平时排查问题时,用powershell过来进程还挺高效的,比如这句命令显示没有Microsoft关键词的进程
代码语言:powershell复制Get-Process | Where-Object {$_.company -notlike '*Microsoft*' }|select Name,Description,Company
一下子就滤掉了含有Microsoft关键词的进程,剩下的就不多了,然后再指定servicename去筛选列出细节,就能比较快速排查一些服务或进程了,例如下面的这段get-service *ali* 起头的代码,显示匹配的服务名称、服务启动类型、服务路径、服务运行状态、服务运行的用户
代码语言:powershell复制Get-Service *ali* | ForEach-Object {
$Service = Get-WmiObject -Class Win32_Service -Filter "Name='$($_.Name)'"
[PSCustomObject]@{
Name = $_.Name
DisplayName = $_.DisplayName
Status = $_.Status
StartType = $Service.StartMode
PathName = $Service.PathName
ServiceAccount = $Service.StartName
}
} | Format-Table -AutoSize
