PowerShell Regular Expression example

#e.g 找出日子 再轉foramat

EJ Markets：科技股拖累大市 50天線不容有失 收市分析 21-2-2022

$file.name -match '(?<name>.*) (?<date>(\d{1,2}-\d{1,2}-\d{4}))'

$newDateFormat  = [datetime]::parseexact($Matches.date,'d-M-yyyy',$null).tostring('yyyy-MM-dd')

 

# 以下是在event log 找ip 

$allevent = (Get-WinEvent -FilterHashtable @{logname='system';id=10036}).message

$result =@()

foreach($record in $allevent)

{

    $record -match '(?<name>\w+\\\w+).* (?<IP>(\d{1,3}\.){3}\d{1,3})'

    $hash =@{

        User=$Matches.name

        IP = $Matches.ip

        }

    $object =New-Object psobject -Property $hash

    $result+=$object

}

$result | sort-object ip -Unique | export-csv event_10036.csv -NoTypeInformation