PowerShell provides cmdlets, to manage the Processes currently running on the local Computer or on the remote Computer. In this Article, we are going to discuss the commands to Display & Manage the Processes using PowerShell.
Get-Process cmdlet to Display Currently Running Processes
Get-Process is the cmdlet, we use to display the currently running Processes in the local Computer. This command displays below details of the running Processes:
PS C:\> Get-Process
Handles NPM(K) PM(K) WS(K) VM(M) CPU(s) Id ProcessName
------- ------ ----- ----- ----- ------ -- -----------
320 52 169192 203824 573 77.58 6404 chrome
22 5 2172 3460 44 0.06 9836 cmd
762 71 38412 56996 299 14.60 4048 explorer
0 0 0 24 0 0 Idle
61 7 1916 6824 75 0.09 9292 notepad
547 24 64032 69056 607 21.68 5052 powershell
158 17 4428 12356 110 0.34 4276 rundll32
369 16 8916 12684 49 39.42 968 services
627 29 19516 22216 97 100.36 156 svchost
1059 0 280 7360 10 281.77 4 System
83 10 1668 4916 44 0.66 908 wininit
121 10 4312 8928 59 0.95 712 winlogon
Observe that, Get-Process displays more details of the Process. Mostly we use “Id” & “ProcessName”:
Id: Process Id of the Process. Operating System allocated an unique Id for each Process.
ProcessName: Name of the Process.
Display specific processes only
Instead of displaying all the processes currently running, we can also display specific processes too. For example, below command displays only the processes, whose name is “notepad”;
PS C:\> Get-Process notepad
Handles NPM(K) PM(K) WS(K) VM(M) CPU(s) Id ProcessName
------- ------ ----- ----- ----- ------ -- -----------
61 7 1924 6824 81 0.09 9292 notepad
Observe that, in above command; we have passed the name of process as an argument to Get-Process command. You can also pass this as the value of the -Name property; which refers the name of the process. The above command can be written as;
PS C:\> Get-Process -Name notepad
We can also use multiple process names to display; and each process name should be separated by a comma (“,”). Below command displays “chrome” and “iexplore” processes;
PS C:\> Get-Process -Name chrome, iexplore
We can also use wildcards to display multiple processes. Let’s see, how many processes currently running; whose name contains “exp”. We can use WildCards (*) in our command.
PS C:\> Get-Process *exp*
Handles NPM(K) PM(K) WS(K) VM(M) CPU(s) Id ProcessName
------- ------ ----- ----- ----- ------ -- -----------
736 73 28640 52348 277 14.71 4316 explorer
705 104 30304 51604 -1778 15.63 5752 iexplore
792 148 148164 187640 477 379.97 5904 iexplore
1016 572 660688 653924 1060 1,006.63 9004 iexplore
673 330 323500 342872 650 37.22 10024 iexplore
Observe that, currently 2 Applications (5 Processes) are running; whose name contains “exp” . Notice that, these processes have unique Ids.
Sort the list of running Processes
Below command is used to sort the Processes depending on the usage of the memory.
PS C:\> Get-Process | Sort-Object WS -Descending
Notice that, we have used Sort-Object cmdlet, in above command. This is useful to sort the data (Objects). This is the beauty of the PowerShell; PowerShell treats the data as Objects. And Get-Process command generates the output and pass through the pipe-line to Sort-Object to sort the objects. Sorting the objects is Sort-Object cmdlet‘s functionality; not the functionality of Get-Process cmdlet.
Now, we look at the commands to manage the processes. Managing means; Start or Stop the processes. PowerShell provides below cmdlets to manage the Processes:
- Start-Process and
- Stop-Process
Start-Process cmdlet to Start the Process
Start-Process is the cmdlet, PowerShell provides to start the process. I would like to open a “notepad” application using Start-Process Below, command will open the “notepad” application:
PS C:\> Start-Process notepad
After this command, you will see the NotePad window open.
Let’s see, how many notepad applications currently running.
PS C:\> Get-Process notepad
Handles NPM(K) PM(K) WS(K) VM(M) CPU(s) Id ProcessName
------- ------ ----- ----- ----- ------ -- -----------
61 7 1916 6836 75 0.09 9292 notepad
57 7 1920 6120 81 0.06 9784 notepad
Observe that, currently 2 notepad processes are running. One was opened with Start-Process command. Notice that, these 2 processes have unique Ids.
Stop-Process cmdlet to Stop the Running Process
Now we will Stop, one of the Process. PowerShell provides a command for this; Stop-Process cmdlet, is used to Stop the currently running Processes.
We have to be more cautious, when we Stopping the Process; otherwise, there may be chances to loose the Unsaved data. For example, we have 2 Notepad Applications, currently running as per the above results from Get-Process. I want to close only the Notepad with the Process ID 9784. So, our command should like below;
PS C:\> Stop-Process -Id 9784
This way we can restrict our commands to specific Processes. If you want to close all the Notepad Applications; below command will be helpful: But, you need to run this with more caution; otherwise, you may loose any unsaved data.
PS C:\> Stop-Process -Name notepad
We will discuss more about PowerShell cmdlets, in upcoming Articles.
[..] David