PowerShell Scripts by Copilot

Ok, I've been down on AI (Artificial Intelligence). But it's not all negative.

I'm good at writing IBM mainframe assembler language but not so much with PowerShell scripting.

Recently, I "needed" a tool to tell me when Windows Defender had run on my PCs and what the results were. In that this was on Microsoft's Windows, I went to copilot.microsoft.com.

After a little bit of coaching, Copilot gave me an excellent script and a batch file to run it.

Here's the output:

Here's the script:

$scanTypes = @{ '0' = 'Quick'; '1' = 'Full'; '2' = 'Custom' }

$triggers  = @{ '0' = 'Unknown'; '1' = 'Scheduled'; '2' = 'Manual'; '3' = 'Real-time'; '4' = 'On-Demand'; '5' = 'Startup' }

Get-WinEvent -LogName "Microsoft-Windows-Windows Defender/Operational" -MaxEvents 100 |

  Where-Object { $_.Id -eq 1001 } |

  ForEach-Object {

    $xml = [xml]$_.ToXml()

    $data = $xml.Event.EventData.Data

    [PSCustomObject]@{

      TimeCreated = $_.TimeCreated

      ScanType    = $scanTypes[$data[3].'#text']

      Trigger     = $triggers[$data[5].'#text']

      Threats     = $data[10].'#text'

    }

  } | Format-Table -AutoSize

Read-Host "Press Enter to exit"

Here's the batch file:

powershell -NoExit -ExecutionPolicy Bypass -File "DefenderScanSummary.ps1"

That worked so well that I tried again.

I use Drive Snapshot to backup my systems. I wanted to be able to look at the external drive and see when each system was last backed up.

So I went back to Copilot.

Here's the script:

$usbDrive = "E:\"  # Change this to match your USB drive letter

$report = @()

# Get all system folders

$systemFolders = Get-ChildItem -Path $usbDrive -Directory

foreach ($folder in $systemFolders) {

    $systemName = $folder.Name

    $backupFiles = Get-ChildItem -Path $folder.FullName -Filter *.sna -File -ErrorAction SilentlyContinue

    $logFiles = Get-ChildItem -Path $folder.FullName -Filter *.log -File -ErrorAction SilentlyContinue

    # Get most recent backup

    $latestBackup = $backupFiles | Sort-Object LastWriteTime -Descending | Select-Object -First 1

    # Determine backup type from last 3 characters before .sna

    $latestType = "Unknown"

    if ($latestBackup) {

        $baseName = $latestBackup.BaseName

        if ($baseName.Length -ge 3) {

            $suffix = $baseName.Substring($baseName.Length - 3)

            switch ($suffix.ToLower()) {

                "ful" { $latestType = "Full" }

                "dif" { $latestType = "Differential" }

            }

        }

    }

    $latestDate = if ($latestBackup) { $latestBackup.LastWriteTime } else { "None" }

    # Calculate total size of backups

    $totalSizeMB = if ($backupFiles) {

        ($backupFiles | Measure-Object Length -Sum).Sum / 1MB

    } else {

        0

    }

    # Check for errors in logs

    $errors = @()

    foreach ($log in $logFiles) {

        $logContent = Get-Content $log.FullName -ErrorAction SilentlyContinue

        $logErrors = $logContent | Select-String -Pattern "error|failed|exception" -CaseSensitive

        if ($logErrors) {

            $errors += "$($log.Name): $($logErrors.Count) issues"

        }

    }

    $report += [PSCustomObject]@{

        System       = $systemName

        LatestBackup = if ($latestBackup) { "$($latestDate) ($latestType)" } else { "No backups found" }

        TotalSizeMB  = [math]::Round($totalSizeMB, 2)

        Errors       = if ($errors) { $errors -join "; " } else { "None" }

    }

}

# Display the report in PowerShell output

$report | Format-Table -AutoSize

So the AI tools aren't completely useless!