Get-SPOMalwareFileContent
Gets the file stream associated with the malware-infected file stored in SharePoint.
Syntax
Default (Default)
Get-SPOMalwareFileContent
[-MalwareInfectedFile] <SPOMalwareFile>
[<CommonParameters>]
Description
The Get-SPOMalwareFileContent cmdlet runs on a single file. If the file is malware-infected then it returns the file stream associated with it. You must be a SharePoint Online administrator to run the Get-SPOMalwareFileContent cmdlet. Note that this cmdlet does not work on files that are not malware-infected.
For permissions and the most current information about Windows PowerShell for SharePoint Online, see the online documentation at Intro to SharePoint Online Management Shell.
Examples
EXAMPLE 1
$file = Get-SPOMalwareFile -FileUri "https://contoso.com/sites/Marketing/Shared Documents/Doc1.docx"
Get-SPOMalwareFileContent -MalwareInfectedFile $file
Example 1 returns the file stream.
EXAMPLE 2
Get-SPOMalwareFile -FileUri "https://contoso.com/sites/Marketing/Shared Documents/Doc1.docx" | Get-SPOMalwareFileContent
Example 2 returns the file stream.
EXAMPLE 3
$SPOFileUri = "https://contoso.com/sites/Marketing/Shared Documents/Doc1.docx"
$fileName = $SPOFileUri.split("/")[-1]
$localFolder = ".\$fileName"
$targetfile = New-Object IO.FileStream ($localFolder,[IO.FileMode]::Create)
[byte[]]$readbuffer = New-Object byte[] 1024
$file = Get-SPOMalwareFile -FileUri $SPOFileUri
$responseStream = Get-SPOMalwareFileContent -MalwareInfectedFile $file
do{
$readlength = $responsestream.Read($readbuffer,0,1024)
$targetfile.Write($readbuffer,0,$readlength)
}
while ($readlength -ne 0)
$targetfile.close()
Example 3 downloads the file to the current working directory using the original filename.
Parameters
-MalwareInfectedFile
Applicable: SharePoint Online
SPOMalwareFile object returned by Get-SPOMalwareFile cmdlet.
Parameter properties
| Type: | Microsoft.Online.SharePoint.TenantAdministration.SPOMalwareFile |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | 0 |
| Mandatory: | True |
| Value from pipeline: | True |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Inputs
Microsoft.Online.SharePoint.TenantAdministration.SPOMalwareFile
Outputs
System.Object
Notes
To get the SPOMalwareFile object, the user should execute the Get-SPOMalwareFile cmdlet first. Then that object can be used as a parameter to the Get-SPOMalwareFileContentContent cmdlet.