Is your server running slowly?  Check with SolarWinds ipMonitor.

Get your free evaluation copy of ipMonitor here

---

Guy's Top 10 Free Tools

1) FreePing
2) Network Monitor
3) Xobni
4) PuTTY (UNIX)
5) IP SLA Monitor
6) BgInfo
7) Net-SNMP
8) CatTools 
9) Exchange Monitor
10) WinDiff

Scripting Windows Processes with PowerShell's get-Process

Introduction to Scripting a Windows Process with PowerShell

The purpose of this page is two-fold; firstly, to provide 'how to' examples for scripting Windows processes.  Secondly, to help those who want to learn more about PowerShell's get-Process command, methods and syntax.

Topics for PowerShell get-Process

• Our Mission
• Meet the Process Family
• Example 1: Listing with - get-Process
• Example 2: Controlling the Output of get-Process
• Example 3: get-Process in Action
• Stop-Process
• Summary of PowerShell get-Process

 ♣

Our Mission

One useful skill for all computer users is to check, and if necessary, Kill a process.  Such processes are listed in the Task Manager, and this leads me to another useful learning technique, have the GUI (Task Manager) open so that you can trace precisely what the PowerShell script achieves.

If you stick with my mission, something magical will happen. Windows processes will help you learn PowerShell commands, while the research needed to get PowerShell scripts to work, will teach you more about the operating system's processes.

Sometimes, like now, it's hard for me to stay focussed on the one item, namely scripting processes with PowerShell.  Instead, I get distracted by checking the list of processes in case any rogue maleware or grayware have crept onto my computer.  However, the good news is that while this sidetracks me from writing code, I am increasing my list of useful jobs to automate with PowerShell.

Meet the Process Family

In addition to get-Process, which is featured on this page, there are sister commands: start-Process and stop-Process.  Here is a classic example of PowerShell's consistency, learn how the noun 'Process' is controlled by the verbs, start, stop and get, then apply those same verbs to the noun 'Service'.

Preparation - Launch Task Manager

It's time to launch the Task Manager; the flashiest way is to press Ctrl +Shift +Esc; next click on the Processes tab, if you click on 'Image Name', then you can sort the processes into alphabetical order.  Incidentally, when troubleshooting which Process is hogging the processor, I maximize the Task Manager window, then click on the CPU column.  The result is the process with the greatest value for CPU comes to the top of the list.

Example 1: Listing with - get-Process

Instructions:
Pre-requisite: Visit Microsoft's site and download the correct version of PowerShell for your operating system.

• Launch PowerShell
• Copy the two lines of code below (into memory)
• Right-click on the PowerShell symbol
• Edit --> Paste
• Press enter to execute the code.

Learning Points

Note 1:  PowerShell's commands are not case sensitive, thus you could type get-Process, or Get-process.  Also you can omit the 'get' in get-Process, this is because 'get' is the default verb and PowerShell intelligently adds 'get-' to process.

Note 2:  Invariably, PowerShell uses singular nouns, thus get-Process (and not get-Processes).

Switches or modifiers for get-Process

With get-Process, the wildcard asterisk * is optional, however, it does remind us that we can modify the output to produce a restricted range:

get-Process [ab]* returns all processes beginning with the letter a or b.

get-Process [ae]* surprised me, I only got process beginning with 'a', or beginning with 'e'.  To get a range we must add a hyphen between the letters: get-Process [a-e]*

If you have taken my advice and you have the Task Manager open, it's worth checking that what you see in PowerShell matches what you see in Task Manager.

Guy Recommends: SolarWinds Engineer's Toolset v10

The Engineer's Toolset v10 provides a comprehensive console of utilities for troubleshooting computer problems.  Guy says it helps me monitor what's occurring on the network, and the tools teaches me more about how the system literally operates.

There are so many good gadgets, it's like having free rein of a sweetshop. Thankfully the utilities are displayed logically: monitoring, discovery, diagnostic, and Cisco tools.  Download your copy of the Engineer's Toolset v 10

Example 2: Controlling the Output of get-Process

Once again, it is worth inspecting the Task Manager as you learn about get-Process, in particular examine the column headings, Image Name, PID, CPU etc.  Indeed, if you click on the View menu, then Select Columns you can add yet more columns.  What helps to make connections is to compare those columns with properties displayed by PowerShell's get-Member command.  Incidentally, every PowerShell command benefits from the following get-Member 'treatment'.

Properties for PowerShell get-Process

Here is a useful command called get-Member, which displays the process properties.  From the resulting list you can decide which to employ in your PowerShell task.

Simple Command
get-Process | get-Member

I like to add a filter so that the command just lists the Properties.
get-Process | get-Member -MemberType Property

Useful properties of process include CPU, WorkingSet, VirtualMemorySize, HandleCount and Company.

For later reference, you could save the information to file.
get-Process | get-Member -MemberType Property | out-file Process.txt

Example 3: PowerShell get-Process in Action

Example 3a - Format-table

Note  Out-GridView: PowerShell v 2.0 introduces a new cmdlet to control data display.  See more on how to pipe the results into out-GridView.

Learning Points

In this example, the display of the output is controlled by format-Table.  Following research with get-Member, you can decide which properties to add, and which to delete from my example.

Example 3b - List the companies who are responsible for the processes

Learning Points

Such a script could be the basis of detecting rogue programs.  Once you have a list of companies you could check for suspicious or unknown names.

Guy Recommends: SolarWinds LANSurveyor

LANSurveyor will produce a neat diagram of your network topology.  But that's just the start; LANSurveyor can create an inventory of the hardware and software of your machines and network devices.  Other neat features include dynamic update for when you add new devices to your network.  I also love the ability to export the diagrams to Microsoft Visio.

Finally, Guy bets that if you take a free trial of LANSurveyor then you will find a device on your network that you had forgotten about, or someone else installed without you realizing!

Download a Free Trial of LANSurveyor

Example 3c - List the companies who are responsible for the processes

Learning Points

Here is a variation of Example 3b.  My idea is to format the output as a table, and then apply the -groupby command to aggregate the company information.  Incidentally, PowerShell provides information about 'company' that is not available from the Task Manager's Processes tab.

From a pure PowerShell point of view, observe the two pipelines (|) in the cmdlet.  This example also features group-Object and sort-Object.  In addition to improving the output, these handy verbs can be truncated to 'group' or 'sort', PowerShell intelligently deduces the noun, -object.

Example 3d - Filter processes with over 200 handles

Learning Points

The purpose of this command is to filter the processes.   $_.  is a placeholder, or reference to the current command, or the first pipeline.  From a PowerShell point of view, many script benefit from a 'Where' clause to filter the output.  Take the time to check where to place the (|) pipe, and also to admire the $_. construction, which means 'in this pipeline'

Summary of PowerShell get-Process

get-Process is a good place to start experimenting with the syntax of the new Microsoft Shell.  As you try the various PowerShell commands, look out for verb-noun pairs such as get-Process.  In this example, examine PowerShell techniques such as pipeline, get-Member and also format-Table.  One real life task is to check the company names associated with processes, and thus spot an impostor, a virus, or annoying grayware.

Next - Stop-Process (Kill a Windows Process)

See more PowerShell examples of process and service

• PowerShell Home  • get-Process  • stop-Process  • get-Service  • start-Service  • gwmi win32_service

Please write in if you see errors of any kind.  Please report any factual mistakes, grammatical errors or broken links, I will be happy to not only to correct the fault, but also to give you credit.

 *