Chapter 24. Processes

Introduction

Working with system processes is a natural aspect of system administration. It is also the source of most of the regular expression magic and kung fu that make system administrators proud. After all, who wouldn’t boast about this Unix one-liner to stop all processes using more than 100 MB of memory:

ps -el | awk '{ if ( $6 > (1024*100)) { print $3 } }' | grep -v PID | xargs kill

While helpful, it also demonstrates the inherently fragile nature of pure text processing. For this command to succeed, it must:

  • Depend on the ps command to display memory usage in column 6

  • Depend on column 6 of the ps command’s output to represent the memory usage in kilobytes

  • Depend on column 3 of the ps command’s output to represent the process ID

  • Remove the header column from the ps command’s output

While the ps command has parameters that simplify some of this work, this form of “prayer-based parsing” is common when manipulating the output of tools that produce only text.

Since PowerShell’s Get-Process cmdlet returns information as highly structured .NET objects, fragile text parsing becomes a thing of the past:

Get-Process | Where-Object { $_.WorkingSet -gt 100mb } | Stop-Process -WhatIf

If brevity is important, PowerShell defines aliases to make most commands easier to type:

gps | ? { $_.WS -gt 100mb } | kill -WhatIf

In addition to simple process control, PowerShell also offers commands for starting processes, customizing their execution environment, waiting for processes to ...

Get Windows PowerShell Cookbook, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.