Chapter 21. Processes

21.0. Introduction

Working with system processes is a natural aspect of system administration. It is also the source of most of the regular expression magic and kung fu that makes system administrators proud. After all, who wouldn’t boast about this Unix one-liner to stop all processes using more than 100 MB of memory:

	ps -el | awk '{ if ( $6 > (1024*100)) { print $3 } }' | grep -v PID | xargs kill

While helpful, it also demonstrates the inherently fragile nature of pure text processing. For this command to succeed, it must:

  • Depend on the ps command to display memory usage in column 6.

  • Depend on column 6 of the ps command’s output to represent the memory usage in kilobytes.

  • Depend on column 3 of the ps command’s output to represent the process id.

  • Remove the header column from the ps command’s output.

Since PowerShell’s Get-Process cmdlet returns information as highly structured .NET objects, fragile text parsing becomes a thing of the past:

	Get-Process | Where-Object { $_.WorkingSet -gt 100mb } | Stop-Process -WhatIf

If brevity is important, PowerShell defines aliases to make most commands easier to type:

	gps | ? { $_.WS -gt 100mb } | kill -WhatIf

21.1. List Currently Running Processes

Problem

You want to see which processes are running on the system.

Solution

To retrieve the list of currently running processes, use the Get-Process cmdlet:

 PS >Get-Process Handles NPM(K) PM(K) WS(K) VM(M) CPU(s) Id ProcessName ------- ------ ----- ----- ----- ------ -- ----------- 274 6 ...

Get Windows PowerShell Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial