • New-BluGenieCommand
      • New-BluGenieHelpMenu
      • New-BluGenieService
      • New-BluGenieSessionInfo
      • New-BluGenieTimeStamp
      • New-BluGenieUID
      • New-SQLiteConnection
      • Open-BluGenieLog
      • Open-BluGenieLogDir
      • Open-BluGenieScriptDir
      • Open-BluGenieToolDir
      • Open-BluGenieTransDir
      • Out-DataTable
      • Publish-BluGenieArtifact
      • Publish-BluGenieFirewallRules
      • Remove-BluGenieFile
      • Remove-BluGenieFirewallRule
      • Remove-BluGenieModule
      • Remove-BluGenieService
      • Resolve-BluGenieDnsName
      • Send-BluGenieItem
      • Set-BluGenieAuditProcessPol
      • Set-BluGenieCommands
      • Set-BluGenieCores
      • Set-BluGenieDebugger
      • Set-BluGenieFirewallGPOStatus
      • Set-BluGenieFirewallStatus
      • Set-BluGenieJobId
      • Set-BluGenieJobMemory
      • Set-BluGenieJobTimeout
      • Set-BluGenieNoBanner
      • Set-BluGenieNoExit
      • Set-BluGenieNoSetRes
      • Set-BluGenieParallelCommands
      • Set-BluGeniePostCommands
      • Set-BluGeniePrefetch
      • Set-BluGenieProcessCPUAffinity
      • Set-BluGenieProcessPriority
      • Set-BluGenieRange
      • Set-BluGenieRemoteDesktopProcess
      • Set-BluGenieScriptCredentials
      • Set-BluGenieServiceJob
      • Set-BluGenieSessionInfo
      • Set-BluGenieSettingsPriority
      • Set-BluGenieSystems
      • Set-BluGenieThreadCount
      • Set-BluGenieTrapping
      • Set-BluGenieUpdateMods
      • Set-BluGenieVerbose
      • Show-BluGenieGUI
      • Show-BluGenieMore
      • Start-BluGenieNewProcess
      • Start-BluGenieRunSpace
      • Stop-BluGenieService
      • Test-BluGenieIsFileLocked
      • Test-BluGenieIsMutexAvailable
      • Trace-BluGenieFireWallStatus
      • Update-BluGenieFirewallProfileStatus
      • Update-BluGenieSysinternals
      • Update-Sqlite
      • Write BluGenieVerboseMsg
    • Functions by Category
      • Discovery
        • Registry
        • File/Folder
        • Process
        • System
        • Network
        • ActiveDirectory
      • Execution
        • Registry
        • File/Folder
        • Process
        • System
        • Network
        • Tools
      • Support
    • Artifacts
      • Example Template
      • Tactical Artifacts by Category
        • Combination Query
          • Query Autorun locations for any item nested that is not digitally signed
        • EventLog Query
          • Query for Process execution from unusual directories
          • Query suspicious programs processed by the Task Scheduler using the Event Log
          • Query for unusual instances of rundll32.exe via the Event Log
          • Query for Unusual Instances of rundll32.exe making outbound network connections using SysMon Data
          • Query Suspicious Powershell Command Line Executions
          • Query the Windows System Log for 104, 517, 1102
        • File and Folder Query
          • Query for malicious file types in all users and system temp directories
          • Query Malicious file types from any directory not including the default OS and Install directories
          • Query all users for their Powershell Profile content for Powershell, Powershell_ISE, and VS Code
          • Query to Determine if any lolbin files are installed outside the normal OS and Program Files dir's
        • Network Query
          • Query for Unusual Windows Network Activity
        • Process Query
          • Query for all Processes not running from the Windows and Program Files.* Directories
        • Registry Query
          • Query Information from the Registry on Recentdocs, Recentapps
          • Query Registry for a list of mounted USB storage devices, including external memory cards
          • Query the Most Recently Used items from the Registry
          • Query the Most Recently Open and Saved File information from the Registry
          • Query all Run, RunOnce, and RunOnceEx Registry Keys
          • Query Command list from the MRU Registry List
          • Query Startup Services from the Registry
          • Query Map Network Drives from the Registry
          • Query Shell Folders and User Shell Folders from both the HKLM and HKU Registry Information
          • Query Typed Urls from the Registry
          • Query Current Control Set Services information from the Registry
          • Query Accessibility Features from Image File Execution Options from the Registry
          • Query the Registry for Commands that are automatically executed each time cmd.exe is run
          • Query the Registry for Mounted Device information
          • Query the Registry for Browser Helper Objects (BHO)
          • Query the Registry for Explore Run commands
          • Query the Registry for Winlogon Helper Dll's
          • Query the Registry for Active Setup information
          • Query the Registry for Bypassing UAC Mechanisms from the User-Accessible information
          • Query the Registry for User-Logon, and Startup Scripts
          • Query the Registry for the most common MRU information for All User Hives, including offline users
          • Query the Registry for any user, using the SysInternals Tools
Powered by GitBook
On this page
  • Invoke-BluGenieYara
  • SYNOPSIS
  • SYNTAX
  • DESCRIPTION
  • EXAMPLES
  • PARAMETERS
  1. BluGenie
  2. Full Function List

Invoke-BluGenieYara



Invoke-BluGenieYara

SYNOPSIS

Yara Scanner

SYNTAX

Invoke-BluGenieYara [[-ItemToScan] <String[]>] [-Rules <String>] [-RulesSource <String[]>] [-CompiledRules] [-ToolPath <String>] [-Count] [-Tag <String>] [-Identifier <String>] [-Negate] [-PrintTags] [-PrintMeta] 
[-MaxStringsPerRule <Int32>] [-PrintStrings] [-PrintStats] [-PrintNamespace] [-Threads <Int32>] [-PrintStringLength <Int32>] [-MaxRules <Int32>] [-Timeout <Int32>] [-Recurse] [-FastScan] [-StasckSize <Int32>] 
[-FailOnWarnings] [-NoWarnings] [-Version] [-CommandHelp] [-ClearGarbageCollecting] [-UseCache] [-CachePath <String>] [-RemoveCache] [-DBName <String>] [-DBPath <String>] [-UpdateDB] [-ForceDBUpdate] 
[-NewDBTable] [-Walkthrough] [-ReturnObject] [-OutUnEscapedJSON] [-OutYaml] [-FormatView <String>] [<CommonParameters>]

DESCRIPTION

Invoke-BluGenieYara is a wrapper around the YARA tool. The Yara tools is designed to help malware researchers identify and classify malware samples. It’s been called the pattern-matching Swiss Army knife for security researchers (and everyone else).

EXAMPLES

EXAMPLE 1

Command: Invoke-BluGenieYara -ItemToScan $env:TEMP
Description: Scan all files under $env:temp directory with any .Yar rules found
Notes:

EXAMPLE 2

Command: Invoke-BluGenieYara -ItemToScan $env:TEMP -Recurse
Description: Recursive Directory Scan
Notes:

EXAMPLE 3

Command: Invoke-BGYara -ItemToScan $env:TEMP -Recurse
Description: Use the (BG) Alias to run Yara
Notes:

EXAMPLE 4

Command: Yara -ItemToScan $env:TEMP -Recurse
Description: Use the Short Name Alias to run Yara scan
Notes:

EXAMPLE 5

Command: Invoke-BluGenieYara -ItemToScan "$env:TEMP\AttachmentArchive.msg" -Rules 'Attachment'
Description: Run all Rules with Attachment in the name against the .MSG file in the temp direcotry
Notes:

EXAMPLE 6

Command: Invoke-BluGenieYara -ItemToScan "$env:TEMP\AttachmentArchive.msg" -Rules 'Attachment' -RulesSource Z:\YaraRules\Email
Description: Run all Rules with Attachment in the name from a specific source, against the .MSG file in the temp direcotry
Notes:

EXAMPLE 7

Command: Invoke-BluGenieYara -ItemToScan $(Get-Process -Name notepad++ | Select-Object -ExpandProperty ID)
Description: Scan a PID
Notes:

EXAMPLE 8

Command: Invoke-BluGenieYara -ItemToScan 'AllPids'
Description: Scan all PID using all found .Yar rules
Notes:

EXAMPLE 9

Command: Invoke-BluGenieYara -ItemToScan $env:TEMP -UseCache
Description: Cache found objects to disk to not over tax Memory resources
Notes: By default the Cache location is %SystemDrive%\Windows\Temp

EXAMPLE 10

Command: Invoke-BluGenieYara -ItemToScan $env:TEMP -UseCache -RemoveCache
Description: Remove Cache data
Notes: By default the Cache information is removed right before the data is returned to the caller

EXAMPLE 11

Command: Invoke-BluGenieYara -ItemToScan $env:TEMP -UseCache -CachePath $Env:Temp
Description: Change the Cache path to the current users Temp directory
Notes: By default the Cache location is %SystemDrive%\Windows\Temp

EXAMPLE 12

Command: Invoke-BluGenieYara -ItemToScan $env:TEMP -UseCache -ClearGarbageCollecting
Description: Scan large directories and limit the memory used to track data
Notes:

EXAMPLE 13

Command: Invoke-BluGenieYara -Help
Description: Call Help Information
Notes: If Help / WalkThrough is setup as a parameter, this script will be called to setup the Dynamic Help Menu if not the normal
Get-Help will be called with the -Full parameter

EXAMPLE 14

Command: Invoke-BluGenieYara -WalkThrough
Description: Call Help Information [2]
Notes: If Help / WalkThrough is setup as a parameter, this script will be called to setup the Dynamic Help Menu if not the normal
Get-Help will be called with the -Full parameter

EXAMPLE 15

Command: Invoke-BluGenieYara -ItemToScan $env:TEMP -OutUnEscapedJSON
Description: Return a detailed function report in an UnEscaped JSON format
Notes:  The OutUnEscapedJSON is used to Beautify the JSON return and not Escape any Characters.  Normal return data is a Hash Table.

EXAMPLE 16

Command: Invoke-BluGenieYara -ItemToScan $env:TEMP -OutYaml
Description: Return a detailed function report in YAML format
Notes:  The OutUnEscapedJSON is used to Beautify the JSON return and not Escape any Characters.  Normal return data is a Hash Table.

EXAMPLE 17

Command: Invoke-BluGenieYara -ItemToScan $env:TEMP -ReturnObject
Description: Return Output as a Object
Notes:  The ReturnObject is used to return a PowerShell Object.  Normal return data is a Hash Table.
       This parameter is also used with the FormatView

EXAMPLE 18

Command: Invoke-BluGenieYara -ItemToScan $env:TEMP -ReturnObject -FormatView Yaml
Description: Output PSObject information in Yaml format
Notes:  Current formats supported by default are ('Table','Custom','CustomModified','None','JSON','OutUnEscapedJSON','CSV', 'Yaml')
       Default is set to (None) and normal PSObject.

PARAMETERS

ItemToScan

-ItemToScan <String[]>
   Description: File(s), Directory, PID, or AllPids Scan
   Notes:  If ItemToScan = "AllPids", every PID on the System will be scanned
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    1
   Default value                
   Accept pipeline input?       false
   Accept wildcard characters?  false

Rules

-Rules <String>
   Description: .Yar Rule Names (Filtered with RegEx)
   Notes:  Default is set to '.*'
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                .*
   Accept pipeline input?       false
   Accept wildcard characters?  false

RulesSource

-RulesSource <String[]>
   Description: Source path to for your .Yar Rule files
   Notes:  Default Search Paths
   			* $Env:SystemDrive\Windows\Temp
   			* %Current Script Directory%
   			* $Env:Temp
   			This scan is not recursive.
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                
   Accept pipeline input?       false
   Accept wildcard characters?  false

CompiledRules

-CompiledRules [<SwitchParameter>]
   Description: Load compiled rules
   Notes:
   Alias: 'CR'
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

ToolPath

-ToolPath <String>
   Description:
   Notes: Default is set to  $('{0}\Windows\Temp' -f $env:SystemDrive)
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                $(Join-Path -Path $ToolsDirectory -ChildPath 'Yara')
   Accept pipeline input?       false
   Accept wildcard characters?  false

Count

-Count [<SwitchParameter>]
   Description: Print only number of matches
   Notes:
   Alias: 'C'
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

Tag

-Tag <String>
   Description: Print only rules tagged as TAG
   Notes: tag=TAG
   Alias: 'T'
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                
   Accept pipeline input?       false
   Accept wildcard characters?  false

Identifier

-Identifier <String>
   Description: Print only rules named IDENTIFIER
   Notes: identifier=IDENTIFIER
   Alias: 'I'
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                
   Accept pipeline input?       false
   Accept wildcard characters?  false

Negate

-Negate [<SwitchParameter>]
   Description: Print only not satisfied rules (negate)
   Notes:
   Alias: 'N'
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

PrintTags

-PrintTags [<SwitchParameter>]
   Description: Print tags
   Notes:
   Alias: 'PT'
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

PrintMeta

-PrintMeta [<SwitchParameter>]
   Description: Print metadata
   Notes:
   Alias: 'PM'
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

MaxStringsPerRule

-MaxStringsPerRule <Int32>
   Description: Set maximum number of strings per rule (default=10000)
   Notes:
   Alias: 'MS'
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                0
   Accept pipeline input?       false
   Accept wildcard characters?  false

PrintStrings

-PrintStrings [<SwitchParameter>]
   Description: Print matching strings
   Notes:
   Alias: 'PS'
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

PrintStats

-PrintStats [<SwitchParameter>]
   Description: Print rules' statistics
   Notes:
   Alias: 'PA'
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

PrintNamespace

-PrintNamespace [<SwitchParameter>]
   Description: Print rules' namespace
   Notes:
   Alias: 'PN'
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

Threads

-Threads <Int32>
   Description: Use the specified NUMBER of threads to scan a directory
   Notes:
   Alias: 'TR'
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                0
   Accept pipeline input?       false
   Accept wildcard characters?  false

PrintStringLength

-PrintStringLength <Int32>
   Description: Print length of matched strings
   Notes:
   Alias: 'PL'
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                0
   Accept pipeline input?       false
   Accept wildcard characters?  false

MaxRules

-MaxRules <Int32>
   Description: Abort scanning after matching a NUMBER of rules
   Notes:
   Alias: 'M'
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                0
   Accept pipeline input?       false
   Accept wildcard characters?  false

Timeout

-Timeout <Int32>
   Description: Abort scanning after the given number of SECONDS
   Notes:
   Alias: 'TO'
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                0
   Accept pipeline input?       false
   Accept wildcard characters?  false

Recurse

-Recurse [<SwitchParameter>]
   Description: Recursively search directories (follows symlinks)
   Notes:
   Alias: 'R'
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

FastScan

-FastScan [<SwitchParameter>]
   Description: Fast matching mode
   Notes:
   Alias: 'F'
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

StasckSize

-StasckSize <Int32>
   Description: Set maximum stack size (default=16384)
   Notes:
   Alias: 'SS'
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                0
   Accept pipeline input?       false
   Accept wildcard characters?  false

FailOnWarnings

-FailOnWarnings [<SwitchParameter>]
   Description: Fail on warnings
   Notes:
   Alias: 'FW'
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

NoWarnings

-NoWarnings [<SwitchParameter>]
   Description: Disable warnings
   Notes:
   Alias: 'NW'
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

Version

-Version [<SwitchParameter>]
   Description: Show version information
   Notes:
   Alias: 'V'
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

CommandHelp

-CommandHelp [<SwitchParameter>]
   Description: Show the Yara command help
   Notes:
   Alias: 'CH'
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

ClearGarbageCollecting

-ClearGarbageCollecting [<SwitchParameter>]
   Description: Garbage Collection in Powershell to Speed up Scripts and help lower memory consumption
   Notes: This is enabled by default.  To disable use -ClearGarbageCollecting:$False
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

UseCache

-UseCache [<SwitchParameter>]
   Description: Cache found objects to disk.  This is to not over tax Memory resources with found artifacts
   Notes: By default the Cache location is %SystemDrive%\Windows\Temp
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

CachePath

-CachePath <String>
   Description: Path to store the Cache information
   Notes: By default the Cache location is %SystemDrive%\Windows\Temp
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                $('{0}\Windows\Temp\{1}.log' -f $env:SystemDrive, $(New-BluGenieUID))
   Accept pipeline input?       false
   Accept wildcard characters?  false

RemoveCache

-RemoveCache [<SwitchParameter>]
   Description: Remove Cache data on completion
   Notes: Cache information is removed right before the data is returned to the calling process
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

DBName

-DBName <String>
   Description: Database Name (Without extention)
   Notes: The default name is set to 'BluGenie'
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                BluGenie
   Accept pipeline input?       false
   Accept wildcard characters?  false

DBPath

-DBPath <String>
   Description: Path to either Save or Update the Database
   Notes: The default path is $('{0}\BluGenie' -f $env:ProgramFiles)  Example: C:\Program Files\BluGenie
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                $('{0}\BluGenie' -f $env:ProgramFiles)
   Accept pipeline input?       false
   Accept wildcard characters?  false

UpdateDB

-UpdateDB [<SwitchParameter>]
   Description: Save return data to the Sqlite Database
   Notes:
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

ForceDBUpdate

-ForceDBUpdate [<SwitchParameter>]
   Description: Force an update of the return data to the Sqlite Database
   Notes: By default only new items are saved.  The primary key is ( FullName )
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

NewDBTable

-NewDBTable [<SwitchParameter>]
   Description: Delete and Recreate the Database Table
   Notes:
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

Walkthrough

-Walkthrough [<SwitchParameter>]
   Description:  Start the dynamic help menu system to help walk through the current command and all of the parameters
   Notes:
   Alias: Help
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

ReturnObject

-ReturnObject [<SwitchParameter>]
   Description: Return information as an Object
   Notes: By default the data is returned as a Hash Table
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

OutUnEscapedJSON

-OutUnEscapedJSON [<SwitchParameter>]
   Description: Remove UnEsacped Char from the JSON information.
   Notes: This will beautify json and clean up the formatting.
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

OutYaml

-OutYaml [<SwitchParameter>]
   Description: Return detailed information in Yaml Format
   Notes: Only supported in Posh 3.0 and above
   Alias:
   ValidateSet:
   
   Required?                    false
   Position?                    named
   Default value                False
   Accept pipeline input?       false
   Accept wildcard characters?  false

FormatView

-FormatView <String>
   Description: Automatically format the Return Object
   Notes: Yaml is only supported in Posh 3.0 and above
   Alias:
   ValidateSet: 'Table','Custom','CustomModified','None','JSON','OutUnEscapedJSON','CSV', 'Yaml'
   
   Required?                    false
   Position?                    named
   Default value                None
   Accept pipeline input?       false
   Accept wildcard characters?  false

CommonParameters

PreviousInvoke-BluGenieWipeNextInvoke-PSipcalc

Last updated 3 years ago

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see .

about_CommonParameters