Overview

This function runs Netstat -ano on a local or remote system and filters the results by process name, address, port, protocol or state if specified.  Process names are pulled for each PID using get-process.

If a remote system is specified a text file is generated on the remote file system and parsed on the local system.  You must have appropriate access on the remote system in order to execute a process remotely, run netstat, and connect to the file system.

The vast majority of credit goes to Shay Levy who built the underlying script.  This simply adds a layer to query a remote system.  Thanks to The One True Chris and his function for ideas on using WMI to run netstat remotely.

Dependencies

Instructions

The PS1 file here contains a function.  You can either add this function to a profile or module of your own, copy and paste the code to your current session, or dot source it like this: ."\\path\to\Get-NetworkStatistics.ps1".

Once the function is available, use it as desired;

 

PowerShell
Edit|Remove
#dot source the script (or add to your profile or a custom module): 
. "\\path\to\Get-NetworkStatistics.ps1" 
 
#Run Get-NetworkStatistics against exampleComputer, format results in an autosized table 
Get-NetworkStatistics -computername exampleComputer | Format-Table -autosize 
 
#Get help on Get-NetworkStatistics 
Get-Help Get-NetworkStatistics -Full 
 
#Run get-networkstatistics against k-it-thin-02.  Show only results for the Chrome process.  If possible, show host names rather than IP addresses.  Format in a table. 
Get-NetworkStatistics chrome -computername k-it-thin-02 -ShowHostNames | Format-Table 
 
#Get all processes in the listening state using TCP 
Get-NetworkStatistics -State LISTENING -Protocol tcp

Examples:



 

 

Changes