Edit PowerShell history file

I came across a situation where I discovered a user’s PSReadline ConsoleHost_history.txt file, and it ended up giving me the information I needed at the time. Most people are aware of the .bash_history file. But did you know that the PowerShell equivalent is enabled by default starting in PowerShell v5 on Windows 10? This means this file will become more present over time as systems upgrade.

PSReadline

The PSReadline module started as a stand-alone module, but became the default command line editing experience starting in PowerShell v3. A full list of the features are available on its GitHub page. It is responsible for, among other things, letting us hit up arrow to see previous commands from a PowerShell window. To do this, it records what is typed into the console. It can save this in memory, or to a file.

Starting in PowerShell v5 on Windows 10, the default option is to save history to a file. This setting gives the user the ability to start a new session with the history from the previous session.

History File Information

The default location for this file is $env:APPDATA\Microsoft\Windows\PowerShell\PSReadLine\ConsoleHost_history.txt. You can get the location by running Get-PSReadlineOption and looking at the options. There’s a few history related ones:

• HistorySavePath — The file location
• HistorySaveStyle — Options are SaveIncrementally, which saves after each command; SaveAtExit, which appends on exiting PowerShell, or SaveNothing, which turns off the history file.
• MaximumHistoryCount — The max number of entries to record.

You can modify the options with the Set-PSReadlineOption commandlet.

What the History File Records

Everything I type into a PowerShell window. For example:

PSC:\> cd $env:APPDATA\Microsoft\Windows\PowerShell\PSReadLine\

ls

code ConsoleHost_history.txt