-----------------------------------------------------------
New Message on BDOTNET
-----------------------------------------------------------
From: spark
Message 1 in Discussion
hi
Folk,
I
havent been posting for a while because I have been rather cuaght up with things
or things have been getting caught up with me. Today morning I very reluctantly
taught myself perl - reluctanatly because i usually code in ruby and ruby these
days rather unstable when it comes to heavy duty win32 ole programming.
I
thought I should post this script I wrote to do WMI - the mind boggling number
of things that you can do with this is ... mind boggling. This is kick ass stuff
and if you are in an adventerous mood, do take a look. To try this you will need
perl installed - you can simply download a free windows version from activestate
and you are ready. This is the script. Scroll to the end and i will show you
some fancy things to do with it.
use Win32;
use Win32::OLE qw
(in);
$system = ".";
$classname =
"Win32_Process";
@props = ("name");
$namespace =
"root/cimv2";
sub list_instances {
$serv =
Win32::OLE->GetObject("winmgmts://$system/$namespace");
$objs =
$serv->InstancesOf("$classname");
$i = 1;
foreach $obj
(in($objs)) {
$str = "$i ";
foreach $prop
(in(@props)) {
$str =
"$str\t$obj->{$prop}";
}
$str =
"$str\n";
print $str;
$i = $i +
1;
}
}
sub list_classinfo {
$obj =
Win32::OLE->GetObject("winmgmts://$system/$namespace:$classname");
print
"$classname Properties : -----------------------------\n";
$i =
1;
foreach $prop (in($obj->{Properties_})) {
print
"$i\t$prop->{name}\n";
$i = $i + 1;
}
print
"$classname Methods : -----------------------------\n";
$i =
1;
foreach $m (in($obj->{Methods_})) {
print
"$i\t$m->{name}\n";
$i = $i +
1;
}
}
sub list_namespaceinfo {
$serv =
Win32::OLE->GetObject("winmgmts://$system/$namespace");
print
"$namespace Classes : -----------------------------\n";
$i =
1;
foreach $class (in($serv->SubClassesOf())) {
$path
= $class->{Path_}->{Path};
print
"$i\t$path\n";
$i = $i + 1;
}
print "$classname
Namespaces : -----------------------------\n";
$i = 1;
foreach
$ns (in($serv->InstancesOf("__NAMESPACE"))) {
print
"$i\t$ns->{name}\n";
$i = $i +
1;
}
}
foreach $arg (in(@ARGV)) {
if ($arg =~
m#/sys:(.*)#) {
$system = $1;
} elsif ($arg =~
m#\/type\:(.*)#) {
$classname = $1;
} elsif ($arg =~
m#\-(.*)#) {
@props[$#props+1]=$1;
} elsif ($arg =~
m#\/class\:(.*)#) {
$classname =
$1;
list_classinfo();
exit 0;
} elsif
($arg =~ m#\/ns\:(.*)#) {
$namespace =
$1;
list_namespaceinfo();
exit
0;
}
}
list_instances()
Simple ? ok, i know
that is looks like greek to a lot of people. Now copy-paste and save this as
wmi-list.pl. After perl is installed go to the command line and try
these:
D:\RoshanJ\work\pl>wmi-list.pl
1
System Idle Process
2
System
3
SMSS.EXE
4
CSRSS.EXE
5
WINLOGON.EXE
6
SERVICES.EXE
7
LSASS.EXE
(a listing of all the processes on your
computer)
D:\RoshanJ\work\pl>wmi-list.pl
-executablepath
1 System Idle
Process
2
System
3
SMSS.EXE
C:\WINNT\System32\smss.exe
4
CSRSS.EXE
5
WINLOGON.EXE
C:\WINNT\system32\winlogon.exe
6
SERVICES.EXE
C:\WINNT\system32\services.exe
7
LSASS.EXE
C:\WINNT\system32\lsass.exe
8
svchost.exe
C:\WINNT\system32\svchost.exe
9
spoolsv.exe
C:\WINNT\system32\spoolsv.exe
10
svchost.exe
C:\WINNT\System32\svchost.exe
(same list now with
path information of exes)
D:\RoshanJ\work\pl>wmi-list.pl -executablepath
-workingsetsize -threadcount
1 System
Idle
Process
16384 1
2
System 221184
45
3
SMSS.EXE
C:\WINNT\System32\smss.exe 339968
6
4
CSRSS.EXE
2478080 12
5
WINLOGON.EXE C:\WINNT\system32\winlogon.exe 3235840
17
6 SERVICES.EXE
C:\WINNT\system32\services.exe 7831552
39
7
LSASS.EXE
C:\WINNT\system32\lsass.exe 2105344
17
8 svchost.exe
C:\WINNT\system32\svchost.exe 2371584
13
9 spoolsv.exe
C:\WINNT\system32\spoolsv.exe 4210688
11
10 svchost.exe
C:\WINNT\System32\svchost.exe 7294976 28
(now it shows the
memeory used in bytes as well as teh number of threads per process
!!)
So how do I know
what all info I can have avout a process, or in other words how i know what all
options i can have ?
D:\RoshanJ\work\pl>wmi-list.pl
/class:win32_process
win32_process Properties :
-----------------------------
1
Caption
2
CreationClassName
3
CreationDate
4
CSCreationClassName
5
CSName
6
Description
7
ExecutablePath
8
ExecutionState
9
Handle
10
HandleCount
11
InstallDate
12
KernelModeTime
13
MaximumWorkingSetSize
14
MinimumWorkingSetSize
15
Name
16
OSCreationClassName
17
OSName
18
OtherOperationCount
19
OtherTransferCount
20
PageFaults
21
PageFileUsage
22
ParentProcessId
23
PeakPageFileUsage
24
PeakVirtualSize
25
PeakWorkingSetSize
26
Priority
27
PrivatePageCount
28
ProcessId
29
QuotaNonPagedPoolUsage
30
QuotaPagedPoolUsage
31
QuotaPeakNonPagedPoolUsage
32
QuotaPeakPagedPoolUsage
33
ReadOperationCount
34
ReadTransferCount
35
SessionId
36
Status
37
TerminationDate
38
ThreadCount
39
UserModeTime
40
VirtualSize
41
WindowsVersion
42
WorkingSetSize
43
WriteOperationCount
44
WriteTransferCount
win32_process Methods :
-----------------------------
1
Create
2
Terminate
3
GetOwner
4
GetOwnerSid
(thats the full
set)
So whats the big
deal ?
D:\RoshanJ\work\pl>wmi-list.pl /sys:machine01
-executablepath -workingsetsize
-threadcount
1 System Idle
Process
16384 1
2
System 286720
58
3
SMSS.EXE
C:\WINNT\System32\smss.exe 339968
6
4
CSRSS.EXE
C:\WINNT\system32\csrss.exe 2039808
13
5 WINLOGON.EXE
C:\WINNT\system32\winlogon.exe 7856128
16
6 SERVICES.EXE
C:\WINNT\system32\services.exe 7979008
35
7
LSASS.EXE
C:\WINNT\system32\lsass.exe 8282112
22
8 termsrv.exe
C:\WINNT\System32\termsrv.exe 3551232
12
9 svchost.exe
C:\WINNT\system32\svchost.exe 5472256
11
10 spoolsv.exe
C:\WINNT\system32\spoolsv.exe 4886528
10
11
msdtc.exe
C:\WINNT\System32\msdtc.exe 5951488
26
12
DWRCS.EXE
C:\WINNT\SYSTEM32\DWRCS.EXE 3166208
5
(this just listed
all that info for another server on my network 'machine01' where I have
access)
Not yet amused ?
D:\RoshanJ\work\pl>wmi-list.pl
/type:win32_logicaldisk -freespace
1
C:
706854912
2
D:
8069681152
3
E:
1077760000
4
H:
9135357952
5
X: 1633992704
(i just asked all
the disks for their free space info... )
D:\RoshanJ\work\pl>wmi-list.pl
/type:Win32_NetworkAdapter -macaddress
1
RAS Async Adapter
2 WAN Miniport
(L2TP)
3 WAN Miniport
(PPTP)
50:50:53:50:30:30
4 Direct
Parallel
5 WAN Miniport
(IP)
6 Intel(R) PRO/100 VE Network
Connection 00:50:88:46:9F:B2
(umm... and the mac
adresses of my network adapters..... )
i better stop now.
cheers
rosh
-----------------------------------------------------------
To stop getting this e-mail, or change how often it arrives, go to your E-mail
Settings.
http://groups.msn.com/BDOTNET/_emailsettings.msnw
Need help? If you've forgotten your password, please go to Passport Member Services.
http://groups.msn.com/_passportredir.msnw?ppmprop=help
For other questions or feedback, go to our Contact Us page.
http://groups.msn.com/contact
If you do not want to receive future e-mail from this MSN group, or if you received
this message by mistake, please click the "Remove" link below. On the pre-addressed
e-mail message that opens, simply click "Send". Your e-mail address will be deleted
from this group's mailing list.
mailto:[EMAIL PROTECTED]
