You can use the Process cmdlets in Windows PowerShell to manage local and remote processes in Windows PowerShell.
To get the processes running on the local computer, run a Get-Process with no parameters.
PS> Get-Process -id 0 Handles NPM(K) PM(K) WS(K) VM(M) CPU(s) Id ProcessName ------------------------------------------------------------------------------- 0 0 0 16 0 0 Idle
You can use the Name parameter of the Get-Process cmdlet to specify a subset of processes based on the process name. The Name parameter can take multiple names in a comma-separated list and it supports the use of wildcards, so you can type name patterns. For example, the following command gets process whose names begin with "ex."
PS> Get-Process -Name ex* Handles NPM(K) PM(K) WS(K) VM(M) CPU(s) Id ProcessName ------- ------ ----- ----- ----- ------ -- ----------- 234 7 5572 12484 134 2.98 1684 EXCEL 555 15 34500 12384 134 105.25 728 explorer
The computer names are not evident in this display, but they are stored in the MachineName property of the process objects that Get-Process returns. The following command uses the Format-Table cmdlet to display the process ID, ProcessName and MachineName (ComputerName) properties of the process objects.
PS> Get-Process -Name PowerShell -ComputerName localhost, Server01, Server01 | Format-Table -Property ID, ProcessName, MachineName Id ProcessName MachineName -- ----------- ----------- 3700 powershell Server01 3052 powershell Server02 5816 powershell localhost
The Stop-Process cmdlet takes a Name or Id to specify a process you want to stop. Your ability to stop processes depends on your permissions. Some processes cannot be stopped. For example, if you try to stop the idle process, you get an error.
PS> Stop-Process -Name Idle Stop-Process : Process 'Idle (0)' cannot be stopped due to the following error: Access is denied At line:1 char:13 + Stop-Process <<<< -Name Idle
You can also force prompting with the Confirm parameter. This parameter is particularly useful if you use a wildcard when specifying the process name, because you may accidentally match some processes you do not want to stop:
PS> Stop-Process -Name t*,e* -Confirm Confirm Are you sure you want to perform this action? Performing operation "Stop-Process" on Target "explorer (408)". [Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):n Confirm Are you sure you want to perform this action? Performing operation "Stop-Process" on Target "taskmgr (4072)". [Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):n
This command starts a process that uses the Sort.exe file in the current folder. The command uses all of the default values, including the default window style, working folder, and credentials
PS C:\> Start-Process -FilePath "sort.exe" PS C:\> Start-Process -FilePath "powershell" -Verb runAs PS C:\> Start-Process -FilePath "notepad" -Wait -WindowStyle Maximized
The Wait-Process cmdlet waits for one or more running processes to be stopped before accepting input. In the Windows PowerShell console, this cmdlet suppresses the command prompt until the processes are stopped. You can specify a process by process name or process ID (PID), or pipe a process object to Wait-Process. Wait-Process works only on processes running on the local computer.
C:\PS>$nid = (get-process notepad).id C:\PS> stop-process -id $nid C:\PS> wait-process -id $nid
The Debug-Process cmdlet attaches a debugger to one or more running processes on a local computer. You can specify the processes by their process name or process ID (PID), or you can pipe process objects to Debug-Process. Debug-Process attaches the debugger that is currently registered for the process. Before using this cmdlet, verify that a debugger is downloaded and correctly configured
C:\PS>debug-process -name sql* C:\PS>debug-process winlogon, explorer, outlook C:\PS>get-process powershell | debug-process