时间戳

首页 > 解决方案 > 修改 Stack Overflow 上的 PowerShell 脚本

powershell - 修改 Stack Overflow 上的 PowerShell 脚本

问题描述

我在 Stack Overflow 上找到了这个由PMental编写的 Get-ProcessPlus脚本。zett42 和其他几个人的帮助下,我设法让它运行(对 PS 来说非常新)。谢谢大家,它拥有我真正想要的一切。我也选择看看是否可以让脚本添加更多功能。我也希望它返回进程的命令行值。我让它部分工作。通过我的修改,它仍然默认运行,并按 ID 运行,但不再按名称运行。我已经做了很多阅读,但仍然无法使其正常工作。这是代码和我的模组。任何帮助,将不胜感激。

*$Command = Get-WmiObject Win32_Process | select name, CommandLine*

function Get-ProcessPlus {
    [CmdletBinding(DefaultParameterSetName = 'Default')]
    param (
        [Parameter(ParameterSetName='ProcessName',Position = 0)]
        [string[]]
        $Name,
        *[Parameter(ParameterSetName='CommandLine',Position = 0)]
        [string[]]
        $Command,*
        [Parameter(ParameterSetName='PID',Position = 0)]
        [int[]]
        $Id

    )
    # Check which parameter set is in use and get our processes
    switch ($PSCmdlet.ParameterSetName) {
        'ProcessName' {
            $AllProcesses = Get-Process -Name $Name
            break
        }
        *'CommandLine' {
            $AllProcesses = Get-Process -Name $Command
            break
        }*
        'PID' {
            $AllProcesses = Get-Process -Id $Id
            break
        }
        default { $AllProcesses = Get-Process }
    }
    foreach ($Process in $AllProcesses) {
        # Retrieve TCP and UDP Connection information for the current process (if any)
        $UDPConnections = Get-NetUDPEndpoint -OwningProcess $Process.Id -ErrorAction Ignore |
            Select-Object LocalAddress,LocalPort
        $TCPConnections = Get-NetTCPConnection -OwningProcess $Process.Id -State Listen -ErrorAction Ignore |
            Select-Object LocalAddress,LocalPort
        $TCPPorts = $TCPConnections.LocalPort | Where-Object { $null -ne $_} | Select-Object -Unique
        $UDPPorts = $UDPConnections.LocalPort | Where-Object { $null -ne $_} | Select-Object -Unique
        $TCPAddresses = $TCPConnections.LocalAddress | Select-Object -Unique
        $UDPAddresses = $UDPConnections.LocalAddress | Select-Object -Unique
        # Collect and output all information about the current process
        [PSCustomObject] @{
            'ProcessName'   = $Process.ProcessName
            'Id'            = $Process.Id
            'Description'   = $Process.Description
            'Path'          = $Process.Path
            *'CommandLine'  = $Process.Command*
            'CPU usage (s)' = $Process.CPU
            'TCP Addresses' = $TCPAddresses
            'TCP Ports'     = $TCPPorts
            'UDP Addresses' = $UDPAddresses
            'UDP Ports'     = $UDPPorts
        }
    }
}

标签: powershellscripting

解决方案

您需要将Get-WMIObject输出与Get-Process输出相匹配。在您的情况下,只需替换此行:

'CommandLine' = $Process.Command

有了这个:

# Query WMI for process command line
'CommandLine'   = Get-WmiObject -Query "
  SELECT CommandLine from Win32_Process WHERE ProcessID = $($Process.ID)" | 
  # Select only the commandline property so we can display it
  Select -ExpandProperty CommandLine

我的输出如下所示:

Get-ProcessPlus -Name notepad

ProcessName   : notepad
Id            : 10568
Description   : Notepad
Path          : C:\WINDOWS\system32\notepad.exe
CommandLine   : "C:\WINDOWS\system32\notepad.exe" C:\temp\test.txt
CPU usage (s) : 0.390625

推荐阅读