How to get Command Line info for a process in PowerShell or C#

c# command process powershell

e.g: if I run notepad.exe c:\autoexec.bat,

How can I get c:\autoexec.bat in Get-Process notepad in PowerShell?

Or how can I get c:\autoexec.bat in Process.GetProcessesByName("notepad"); in C#?


Solution 1:

In PowerShell you can get the command line of a process via WMI:

$process = "notepad.exe"
Get-WmiObject Win32_Process -Filter "name = '$process'" | Select-Object CommandLine

Note that you need admin privileges to be able to access that information about processes running in the context of another user. As a normal user it's only visible to you for processes running in your own context.

Solution 2:

This answer is excellent, however for futureproofing and to do future you a favor, Unless you're using pretty old powershell (in which case I recommend an update!) Get-WMIObject has been superseded by Get-CimInstance Hey Scripting Guy reference

Try this

$process = "notepad.exe"
Get-CimInstance Win32_Process -Filter "name = '$process'" | select CommandLine

Solution 3:

I'm using powershell 7.1 and this seems to be built in to the process object now as a scripted property:

> (Get-Process notepad)[0].CommandLine
"C:\WINDOWS\system32\notepad.exe"

Interestingly, you can view its implementation and see that it partially uses the answer from PsychoData:

($process | Get-Member -Name CommandLine).Definition
System.Object CommandLine {get=
                        if ($IsWindows) {
                            (Get-CimInstance Win32_Process -Filter "ProcessId = $($this.Id)").CommandLine
                        } elseif ($IsLinux) {
                            Get-Content -LiteralPath "/proc/$($this.Id)/cmdline"
                        }
                    ;}

Running Get-Member on a process shows that it is an instance of System.Diagnostics.Process, but that it has several properties that are scripted.

The other properties are FileVersion, Path, Product, and ProductVersion.

Solution 4:

if you put the following code in your powershell $profile file you can permanently extend the "process" object class and use the "CommandLine" property

example:

get-process notepad.exe | select-object ProcessName, CommandLine

code:

$TypeData = @{
    TypeName = 'System.Diagnostics.Process'
    MemberType = 'ScriptProperty'
    MemberName = 'CommandLine'
    Value = {(Get-CimInstance Win32_Process -Filter "ProcessId = $($this.Id)").CommandLine}
}
Update-TypeData @TypeData

Related

Angular 2 Pipe under condition
At what point in the loop does integer overflow become undefined behavior?
How to explicitly obtain post data in Spring MVC?
Map two lists into a dictionary in C#
Difference between using "chmod a+x" and "chmod 755" [closed]
Git says local branch is behind remote branch, but it's not
How do you change the character encoding of a postgres database?
Coffeescript --- How to create a self-initiating anonymous function?
correct PHP headers for pdf file download
Git / Bower Errors: Exit Code # 128 & Failed connect
How get data from material-ui TextField, DropDownMenu components?
Using jQuery UI sortable with HTML tables