The Get-Process cmdlet in PowerShell is used to retrieve information about the processes that are running on a local or remote computer. This cmdlet provides details such as the process name, process ID, memory usage, CPU time, and more. You can use it to monitor system performance, troubleshoot issues, or collect data for system administration tasks.
Basic Syntax:
Example 1: List All Running Processes
Running Get-Process without any parameters will list all the processes currently running on your local machine.
This will output a list of processes, showing the Name, ID, Handles, NPM (Non-paged memory), PM (Paged memory), WS (Working set), and CPU time, among other details.
Example 2: Get Specific Process by Name
You can filter processes by their name. For example, to get all processes related to "chrome" (Google Chrome):
This will list all running chrome processes.
Example 3: Get Process by Process ID (PID)
You can retrieve a process using its PID (Process ID). For instance, to get the process with PID 1234:
This will return information about the process with the specified PID.
Example 4: Get Multiple Processes by Name
You can also specify multiple processes by separating their names with commas. For example:
This will return information about processes related to chrome, firefox, and explorer.
Example 5: Display Specific Properties of Processes
You can select specific properties of the processes to make the output more readable. For example, to display the Name, ID, CPU time, and Memory of each process:
This will show a simplified output with just the Name, ID, CPU, and WorkingSet (memory usage) of each process.
Example 6: Sort Processes by Memory Usage
To sort the processes by memory usage (working set), use the following command:
This will list the processes, sorted by memory usage in descending order.
Example 7: Get Process on a Remote Machine
If you want to get processes from a remote machine, use the -ComputerName parameter. For example:
This command retrieves the processes from the remote computer specified by RemotePCName.
Example 8: Limit the Output to Top N Processes
To limit the number of processes returned, you can use Select-Object to return only the top N processes. For example, to get the top 5 processes by CPU usage:
This will show the top 5 processes sorted by their CPU usage in descending order.
Example 9: Get Process for Specific User
To retrieve processes run by a specific user, you can use the Get-WmiObject cmdlet along with Get-Process. Here's an example:
Replace "username" with the actual username. This command fetches processes based on the specified user.
Example 10: Display Processes with Memory and CPU Usage
To display detailed information on processes, including their memory and CPU usage, you can run:
This shows the Name, Id, CPU time, WorkingSet (memory), and PrivateMemorySize (private memory allocated to the process).
Example 11: Killing a Process
If you want to stop a process, you can use the Stop-Process cmdlet. For example, to kill a process by name (e.g., notepad):
Or, if you know the PID:
Example 12: Getting Process in a Specific Session
You can filter processes by their session ID. For example:
This will return processes running under session ID 1.
Example 13: Displaying Processes in a Specific Format (Table, List, or Grid)
You can display the output in different formats, such as table, list, or grid. For example:
-
Table format (default):
-
List format (for detailed info):
-
Grid format (for a more interactive view):
Â
The Get-Process cmdlet in PowerShell is a powerful tool for managing and monitoring processes on a local or remote computer. You can filter, sort, display, and even manipulate processes using various parameters and techniques, making it an essential cmdlet for system administrators and users performing troubleshooting or monitoring tasks.
Â
Â
Â
Â
