Skip to the main content.
Talk to us
Talk to us
Twitter Twitter GitHub GitHub

ScriptRunner Blog

Display, retrieve, and terminate Windows processes with PowerShell

8 min read

November 11, 2020

By: Thomas Joos Nov 11, 2020 11:30:11 AM

PowerShell & Systems

Table of Contents

 
Post Featured Image

Monitoring and managing the running processes on a computer is a routine task for administrators. PowerShell can be a valuable aid here, since processes and the information associated with them can be displayed and evaluated much more quickly and flexibly.

In the following article you will learn about the basics of administering processes with PowerShell and how to run them not only locally, but also remotely, for example with PowerShell Direct.

 

Get-Process: Display Processes in PowerShell

You can use the Cmdlet Get-Process to display all running processes on a computer. By default, the list of processes is sorted alphabetically in descending order.

If you want to display only processes that begin with the letter “s”, you can use the * wildcard to filter the list. To do this, type the following command:

Get-Process s*

In the same way, you can perform all other filtering by letter. For example, if you want to display all processes in which the string “sql” occurs, you can use the following command (see Figure 1):

 

Get-Process *sql*

Screenshot PowerShell: Abbildung 1: Output des Cmdlets „Get-Process“ mit dem Filter *sql*

Fig. 1: By using filters, Get-Process not only lists processes, but also filters them.

Get-Process can sort processes not only alphabetically by name, but also, for example, based on their resource consumption. If you want to filter and sort processes by name and by resource consumption, for example, descending by CPU time, first type Get-Process s* and use Pipe to forward the result to Sort-Object with the option |Sort-Object cpu -Descending:

Get-Process s*|Sort-Object cpu -Descending

In this way, processes can be effectively filtered and sorted for display.

You can also display more detailed information for individual processes that are not displayed in the aggregated list. To do this, you first use Get-Process to display an overview of the processes that you want to see, and then you use the pipe to pass this result to the Format-List cmdlet. You can use the * wildcard to ensure that all information about the processes is displayed.

Here is an example that generates a detailed listing of the “winword” and “explorer” processes as output

Get-Process winword, explorer | Format-List *

Instead of typing the command “Format-List”, you can also work with the abbreviation “fl”:

Get-Process winword, explorer | fl *

If you do not want to display all details but only certain details, you can also enter the name of the corresponding column instead of the wildcard * for “fl *”, for example:

Get-Process winword, explorer | fl Name, PriorityClass, FileVersion

Instead of a formatted list (|fl *), you can also have the results displayed in a formatted table. To do this, use the Format-Table or “ft” cmdlet for the right part of the pipeline (see Figure 2).

 

Screenshot: Steuern der Anzeige eines PowerShell-Befehls

Fig. 2: Controlling the display of a PowerShell command


Screenshot PowerShell ISE: When opening a PowerShell session on a remote machine a login prompt appears

Fig. 3: Opening a PowerShell session to manage processes on a remote computer


Screenshot PowerShell: Termination of a process after confirmation

Fig. 4: By using -Confirm, you can tell PowerShell not to terminate processes until you get confirmation


Conclusion

As described previously, using PowerShell speeds up the retrieval of Windows processes and related data. Especially power users like system administrators benefit from this time saving. But PowerShell can do much more: It enables the administration of remote computers, which is a major advantage in times of digitalization.

But the most important advantage is that by using PowerShell, this data and information becomes accessible to other systems. For example, automated monitoring can be built on the basis of a script for Windows process monitoring. This reduces the manual and time-consuming effort in administration to a minimum.

Related links

Related posts
13 min read

Getting started with PowerShell functions

Apr 1, 2025 by Stéphane van Gulick

PowerShell functions are essential tools that enable you to encapsulate code for reuse, making your scripts more...
7 min read

New ScriptRunner Release Enhances Enterprise IT Automation with Better Security, Transparency and Efficiency

Feb 24, 2025 by Heiko Brenn

The latest ScriptRunner release enhances Enterprise IT automation with three powerful features: the new Approval Process
13 min read

Mastering Changelog Management with PowerShell

Jan 28, 2025 by Jeffery Hicks

Changelogs keep your software updates clear and organized. Learn the best practices for creating and managing them in...

About the author:

Thomas Joos

Thomas Joos is a freelance IT consultant and has been working in IT since 1992. He has published more than 90 practical reference books and writes for numerous IT publications such as c’t, PC Magazin, PC Welt, IT Administrator, Computerwoche and Heise Security.

Latest posts: