Get-HgsTraceFileData
Gets metadata about and the contents of HGS Diagnostic trace files recorded in a trace manifest.
Syntax
Data (Default)
Get-HgsTraceFileData
-File <String>
-Manifest <String>
-StartByte <Int64>
[<CommonParameters>]
Size
Get-HgsTraceFileData
-File <String>
-Manifest <String>
[-Length]
[<CommonParameters>]
Description
The Get-HgsTraceFileData cmdlet gets segments of Host Guardian Service (HGS) Diagnostic trace files recorded in a trace file manifest generated by Get-HgsTrace, as well as length information. This cmdlet is utilized by the Get-HgsTrace cmdlet to securely get trace files over a Windows PowerShell® remote session that does not expose other portions of the file system.
Examples
Example 1: Get the length of a trace file
PS C:\> Get-TraceFileData -File "Certificates.xml" -Manifest "Traces.xml" -Length
This command gets the length of the file named Certificates.xml file found in the Traces.xml manifest.
Example 2: Get a segment of a trace file contained in a manifest
PS C:\> Get-TraceFileData -File "Logs.evtx" -Manifest "Traces.xml" -StartByte 1024
This command gets a segment, in bytes, from the file named Logs.evtx if it is found in the Traces.xml manifest. If the file is not found in the manifest, this cmdlet returns an error.
Parameters
-File
Specifies the full path of the file that you wish to query. The file must be in the manifest specified in the Manifest parameter.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Length
Indicates that this cmdlet gets the total length, in bytes, of the trace file, instead of a data segment.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
Size
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Manifest
Specifies the path to the manifest file that documents the trace file specified in the File parameter.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-StartByte
Specifies the starting byte from which this cmdlet gets a segment of the trace file's data. This value must be greater than 0 but less than the total length of the requested file.
Parameter properties
| Type: | Int64 |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
Data
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.