Information Technology Archives - Page 5 of 26

Ladder With Docker

by David | Jan 22, 2024 | Deployments, Information Technology

The other day I was searching for a piece of code for work. One of the links I clicked was geo locked to the EU only. Which threw me off. I didn’t have a VPN on the computer. So what do you do? We use a web proxy. Last week we talked about a reverse proxy. A web proxy is a website that you can use to look like you are from that site’s hosts. Most of the bigger sites will block you from using a web proxy, but simple sites have no idea. Everywall built a simple web proxy that we can use in docker. This is where we get to use Ladder with Docker.

What is Ladder

Ladder is a web proxy. So, when you install this inside your homelab, or wherever you can with docker, you can enter a url into the link and it will take you there from that machine. The example above, my ladder install had to be on a machine in the EU for me to access the site. Fun part is, I had a box in the EU to work with. A web proxy works by being in the middle. When you enter your url you wish to go to, the web proxy acts like the browser and sends the request from itself. Then it brings that information back to you and displays it. Ladder appends the link to the back of it’s url. This way you can edit the url if need be. So, if you go to “Therandomadmin.com” while using your ladder, it will think you are coming from the ladder instead of your browser. You could be at work, using your ladder to view the rest of the world. Thus, you can see things from your home. Yes, this can get around filters.

How Do you install Ladder

I have Ladder with Docker. First thing first, always check out the official documentation, you can do that here. We will be using our reverse proxy from our previous blog post, here. Docker is going to be our go to here. First, we need to log into our server using ssh. Once you get into your server, navigate to where you are holding all your docker folders. Next, you will need to use the mkdir command and make a folder called ladder. Then CD into it.

mkdir ladder
cd ladder

Now, inside the “ladder” folder, we want to create a compose file. Now we are in the folder. It’s time to build the compose file by using the nano command. We want to build a “docker-compose.yml” file.

nano docker-compose.yml

You will be brought into the editor where you can write the docker file. You can simply copy the information below and past it into the text file.

version: '3'
services:
  ladder:
    image: ghcr.io/everywall/ladder:latest
    container_name: ladder
    restart: unless-stopped
    environment:
      - PORT=8080
      - RULESET=/app/ruleset.yaml
    ports:
      - "8080:8080"
    volumes:
      - ./ruleset.yaml:/app/ruleset.yaml
      - ./handlers/form.html:/app/form.html

To save, all you have to do is press ctrl and x and follow the prompts.

Breakdown of the Yml

Like before, we are starting off with version 3 of docker. Our service is called ladder, and the image is from ghcr.io. Everywall is the company and ladder is the image name. We are grabbing the latest. The container’s name will be ladder. We will set the restart to always restart unless we stop it. This will allow it to survive a reboot. Next, we will be using the environmental flags. We want to use our port 8080 and have our ruleset accordingly. Later we can build a unique rule set. Then we want to select our ports. The system port will be 8080, we can change this to whatever we want. The image port is 8080. Finally, we build our volume. We need a /app/ruleset.yaml and a /app/form.html. Ladder has additional options, and you can find that information from the official documentation. Of course, you will need to start the Image. Do so by using the docker compose commands with the d flag.

docker-compose up -d
 
# If using docker-compose-plugin
docker compose up -d

Now navigate to your http:<ip address>:8080 and confirm the site is up and running.

Pointing your Reverse Proxy to your Ladder with Docker

Now, we want to point our reverse proxy we made in the last post to our ladder. Lets follow these steps:

Navigate to your reverse proxy and log in
Click On the dashboard button if you not already brought to it.
Click “Proxy Hosts”
Click “Add Proxy Host”
Enter your name for the ladder. Remember to have the DNS already setup for this.
Enter the IP address you wish to forward to.
Enter your port, in this case it will be 8080
Select “Websocket support”

If you want to have a custom SSL for this site, Complete by doing the next.

Click SSL
Under SSL Certificate, select request a new SSL Certificate.
Enter your email address and check the agree to the let’s encrypt terms and service.
Click Save

If your DNS is pointing, and your Ladder is working, your system will be assigned a SSL. Now, your ladder is ready to go. I hope you enjoy.

What can we learn as a person today?

As you see in this post, it builds on the last post. Most of our lives have been built on something from our past. I know powershell really well. Now imagine, if I suddenly couldn’t read. All those skills would be gone. Our minds are built on stages of knowledge and skill sets. Inside the brain, there is a network that is more complex then the world’s road systems. If you are studying something that that really has no usefulness right this minute, it may a few years down the road because Knowledge builds upon itself. I didn’t know why I was studying virtual hosts for redhat servers back in the day. Now you are reading my blog. Sometimes the knowledge is wasted space or damaging. Those are still there, but they are like the awkward emails, they go to trash at some point. As a person, you can choose to build on your skills and grow any way you choose.

Reverse Proxy on Docker

by David | Jan 15, 2024 | Deployments, Information Technology

Over the past year, I have started rebuliding my home lab. One thing about a home lab is you want very little entries into your network. I split off my home lab from my main network using a pfsense firewall. The home network only has 2 ports open on it. That’s 80 and 443. Everything runs through those ports. The whole lab is based on docker. This way I can run mulitple objects on different ports. For example, I have 3 wordpress living on one server. These are for development tests and so on and so forth. The question that needs to be answered is how do I get to those services outside the network? This is where a Reverse Proxy on Docker comes into play.

What is a Reverse Proxy?

Imagine walking into a massive building with hundreds of offices. There are no maps on the wall. The doors have no names and there is no glass to look through each door. All that lives on each door is a number. So, how would you find anything in that building? Well, there is a receiptionist at the front with a security guard. If you ask the receiptionist to see Dr Ross Geller, they will look at their charts. If Dr Ross Geller doesn’t work there. They will look up at you and say nothing. You get no feed back and you can go past that point without the security gaurd’s keys. Even if you got the keys, the lights are off and you need the recipionists keys for the lights.

Now, if Dr Ross Geller is there, She will grab the security guard and whisper the room number into their ear. Then, the guard will hand cuff you to himself and walk you to the office in the dark. Once at the door, he will pat you down for common weapons then open the door for you and you can walk into the meeting with Dr Ross Geller. Remember to PIVOT!

This is how a reverse proxy works. They are the gate keepers of the network. When something comes in on port 80 or 443, the reverse proxy will that the DNS name and check it’s register. If it has the DNS name, it then forwards you to the local port. It doesn’t tell the user about any other active ports. Many proxies will block common exploits and even work with your SSLs.

Ngnix Reverse Proxy Manager

We are going to be working with Ngnix Reverse Proxy Manager. Ngnix Reverse Proxy Manager is a docker friendly reverse proxy that gives you a beautiful ui to work with. Along with connecting to Let’s Encrypt to give you free ssls, it also allows multiple users, redirects, custom 404 pages, streaming services, and more. The Graphical interface helps keep management sustainable.

Install on Docker

We are going to assume you have docker installed on your system. If you do not, you can read on how to do it here and you can learn how to install docker compose here. Nginx proxy Manager has their quick guide that you can read here. This next steps below will match up to this documentation with a few small changes.

The First step is to setup your docker folders. I am in the camp of using a folder for each service. After logging in with SSH we want to make a directory using the mkdir command.

mkdir ReverseProxyManager
cd ReverseProxyManager

Now inside the “ReverseProxyManager” folder we want to create a compose file. On Ubuntu, my server of choice for this, we will use the built in editor, nano. I am a nano fan, some like vi, some like vim. That is a debate for other people. I suggest using what you have access to. So run the nano command and build a “docker-compose.yml” file.

nano docker-compose.yml

This will drop you into a text file. Copy the blow information and past it into the text file.

version: "3.8"

services:
  proxy-manager:
    image: 'jc21/nginx-proxy-manager'
    restart: unless-stopped
    ports:
      - '80:80'
      - '81:81'
      - '443:443'
    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt
    environment:
      DB_SQLITE_FILE: "/data/database.sqlite"
      DISABLE_IPV6: 'true'

To save, all you have to do is press ctrl and x and follow the prompts.

Breakdown of the Yml

Here we ahve the service manager making a service called proxy-manager. We are using the offical Reverse proxy for Docker through jc21. We tell it to continue running until someone stops it. Then we tell it the ports we want. Here we want 80, 81, and 443. 81 will be your management port and should only be accessiable internally. The other two will be for the data coming in. Next we have the volumes. We need a data folder. Using ./ to indicate the folder this yml file lives in. We also want a place for the lets encrypt. Finally we are using enviromental tags. Having a sqlite server allows you to do more than without it. Finally, I disable IPv6 because I don’t use IPv6, yet. I will one day.

Starting The Docker

The next step is to start the docker. There is a way to test by using docker-compose up, but it freezes your terminal. adding the -d will make what the docker-compose up perment and give you back your terminal.

docker-compose up -d

# If using docker-compose-plugin
docker compose up -d

now the stack is up and running. The next step is to navigate to the ip address of the server. you can use the ip a to grab the ip address from the server. When you access the Url, you will see the below. Enter the below information.

URL: http://<serverIPAdddress>:81
Email: admin@example.com
Password: changeme

It will prompt you to change your password. Make sure you do that.

What can we learn as a person from Reverse Proxies?

In our lives, we have many different parts of ourselves. What’s interesting about these parts is we don’t know all of them. Imagine the reciptionist from our example above being your sub countinous mind. It knows all the parts of you and can direct you to those parts. But to get to the sub countinous mind, you have to go through the body. Imagine trying to walk into a building and the door handle says push, but every time you push it, it doesn’t open. Many people get mad and give up. The truth behind the door is a pull. Our brains don’t like being pushed, instead they like us to sit and pull them to us. Calm brings the sub countinous to the surface as it changes the state of our minds to allow the sub countinous to communicate back. Once that is achived, you will have access to some of the darkest parts of your mind.

Almost every religion has some reference to being still. In our busy world, being still is like dealing with an alien language. Being still allows you to communicate with your body. It allows you to know who you are and be able to sit with that knowledge. Without that stillness, we end up burning ourselves on our internal fire. This is why vacation times are so important in companies. Companies who give poor vaction time sees a higher turn over because their people don’t have a chance to commucate with themselves and enjoy thierselves.

Over the next week, take moments where you can be still with your thoughts and become aware of yourself. You may see that your internal proxy is hiding some dark secreats that are leaking out in verious of way.

Building Parameters for Commands

by David | Jan 9, 2024 | Information Technology, PowerShell

One of my favorite things with powershell is building out splat parameters for commands through the main parameter set. Today we are going to go over how that is done. We are going to do this through the Get-childitem and get-ACL. These are some mighty commands and they can help you find permission gaps quickly and easily. Let us Building Parameters for Commands together.

The Script

Function Get-ACLInfos {
    [cmdletbinding()]
    param (
        [string]$FilePath,
        [switch]$Recurse,
        [switch]$Directory,
        [switch]$File,
        [string]$Filter,
        [string]$Username
    )
    begin {
        if (!(Test-Path -Path $FilePath)) {end}
        $Param = @{
            Path = $FilePath
        }
        if ($Recurse) {$Param | Add-Member -MemberType NoteProperty -Name "Recurse" -Value $true}
        if ($Directory) {$Param | Add-Member -MemberType NoteProperty -Name "Directory" -Value $true}
        if ($File) {$Param | Add-Member -MemberType NoteProperty -Name "File" -Value $true}
        if ($PSBoundParameters.ContainsKey($Filter)) {$Param | Add-Member -MemberType NoteProperty -Name "Filter" -Value "$Filter"}
    }
    process {
        $Items = Get-ChildItem @Param 
        $ACLinfo = foreach ($item in $Items) {
            $ACLs = (Get-Acl -Path $item.FullName).access
            foreach ($ACL in $ACLs) {
                [pscustomobject][ordered]@{
                    Path = $item.FullName
                    FileSystemRight = $ACL.FileSystemRights
                    AccessControlType = $ACL.AccessControlType
                    IdentityReference = $ACL.IdentityReference
                    IsInherited = $ACL.IsInherited
                    InheritanceFlags = $ACL.InheritanceFlags
                    PropagationFlags = $ACL.PropagationFlags
                }
            }
        }
    }
    end {
        if ($PSBoundParameters.ContainsKey('Username')) {
            $ACLinfo | Where-Object {$_.IdentityReference -contains $Username}
        } else {
            $ACLinfo
        }
    }
}

Building Parameters for Commands

This script is simple, it allows you to grab a directory’s ACL recursively. However, how it does it is kind of cool. Get-Childitem has so many different options, but using it within a function can take some of that power away. So, by passing the parameters that we want at the top level allows us to give that power back to the get-childitem. However, this could lead to a lot of if statements. Instead, we are going to build a splat parameter for our commands. I have covered splats in a previous blog post, but I wanted to point them out to express how much power they do have.

The Power of Splat

Splatting is a method in which you can build a parameter set for a command. The amazing part of splatting is the splat is a powershell object. This means you can add to it after the initial splat is started. To start a splat all one has to do is declare a variable with an object attached. The variable is declared with the $ and the object is a simple at symbol followed by curly brackets with an equal sign nestled in the middle. We can use objects anywhere in powershell. A custom PS object is the same way. If you wanted to, you can declare the object and give it an order with [pscustomobject][order]. However, that’s not always the best option as orders cause issue if things are not in that order later down the road.

$Param = @{}

At this point the powershell object is empty. From here we can start building parameters for our object. To do that we are going to use the add-member command. In our example, we are working with true and false statements. Our function parameters are mostly switches. I threw in some strings as well to give you examples of how to build with a string. The first check is to see if we have a recursive. This is simple to do. We ask if the recurse is true. Then we add the member.

$Param = @{
    Path = $FilePath
}
if ($Recurse) {$Param | Add-Member -MemberType NoteProperty -Name "Recurse" -Value $true}

Building the Splat

The add-member starts us down the path of building our splat. The Add-member can give us a lot of different options on which way we want to add things. Here, we need to add the recurse flag to get-childitem. This is a note property inside the command. The best way I see note properties is a name with a value. That value can be null. Here we are adding the “Recurse” name and giving it a value of the boolean true. Thus, when we drop the splat into the command, the command will see a flag of recurse. We do this same method with the rest. Directory is a flag, and so is file.

Unlike the last three, the filter parameter is a string. We are going to use the same method using the note property. We want to give the name as a filter and the value will be our value from our command line. The difference here is we want to place that filter in a string. The next part of the filter is how we test the filter. Instead of doing a simple check to see if the value is true, we need to check the parameters. This is done through the value $PSboundParameters. We want to see which keys the power shell bound parameters are holding. What this means is when you do get-command -something “bob” we want to know if something exists. Then we are going to use that’s something, aka bob.

$Param = @{
            Path = $FilePath
        }
        if ($Recurse) {$Param | Add-Member -MemberType NoteProperty -Name "Recurse" -Value $true}
        if ($Directory) {$Param | Add-Member -MemberType NoteProperty -Name "Directory" -Value $true}
        if ($File) {$Param | Add-Member -MemberType NoteProperty -Name "File" -Value $true}
        if ($PSBoundParameters.ContainsKey($Filter)) {$Param | Add-Member -MemberType NoteProperty -Name "Filter" -Value "$Filter"}

Finishing the Splat

The next step is to use the splat. Which is very easy to do. To use a splat, instead of using the dollar sign, all you need to do is use the at symbol and the parameter. The Command should not have any other flags set as it all lives inside the splat. Building a parameter splat is super easy and makes life easier in the long run.

$Items = Get-ChildItem @Param

What can we learn as a person from splatting

As we go through our lives, we are a representation of a splat. We start off with a few things and over time we add and remove aspects from ourselves. Others add and remove aspects of us as well. Growing up in school, teacher pours so much of their selves into their students. As we get older, we have to do the same for ourselves. We have to add the note properties to our lives, or we will always stay the same. Today you add-member -membertype noteproperty “Splatting” -value “dang it’s cool” to yourself. Unlike a computer though, we have to practice to bring it close to ourselves. We have to conceptualize the idea.

As you go through life, you have to depend on your own splat. Not enjoying that splat, means you have to work on it. It takes action to do so. The thing that stops most people from taking that action is fear of the unknown or fear of dealing with the pain. As someone who has been working on himself for many years now, I can safely say, it’s ok not to be ok. It’s ok not to enjoy parts of your splat, but overall, your splat is who you are. So go out into this world and put your @ on things. Change up that splat if you don’t like parts of it. Just enjoy being yourself.

Additional Resources

Read Radius Logs With PowerShell

by David | Sep 1, 2023 | Information Technology, PowerShell, Resources

Recently, I have been troubleshooting radius. Radius hasn’t changed in decades. I say this lightingly too. The network policy server is a feature that helps with connecting things like unifi wifi and more. Each radius connection produces a reason code. Today we want to look through the radius logs and get as much useful information without screaming at the screen. Radius logs are a little daunting. This is why many people use an SQL server for the radius logs. However, if you are not one of those people who can do this, the traditional radius logging works wonders. So, we will read radius logs with PowerShell.

Radius Logging

Before we start, we need to know what we are dealing with. The standard location for readius logs is: C:\Windows\System32\LogFiles. You can change this location as you see fit. I personally changed my locations to a c:\logs\radius location. This helps me find it quicker and generally, I don’t have trouble guessing what is what. You can set the radius log location by doing the following:

Start Network Policy Server
Click account
Under Log File Properties click Change Log File Properties
A box will pop up called “Log File Properties” Click on the “Log File” tab.
This is where you can change your directory.
Change your Format to DTS Compliant. As this script works best with it.
I personally like smaller files when I am working with log searches. So I select the “When log file reaches this size:” I select 1 – 5 MB.
Click ok

Now your log files will live wherever you told them. You will need to change the script around a little if you are using a different location than me.

The Script and Breakdown

$NPSLogs = Get-content -Path "C:\Logs\Radius\IN2308.log" | Select-Object -Last 6
foreach ($NPSLog in $NPSLogs) {
    [pscustomobject][ordered]@{
        TimeStamp = ([xml]$NPSLog).event.Timestamp.'#text'
        ComputerName = ([xml]$NPSLog).event.'Computer-Name'.'#text'
        Sources = ([xml]$NPSLog).event.'Event-Source'.'#text'
        Username = ([xml]$NPSLog).event.'User-Name'.'#text'
        CalledStationId = ([xml]$NPSLog).event.'Called-Station-Id'.'#text'
        CallingStationId = ([xml]$NPSLog).event.'Calling-Station-Id'.'#text'
        NasPortType = ([xml]$NPSLog).event.'NAS-Port-Type'.'#text'
        NasIdentifier = ([xml]$NPSLog).event.'NAS-Identifier'.'#text'
        NasPort = ([xml]$NPSLog).event.'NAS-Port'.'#text'
        ClientIPAddress = ([xml]$NPSLog).event.'Client-IP-Address'.'#text'
        ClientVendor = ([xml]$NPSLog).event.'Client-Vendor'.'#text'
        ClientFriendlyName = ([xml]$NPSLog).event.'Client-Friendly-Name'.'#text'
        ProxyPolicyName = ([xml]$NPSLog).event.'Proxy-Policy-Name'.'#text'
        ProviderType = ([xml]$NPSLog).event.'Provider-Type'.'#text'
        SamAccountName = ([xml]$NPSLog).event.'SAM-Account-Name'.'#text'
        FQUsername = ([xml]$NPSLog).event.'Fully-Qualifed-User-Name'.'#text'
        AuthType = ([xml]$NPSLog).event.'Authentication-Type'.'#text'
        Class = ([xml]$NPSLog).event.Class.'#text'
        PacketType = ([xml]$NPSLog).event.'Packet-Type'.'#text'
        ReasonCode = ([xml]$NPSLog).event.'Reason-Code'.'#text'
        TunnelClientEndpt = ([xml]$NPSLog).event.'Tunnel-Client-Endpt'.'#text'
    }
}

As you can tell, this script needs to be used on the server in question. However, You could wrap this script into a nice wrapper. That would allow you to execute on remote machines. The breakdown is very simple on this one as well. DTS is an XML format. Thus, you just need to use the [XML] before any of the lines. The XML is formatted with the event, it’s name, and the text. It’s a very simple setup. From there I select what I want and give it in a pscustom object. That’s it. Its a very simple setup. That’s why we should always read radius logs with Powershell.

Speedtest To Ninja

by David | Jul 28, 2023 | Information Technology, RMM Tools

In a previous blog, we discussed doing a speed test on a computer using PowerShell. Let’s take that script and expand on it with three lines of code and some prep time. This will allow us to update items inside our Ninja One RMM tool. So we can push a Speedtest To Ninja One.

What’s Ninja One?

Ninja One is an amazing RMM tool. I have used many different ones over the years and Ninja one blows my mind. it has a strong community behind it and it keeps growing. It’s the only rmm tool that isn’t afraid to make mistakes and grow. When in used continuum, I saw many times, largely requested items went to the void. While in ninja, It never goes to the void. So, if you are looking for a Good RMM, Ninja One is amazing. With that said, let’s go deep into custom fields and how to set them up for script inputs.

Ninja One Custom Fields

There are currently two ways to make a custom field for a computer. The first is global. This means all companies, roles, and devices will have them. The other way is through the roles. Both options live under the Administration > Devices. Today we are going to setup a Role Custom Field. We are going this route because we don’t want the isp speed check information for internal servers and such.

Click Administration
Click Devices
Click Role Custom Fields
Click The Add Button
Click Fields

This next part is important. The label is the text that you will read. The Name is what will be used to call the field later. The field type is what you will make it. For example, multi text, text, date, etc… The first custom field will be the following:

Label: ISP
Name: isp
Type: text

When you click create, the next window will appear. This window is more important. This is where you can choose to allow scripts, APIs and more. If you are planning to allow your technicians to edit this field, then set the technician to editable. The next is script. This is where the script comes into play. This allows the Ninja command line interface to push the Speedtest to Ninja. It has to be at least write for it to work. Next, is the API option. If you are planning to do some special API stuff, this is where you give your field permissions for the APIs. The label is just a label, the description is just a description, the tooltip allows you to give context, the footer text is just that, footer text and finally, you can make it required.

Speedtest to Ninja One

Follow the same steps to create the DownloadSpeed, and UploadSpeed fields. You want them both to be text and you want the script to be at least write. Now, if you have done all that, you are ready to add the ninja command line to the speed test script. This is going to be shockingly easy. The first step is to put your return into a return variable.

$returnInfo = [PSCustomObject]@{
    Server     = $server
    ISP        = $ISP
    Download   = $DownloadSpeed
    Upload     = $uploadSpeed
    ResultsURL = $SpeedTestURL
}

Once you have a returnable variable, let’s pass them into the Ninja One command line interface. First notice the PowerShell module name is NJCLiPSh. The commands all start with Ninja. If you want to dig deeper, you can read up on the Ninja One documentation. I will place additional resources at the end.

The command we are going to be using to update our custom fields is “Ninja-Property-Set”. This command will allow us to set any “script” enabled property. It’s as simple as stating the name and value. The auth from the computer will confirm everything is right and update only that device’s property. It’s amazingly simple.

Ninja-Property-Set isp $returnInfo.ISP
Ninja-Property-Set DownloadSpeed $returnInfo.Download
Ninja-Property-Set uploadspeed $returnInfo.Upload

There are many more things you can do with this script. After building out the Speedtest script, I found out someone else did it better. Which is normal and ok. Check out Mikey O’Toole’s exploring into custom fields, here. He goes through different ways to address the custom fields.

Speed test with PowerShell

by David | Jul 17, 2023 | Information Technology, PowerShell

Often times I need to run a speed test on a remote machine. Doing a speed test tends to help you understand what’s going on with the end user’s computer. For example, currently, my ISP is having issues. I am getting around 6mbps down and 75 Mbps up. If I called in and said I couldn’t watch training videos… that’s why. so it’s essential to know the speeds. That’s why we want to do a speed test with Powershell.

The Script

#Tests if C:Temp Exists, If it doesn't, makes it. 
$CTemp = "c:\Temp"
if (!(Test-Path $CTemp)) { New-Item -Path "c:\" -Name Temp -ItemType Directory }
if (!(Test-Path "$CTemp\SpeedTest")) { New-Item -Path "c:\" -Name Temp -ItemType Directory }

#Download the Speed Test Tool. 
$URL = "https://install.speedtest.net/app/cli/ookla-speedtest-1.0.0-win64.zip"
$DownloadPath = "$CTemp\SpeedTest.Zip"
if (!(Test-Path $DownloadPath)) { Invoke-WebRequest -Uri $URL -OutFile $DownloadPath }

#Expand the Zip File
Expand-Archive $DownloadPath -DestinationPath "$CTemp\Speedtest" -Force

$test = & "C:\temp\Speedtest\speedtest.exe" --accept-license

$DownloadSpeed = [regex]::match(($test | where-object { $_ -like "*Download:*" }).trim(), '[0-9]+\.?[0-9]*').value
$uploadSpeed = [regex]::match(($test | where-object { $_ -like "*Upload:*" }).trim(), '[0-9]+\.?[0-9]*').value
$ISP = ($test | where-object { $_ -like "*ISP:*" }).trim().split(":")[1].trim()
$server = ($test | where-object { $_ -like "*Server:*" }).trim().split(":")[1].trim()
$SpeedTestURL = ($test | where-object { $_ -like "*Result URL:*" }).trim().split(" ")[2].trim()

[PSCustomObject]@{
    Server     = $server
    ISP        = $ISP
    Download   = $DownloadSpeed
    Upload     = $uploadSpeed
    ResultsURL = $SpeedTestURL
}

The Breakdown of the Speed test with PowerShell

As we enter this script, you can see my laziness already. The first thing I do is make a string called ctemp for the “c:\temp”. This way I don’t have to type “c:\temp” repeatedly. Next, we test the path to see if c:\temp exists. If it doesn’t, we make it. We do this with the new-item command with the name as temp and the item type as a directory. We do the same thing with c:\temp\speedtest for later. If you really want to get fancy, you can replace the C: with an $env:systemdrive.

Building the folders

$CTemp = "c:\Temp"
if (!(Test-Path $CTemp)) { New-Item -Path "c:\" -Name Temp -ItemType Directory }
if (!(Test-Path "$CTemp\SpeedTest")) { New-Item -Path "c:\" -Name Temp -ItemType Directory }

The next step is to download the speed test application from ookla. We need the URL and where it’s going to be downloaded. That’s why the URL has the URL needed. We want to call the file speedtest.zip. Next, we test to see if we already downloaded it. If we didn’t, we download the file using the invoke web request and the out file tags.

Downloading the app

$URL = "https://install.speedtest.net/app/cli/ookla-speedtest-1.0.0-win64.zip"
$DownloadPath = "$CTemp\SpeedTest.Zip"
if (!(Test-Path $DownloadPath)) { Invoke-WebRequest -Uri $URL -OutFile $DownloadPath }

Once we have the file downloaded, we need to extract the Speed test files. We use the expand archive command to force the download to the c:\temp\speedtest folder that we made at the beginning. I use the force flag here to overwrite anything just in case the file was already there.

Expanding the drive

#Expand the Zip File
Expand-Archive $DownloadPath -DestinationPath "$CTemp\Speedtest" -Force

Next, we run the Speed test with PowerShell. In PowerShell, you can run apps directly inside the shell and input that data directly into the shell by using the & sign. With this software, we need to accept the license if we want to do this script without human interaction. Finally, we want to push its output into a variable. Since it’s a test, let us call it a test.

Running the Speed test with PowerShell

$test = & "$CTemp\Speedtest\speedtest.exe" --accept-license

The variable $test contains a few strings with the information we need. It’s time to work with those strings. The string contains the server, isp, download, upload, and jitter information. Here is an example output of what this little program produces:

Speedtest by Ookla

     Server: Piedmont Redacted
        ISP: Spectrum Business
    Latency:    22.46 ms   (0.12 ms jitter)

   Download:   166.84 Mbps (data used: 217.5 MB)

     Upload:   194.09 Mbps (data used: 224.6 MB)
Packet Loss:     0.0%
 Result URL: redacted

The first item I want to extract is the download. The code is a little complex so lets start from the inside. We start off with our $test variable. We want to find the string line that contains “Download:” and then trim that up.

($test | where-object { $_ -like "*Download:*" }).trim()

Next, we need to wrap this inside a regex match. We are using the .net structure here using the [regex]:match. Don’t use matches, it will give you additional information. The match uses our variable and the regex to match with. The regex is the hardest part. So let’s take it apart.

The Regex

'[0-9]+\.?[0-9]*'

The first part [0-9] is searching for characters 0 – 9. However, it only looks at the first digit. The + looks for the rest until we reach a “.”. The “\” is before the “.” because “.” is a used variable in regex. If we stop here, we only get the first part of the download speed. We don’t get anything past the “.”. So we add the “?”. Once we do this it allows us to continue. At this point, we look for another [0-9]. Once again, it’s just the first character. We want everything past that so we add the “*”. Now we have the first match. This is the download speed. Once we have the regex information we ask for only the value. We do this with the upload speed as well.

$ISP = ($test | where-object { $_ -like "*ISP:*" }).trim().split(":")[1].trim()
$server = ($test | where-object { $_ -like "*Server:*" }).trim().split(":")[1].trim()
$SpeedTestURL = ($test | where-object { $_ -like "*Result URL:*" }).trim().split(" ")[2].trim()

Now, we need to work with The ISP. We search for the “ISP:” inside our test variable. Like before, we trim up the string. This removes the spaces at the start and end. Then we split this string with the “:”. The split is here because it makes sense. We select the second object from that split as it contains the text. The first, which is also 0, doesn’t contain the text. Now we have the string, we once again trim it up. There you go. That’s the ISP. We do the same thing with the server as the ISP. The results URL is a little different. We split the space and then select the third object.

Displaying the information

Finally, we create a PS custom object and place each piece of useful information into it. When you launch the script, this information will return and you can see it inside your rmm feedback. From here, you can add this information to your RMM tool in custom fields if you wish. Since I use Ninja at the moment, I will go over that later.

That’s it, Speed Test with PowerShell is at your fingertips. I hope you enjoy it.

Additional Resources

« Older Entries

Next Entries »

Donation Links:
PayPal
CashApp