Use -notlike to filter out multiple strings in PowerShell

Question

I m trying to read the event log for a security audit for all users except two  but is it possible to do that with the -notlike operator   It s something like that   Get-EventLog -LogName Security   where     UserName -notlike     user1    user2      I have it working for a single user  like   Get-EventLog -LogName Security   where     UserName -notlike   user1

User · Answer

don t use -notLike  -notMatch with Regular-Expression works in one line   Get-MailBoxPermission -id newsletter         User -NotMatch  NT-AUTORIT     -Admins   Administrators   Manage

User · Answer

In order to support  matches any of      scenarios  I created a function that is pretty easy to read  My version has a lot more to it because its a PowerShell 2 0 cmdlet but the version I m pasting below should work in 1 0 and has no frills   You call it like so   Get-Process   Where-Match Company -Like   VMWare     Microsoft   Get-Process   Where-Match Company -Regex   Microsoft     filter Where-Match  Selector  String    Like  String    Regex         if   Selector -is  String      Value       Selector       elseif   Selector -is  ScriptBlock      Value    amp  Selector       else   throw  Selector must be a ScriptBlock or property name         if   Like Length            foreach   Pattern in  Like                if   Value -like  Pattern    return                           if   Regex Length            foreach   Pattern in  Regex                if   Value -match  Pattern    return                          filter Where-NotMatch  Selector  String    Like  String    Regex         if   Selector -is  String      Value       Selector       elseif   Selector -is  ScriptBlock      Value    amp  Selector       else   throw  Selector must be a ScriptBlock or property name         if   Like Length            foreach   Pattern in  Like                if   Value -like  Pattern    return                        if   Regex Length            foreach   Pattern in  Regex                if   Value -match  Pattern    return                        return

User · Answer

Easiest way I find for multiple searches is to pipe them all  probably heavier CPU use  but for your example user   Get-EventLog -LogName Security   where     UserName -notlike   user1      where     UserName -notlike   user2

User · Answer

Yep  but you have to put the array first in the expression         where      user1   user2   -notlike    username     -Oisin

User · Answer

Using select-string   Get-EventLog Security   where     UserName   select-string -notmatch user1 user2

User · Answer

Scenario  List all computers beginning with XX1 but not names where 4th character is L or P  Get-ADComputer -Filter   name -like  XX1       Select Name   Where      name -notlike  XX1L   -and    name -notlike  XX1P       You can also count them by enclosing the above script in parens and adding a  count method like so    Get-ADComputer -Filter   name -like  XX1       Select Name   Where      name -notlike  XX1L   -and    name -notlike  XX1P      count

User · Answer

listOfUsernames      user1    user2    etc    and so on   Get-EventLog -LogName Security        where      Username -notmatch                  string   Join         listOfUsernames             It s a little crazy I ll grant you  and it fails to escape the usernames  in the unprobable case a username uses a Regex escape character like     or        but it works   As  slipsec  mentioned above  use -notcontains if possible

User · Answer

I think Peter has the right idea   I would use a regular expression for this along with the -notmatch operator   Get-EventLog Security        Username -notmatch   user1     user

User · Answer

V2 at least contains the -username parameter that takes a string    and supports globbing   V1 you want to expand your test like so   Get-EventLog Security        UserName -notlike  user1  -and    UserName -notlike   user2     Or you could use  -notcontains  on the inline array but this would only work if you can do exact matching on the usernames              user1   user2   -notcontains    username

[powershell] Use -notlike to filter out multiple strings in PowerShell

Examples related to powershell