Get-SPOMalwareFileContent
Gets the file stream associated with the malware-infected file stored in SharePoint.
Syntax
Get-SPOMalwareFileContent
-MalwareInfectedFile <SPOMalwareFile>
[<CommonParameters>] Description
The Get-SPOMalwareFileContent cmdlet runs on a single file. If the file is malware-infected then it returns the file stream associated with it. You must be a SharePoint Online administrator to run the Get-SPOMalwareFileContent cmdlet. Note that this cmdlet does not work on files that are not malware-infected.
For permissions and the most current information about Windows PowerShell for SharePoint Online, see the online documentation at Intro to SharePoint Online Management Shell.
Examples
EXAMPLE 1
$file = Get-SPOMalwareFile -FileUri "https://contoso.com/sites/Marketing/Shared Documents/Doc1.docx"
Get-SPOMalwareFileContent -MalwareInfectedFile $fileExample 1 returns the file stream.
EXAMPLE 2
Get-SPOMalwareFile -FileUri "https://contoso.com/sites/Marketing/Shared Documents/Doc1.docx" | Get-SPOMalwareFileContentExample 2 returns the file stream.
EXAMPLE 3
$SPOFileUri = "https://contoso.com/sites/Marketing/Shared Documents/Doc1.docx"
$fileName = $SPOFileUri.split("/")[-1]
$localFolder = ".\$fileName"
$targetfile = New-Object IO.FileStream ($localFolder,[IO.FileMode]::Create)
[byte[]]$readbuffer = New-Object byte[] 1024
$file = Get-SPOMalwareFile -FileUri $SPOFileUri
$responseStream = Get-SPOMalwareFileContent -MalwareInfectedFile $file
do{
$readlength = $responsestream.Read($readbuffer,0,1024)
$targetfile.Write($readbuffer,0,$readlength)
}
while ($readlength -ne 0)
$targetfile.close()Example 3 downloads the file to the current working directory using the original filename.
Parameters
-MalwareInfectedFile
SPOMalwareFile object returned by Get-SPOMalwareFile cmdlet.
| Type: | SPOMalwareFile |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | SharePoint Online |
Notes
To get the SPOMalwareFile object, the user should execute the Get-SPOMalwareFile cmdlet first. Then that object can be used as a parameter to the Get-SPOMalwareFileContentContent cmdlet.