Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET

Basic Delimited Parsing using ConvertFrom-String in PowerShell 5.0

In today’s Ask the Admin, I’ll show you how to use the new ConvertFrom-String cmdlet in PowerShell 5.0 to parse simple text files, turning unstructured strings into structured data.

ConvertFrom-String provides an easy way to parse complex text files using machine learning, and while the ability to parse complex text files is one of PowerShell’s many strengths, using the SubString() method and regular expressions can involve writing a lot of code to get the desired results. Fortunately, PowerShell 5.0’s ConvertFrom-String cmdlet has two modes that can be used to make parsing text even simpler: Basic Delimited Parsing, and Auto-Generated Example-Driven Parsing.

For more information on parsing with PowerShell, see PowerShell Problem Solver: PowerShell String Parsing with Regular Expressions.

Basic parsing using ConvertFrom-String

In this example, I’m going to show you how to parse the output of the arp command, which is used to display the ARP cache, and shows the MAC addresses, and their related IP addresses, of devices that have connected to local network interfaces (NICs).

Sponsored Content

Say Goodbye to Traditional PC Lifecycle Management

Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.

Log in to Windows 10 and open a PowerShell console. In the console window, type arp –a and press ENTER.

The arp command in Windows (Image Credit: Russell Smith)
The arp command in Windows (Image Credit: Russell Smith)

In the command output, you’ll see a list of IP addresses, their related MAC addresses, and the physical address type, static or dynamic. Along with that, information about the network interface, and column headings is also given.

Now let’s write that string data to a variable ($arp), so that we can work with it in PowerShell.

Now we have captured the string in a variable, we can pipe it to the ConvertFrom-String cmdlet. But as you’ll see in the screenshot below, the results aren’t exactly perfect:
Passing data to ConvertFrom-String (Image Credit: Russell Smith)
Passing data to ConvertFrom-String (Image Credit: Russell Smith)
The output of ConvertFrom-String automatically assigns property names for each field, P1, P2, P3 etc. The –Delimiter parameter can be specified optionally, but by default the delimiting character is a white space, which is fine for use with the arp command. Because the beginning of each data sequence starts and ends with two white spaces, we need to remove them to avoid getting empty properties at the beginning and end of each data sequence, i.e. P1 and P5 are blank. That's easy to do using the Trim() substring: $arp = $arp.Trim() We'll do a little more tidying up before passing the string ($arp) to ConvertFrom-String and remove the first two lines of the output, which contain the column headings and NIC information:
Now if I pass the string to ConvertFrom-String, we should see the data sequence sorted correctly into properties:
Tidying up the string (Image Credit: Russell Smith)
Tidying up the string (Image Credit: Russell Smith)
The automatically assigned property names are not very meaningful, so ConvertFrom-String allows us to provide our own.
Adding property names (Image Credit: Russell Smith)
Adding property names (Image Credit: Russell Smith)
Additionally, let's pass the output of ConvertFrom-String to a variable so the information can be processed.
Now we can use the data from the string and put it to work in PowerShell. Here are some simple examples:
The above example lists all the data sequences in the string, but omitting the IP address. Below, I've listed the IP address for the third data sequence only.

Processing the data in PowerShell (Image Credit: Russell Smith)
Processing the data in PowerShell (Image Credit: Russell Smith)

Related Topics:


Don't have a login but want to join the conversation? Sign up for a Petri Account

Comments (0)

Leave a Reply

IT consultant, Contributing Editor @PetriFeed, and trainer @Pluralsight. All about Microsoft, Office 365, Azure, and Windows Server.
Live Webinar: Active Directory Security: What Needs Immediate Priority!Live on Tuesday, October 12th at 1 PM ET

Attacks on Active Directory are at an all-time high. Companies that are not taking heed are being punished, both monetarily and with loss of production.

In this webinar, you will learn:

  • How to prioritize vulnerability management
  • What attackers are leveraging to breach organizations
  • Where Active Directory security needs immediate attention
  • Overall strategy to secure your environment and keep it secured

Sponsored by: