4.2. Exploring a Windows System with Windows PowerShell
In this section, I show you some techniques for exploring the current state of a Windows system using Windows PowerShell.
4.2.1. Finding Running Processes
The get-process cmdlet allows you to explore the processes running on any Windows system. For its simplest usage, just type
get-process
on the Windows PowerShell command line. This displays basic information about all currently running processes on the local machine. By default, the columns of information shown in Figure 4-7 are displayed.
Using Two Windows PowerShell WindowsAs you begin to master Windows PowerShell, I suggest that you have two PowerShell windows open. Use one window to explore the system, and use the other to access the help system or to use the get-member cmdlet to list the members of Windows PowerShell objects whose use you are exploring. Also, consider ceasing to use CMD.exe —and use Windows PowerShell for everything you used to use CMD.exe for. |
Figure 4.7. Figure 4-7
On many systems, the get-process cmdlet will return multiple screenfuls of information—typically on a Windows system I am running I see over 70 processes. As noted in Chapter 2, an easy way to make the output more readable is to pipe the output to More by using the following command:
get-process | more
The results will then be displayed one screenful at a time. Press the spacebar ...
Get Professional Windows® PowerShell now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
