Question

我想将第一个“ WDS.Device.ID”（00-15-5D-8A-44-25）（不带[]括号）放入变量中。

我尝试了一些RegEx尝试，但由于缺乏相关知识而没有成功。

PS C:\Windows\system32> $result | fl


Message : A device query was successfully processed (status 0x0):

          Input:
          WDS.Request.Type='Deployment'
          WDS.Client.Property.Architecture.Process='X64'
          WDS.Client.Property.Architecture.Native='X64'
          WDS.Client.Property.Firmware.Type='BIOS'
          WDS.Client.Property.SMBIOS.Manufacturer='Microsoft Corporation'
          WDS.Client.Property.SMBIOS.Model='Virtual Machine'
          WDS.Client.Property.SMBIOS.Vendor='American Megatrends Inc.'
          WDS.Client.Property.SMBIOS.Version='090008 '
          WDS.Client.Property.SMBIOS.ChassisType='Desktop'
          WDS.Client.Property.SMBIOS.UUID={CCD695BE-20AB-48CC-8F01-319B498F7A69}
          WDS.Client.Request.Version=1.0.0.0
          WDS.Client.Version=10.0.18362.1
          WDS.Client.Host.Version=10.0.18362.1
          WDS.Client.DDP.Default.Match=FALSE
          WDS.Device.ID=[00-15-5D-8A-44-25]
          WDS.Device.ID=[BE-95-D6-CC-AB-20-CC-48-8F-01-31-9B-49-8F-7A-69]


          Output:
          WDS.Client.Property.Architecture.Process='X64'
          WDS.Client.Property.Architecture.Native='X64'
          WDS.Client.Property.Firmware.Type='BIOS'
          WDS.Client.Property.SMBIOS.Manufacturer='Microsoft Corporation'
          WDS.Client.Property.SMBIOS.Model='Virtual Machine'
          WDS.Client.Property.SMBIOS.Vendor='American Megatrends Inc.'
          WDS.Client.Property.SMBIOS.Version='090008 '
          WDS.Client.Property.SMBIOS.ChassisType='Desktop'
          WDS.Client.Property.SMBIOS.UUID={CCD695BE-20AB-48CC-8F01-319B498F7A69}
          WDS.Client.Request.Version=1.0.0.0
          WDS.Client.Version=10.0.18362.1
          WDS.Client.Host.Version=10.0.18362.1
          WDS.Client.DDP.Default.Match=FALSE
          WDS.Client.Request.ResendAuthenticated=TRUE

Answer 1

这是另一种解决方法。假设$Result变量包含一个多行字符串，并且第一个[和第一个]正在“包围”您的目标数据。 [咧嘴]

$Result.Split('[')[1].Split(']')[0]

output = 00-15-5D-8A-44-25

Answer 2

将我的评论变成答案。
如果您显示的消息在字符串变量内（我们将其称为$message），则可以使用正则表达式来获取WDS.Device.ID的值，而无需使用括号：

$devideID = ([regex]'(?i)WDS\.Device\.ID=\[((?:[0-9a-f]{2}-){5}[0-9a-f]{2})\]').Match($message).Groups[1].Value

结果：

00-15-5D-8A-44-25

正则表达式详细信息：

WDS                Match the characters “WDS” literally
\.                 Match the character “.” literally
Device             Match the characters “Device” literally
\.                 Match the character “.” literally
ID=                Match the characters “ID=” literally
\[                 Match the character “[” literally
(                  Match the regular expression below and capture its match into backreference number 1
   (?:             Match the regular expression below
      [0-9a-f]     Match a single character present in the list below
                   A character in the range between “0” and “9”
                   A character in the range between “a” and “f”
         {2}       Exactly 2 times
      -            Match the character “-” literally
   ){5}            Exactly 5 times
   [0-9a-f]        Match a single character present in the list below
                   A character in the range between “0” and “9”
                   A character in the range between “a” and “f”
      {2}          Exactly 2 times
)                
]                  Match the character “]” literally

正则表达式中的(?i)使其不区分大小写

Answer 3

感谢您的所有帮助！我已经解决了这个问题：-）

获取变量中的事件日志消息内容

3 个答案: