powershell_execution

Execute a Powershell command, script or binary, and parse its output to define success, repair or error status.

⚙️ Compatible targets: Windows

Parameters

NameDocumentation
commandCommand or script to execute.

This parameter is required.
successRegexString or regular expression to compare the output with to define success.

This parameter is optional.
repairedRegexString or regular expression to compare the output with to define repair.

This parameter is optional.

Example

method: powershell_execution
params:
  command: VALUE
  successRegex: OPTIONAL_VALUE
  repairedRegex: OPTIONAL_VALUE

Documentation

Execute either a command, a script or a binary - it supports piping. If the execution succeed, it parses the output as a string. It the output contains the successRegex, it defines a success, else if the output contains the repairRegex, it defines a repair, else it defines an error. successRegex and repairRegex are both optional, but at least one must be defined otherwise the method will always return an error.

Examples:

To return success if process explorer is running, the command parameter needs to be

Get-Process | ForEach { ${const.dollar}_.ProcessName }

as the output of the command is a toString() on the generated objects, so you need to extract the relevant data. And the successRegex needs to be explorer.

Note: the regular expression/string to compare to the output are case insensitive and not anchored.

Note: powershell scripts exiting with a non-zero exit code will always result in an error

Note: the $ need to be escaped, otherwise $_ is evaluated at runtime