none
How to identify which powershell process is which script?

    Question

  • We need to monitor some powershell scripts running in the background with Nagios (CheckMK).

    Since at least 10 powershell scripts are running we need a solution to know which process is started by which script. I tried to set a title with $host.UI.RawUI.WindowTitle = "Title", but that does not show up in the process list, only "powershell.exe".

    Is there any way we can distinguish between powershell process from the outside?

    Monday, May 20, 2019 9:15 AM

All replies

  • Hey Morgenstern,

    I think this question is already replied to in:

    social.technet.microsoft.com/Forums/en-US/e8ef5eb4-61fb-4fc1-a387-dfba21b068a6/how-can-you-change-the-process-name-and-description-of-powershell-instance-in-task-manager?forum=ITCG

    regards,

    Bert

    • Proposed as answer by Bert VO Monday, May 20, 2019 9:29 AM
    • Unproposed as answer by Bert VO Monday, May 20, 2019 1:59 PM
    Monday, May 20, 2019 9:29 AM
  • Thank you for your fast response. That's quite a problem for us. Do you see any possibility to "wrap" the process so we can recognize the parent? something like start-process (which imho cant do that)?
    Monday, May 20, 2019 9:37 AM
  • Hi,

    Actually, yes, it is possible!

    I just tried the following: 

    1. open the powershell ISE and execute:  

    Install-Module ISESteroids -Scope CurrentUser

    This will install ISE Steroids, which "improves your powershell ISE experience... (For 30 days for free).

    2. Start Steroids by executing:

    Start-Steroids

    3. Open your script and go to Tools > Turn Code into EXE

    4. save the script as exe and run it.

    5. You will now see the [name].EXE file in task manager.

    I think this will resolve your issue. It worked for me anyway.

    Good luck!

    ----------------------------------------------

    If this helps you, please mark my response as answer

    Monday, May 20, 2019 1:49 PM
  • How about using something like this?

    https://archive.codeplex.com/?p=wasp


    --- Rich Matheisen MCSE&I, Exchange Ex-MVP (16 years)

    Monday, May 20, 2019 2:46 PM
  • To get a process use this:

    Get-WmiObject win32_process -filter 'name="powershell.exe"' | Select-Object CommandLine
    

    This will give you the exact command line that started the process.

    TO get the parent use the "ParentProcessID" and use "Get-Process -Id <parentprocessid" to get the parent proess object.


    \_(ツ)_/

    Monday, May 20, 2019 6:44 PM
    Moderator
  • Hi,

    Was your issue resolved?

    If you resolved it using our solution, please "mark it as answer" to help other community members find the helpful reply quickly.

    If you resolve it using your own solution, please share your experience and solution here. It will be very beneficial for other community members who have similar questions.

    If no, please reply and tell us the current situation in order to provide further help.

    Best Regards,

    Lee


    Just do it.

    Monday, June 3, 2019 7:46 AM
    Moderator