Powershell : Get Process Stats

At work the other day I found myself needing to gain some minimal process information. I mainly use .NET for my day to day existence (trying to learn Erlang right now argghh), but yeah day to day right now its .NET, so I am obviously aware of the .NET Process class, and what it brings to the table.

 

I am also aware of using Windows Management Instrumentation (WMI) is the infrastructure for management data and operations on Windows-based operating systems. As such you may also use WMI queries from .NET which you may read more about here http://www.codeproject.com/Articles/12138/Process-Information-and-Notifications-using-WMI

 

Thing is for my purpose I had to use a purely command line solution, so using .NET code was out, sure I could have created a small Console App, but I just felt there was a better tool for the job. Enter PowerShell.

 

My Requirements

I simply wanted to grab all processes matching a certain name, and grab a property value from each process matching that name, and export that tom either CSV or XML. I figured this should be something that I could easily do in PowerShell. So lets examine this step by step

 

Step 1 : Grabbing all processes matching a criteria

Lets say we want to grab all instances of the “notepad” process. This is how we could do that in PowerShell

 

Get-Process "notepad"

 

This yields this result

 

image

 

Cool, so we have some properties for each process. Mmm interesting, I wonder if we can grab some of those properties, which is what I need to do.

 

Step 2 : Grabbing the property value of interest for the matched processes

One of the really really great things about PowerShell is that you can pipe the results of one operation to the next (using F# a bit I have come to love the pipe operator). That means I should be able to use these Processes that I have and try and pipe them into another PowerShell operation that extracts one of the properties. Lets try that next. I came up with this (say I wanted to grab just the “Handles” information)

 

Get-Process "notepad" | Select-Object Handles

 

Which yields this result. See the “handles” is the only thing remaining for the “notepad” process

image

 

If you wanted to be a bit more verbose about how you get these results the following also works, which yield exactly the same results as those above

Get-Process | Where-Object {$_.ProcessName -eq 'notepad'} | format-table -property Handles
Get-Process | Where-Object {$_.ProcessName -eq 'notepad'} | Select-Object Handles

 

Ok so what have we achieved so far?

 

Well we have managed to grab only the processes we are interested in by name, and grab  the value of only the property we care about for each of these processes (note only one instance of notepad.exe was running for the screen shots above). Ok, so we are doing well,  not much left to do, we simply need to export this to CSV or XML.

 

Step 3a : Export to CSV

Ok lets exporting the data to CSV, must be a way right? Sure enough PowerShell doesn’t let us down, here is how:

 

Get-Process "notepad" | Select-Object Handles  | Export-Csv file.csv

 

Which gives us the following CSV file

 

#TYPE Selected.System.Diagnostics.Process
“Handles”
“421”

 

 

Step 3b : Export to XML

Exporting to an XML file is just as easy, here is how:

 

Get-Process "notepad" | Select-Object Handles  | Export-Clixml file.xml

 

Which gives us the following XML file

<Objs Version="1.1.0.1" xmlns="http://schemas.microsoft.com/powershell/2004/04">
  <Obj RefId="0">
    <TN RefId="0">
      <T>Selected.System.Diagnostics.Process</T>
      <T>System.Management.Automation.PSCustomObject</T>
      <T>System.Object</T>
    </TN>
    <MS>
      <I32 N="Handles">421</I32>
    </MS>
  </Obj>
</Objs>

 

And there you go, job done……Hope that helped at least someone

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: