Ok, I've been down on
AI (Artificial Intelligence). But it's not all negative.
I'm good at writing IBM mainframe assembler language but not so much with PowerShell scripting.
Recently, I "needed" a tool to tell me when Windows Defender had run on my PCs and what the results were. In that this was on Microsoft's Windows, I went to
copilot.microsoft.com.
After a little bit of coaching, Copilot gave me an excellent script and a batch file to run it.
Here's the output:
Here's the script:
$scanTypes = @{ '0' = 'Quick'; '1' = 'Full'; '2' = 'Custom' }
$triggers = @{ '0' = 'Unknown'; '1' = 'Scheduled'; '2' = 'Manual'; '3' = 'Real-time'; '4' = 'On-Demand'; '5' = 'Startup' }
Get-WinEvent -LogName "Microsoft-Windows-Windows Defender/Operational" -MaxEvents 100 |
Where-Object { $_.Id -eq 1001 } |
ForEach-Object {
$xml = [xml]$_.ToXml()
$data = $xml.Event.EventData.Data
[PSCustomObject]@{
TimeCreated = $_.TimeCreated
ScanType = $scanTypes[$data[3].'#text']
Trigger = $triggers[$data[5].'#text']
Threats = $data[10].'#text'
}
} | Format-Table -AutoSize
Read-Host "Press Enter to exit"
Here's the batch file:
powershell -NoExit -ExecutionPolicy Bypass -File "DefenderScanSummary.ps1"
That worked so well that I tried again.
I use Drive Snapshot to
backup my systems. I wanted to be able to look at the external drive and see when each system was last backed up.
So I went back to Copilot.
$usbDrive = "E:\" # Change this to match your USB drive letter
$report = @()
# Get all system folders
$systemFolders = Get-ChildItem -Path $usbDrive -Directory
foreach ($folder in $systemFolders) {
$systemName = $folder.Name
$backupFiles = Get-ChildItem -Path $folder.FullName -Filter *.sna -File -ErrorAction SilentlyContinue
$logFiles = Get-ChildItem -Path $folder.FullName -Filter *.log -File -ErrorAction SilentlyContinue
# Get most recent backup
$latestBackup = $backupFiles | Sort-Object LastWriteTime -Descending | Select-Object -First 1
# Determine backup type from last 3 characters before .sna
$latestType = "Unknown"
if ($latestBackup) {
$baseName = $latestBackup.BaseName
if ($baseName.Length -ge 3) {
$suffix = $baseName.Substring($baseName.Length - 3)
switch ($suffix.ToLower()) {
"ful" { $latestType = "Full" }
"dif" { $latestType = "Differential" }
}
}
}
$latestDate = if ($latestBackup) { $latestBackup.LastWriteTime } else { "None" }
# Calculate total size of backups
$totalSizeMB = if ($backupFiles) {
($backupFiles | Measure-Object Length -Sum).Sum / 1MB
} else {
0
}
# Check for errors in logs
$errors = @()
foreach ($log in $logFiles) {
$logContent = Get-Content $log.FullName -ErrorAction SilentlyContinue
$logErrors = $logContent | Select-String -Pattern "error|failed|exception" -CaseSensitive
if ($logErrors) {
$errors += "$($log.Name): $($logErrors.Count) issues"
}
}
$report += [PSCustomObject]@{
System = $systemName
LatestBackup = if ($latestBackup) { "$($latestDate) ($latestType)" } else { "No backups found" }
TotalSizeMB = [math]::Round($totalSizeMB, 2)
Errors = if ($errors) { $errors -join "; " } else { "None" }
}
}
# Display the report in PowerShell output
$report | Format-Table -AutoSize
So the AI tools aren't completely useless!
