Quantcast
Channel: Planet Python
Viewing all articles
Browse latest Browse all 22462

Catalin George Festila: wmi python module - part 002.

$
0
0
According to MSDN Microsoft the Win32_Process WMI class represents a process on an operating system.
We can see all of the inherited properties of processes:

class Win32_Process : CIM_Process
{
string Caption;
string CommandLine;
string CreationClassName;
datetime CreationDate;
string CSCreationClassName;
string CSName;
string Description;
string ExecutablePath;
uint16 ExecutionState;
string Handle;
uint32 HandleCount;
datetime InstallDate;
uint64 KernelModeTime;
uint32 MaximumWorkingSetSize;
uint32 MinimumWorkingSetSize;
string Name;
string OSCreationClassName;
string OSName;
uint64 OtherOperationCount;
uint64 OtherTransferCount;
uint32 PageFaults;
uint32 PageFileUsage;
uint32 ParentProcessId;
uint32 PeakPageFileUsage;
uint64 PeakVirtualSize;
uint32 PeakWorkingSetSize;
uint32 Priority = NULL;
uint64 PrivatePageCount;
uint32 ProcessId;
uint32 QuotaNonPagedPoolUsage;
uint32 QuotaPagedPoolUsage;
uint32 QuotaPeakNonPagedPoolUsage;
uint32 QuotaPeakPagedPoolUsage;
uint64 ReadOperationCount;
uint64 ReadTransferCount;
uint32 SessionId;
string Status;
datetime TerminationDate;
uint32 ThreadCount;
uint64 UserModeTime;
uint64 VirtualSize;
string WindowsVersion;
uint64 WorkingSetSize;
uint64 WriteOperationCount;
uint64 WriteTransferCount;
};
Let's make one simple example with wmi python module.
import wmi
c = wmi.WMI()
for process in c.Win32_Process ():
name = process.Properties_("Name").Value
pid = process.Properties_('ProcessID').Value
parent = process.Properties_('ParentProcessId')
termination = process.Properties_('TerminationDate')
print (name,' = pid -',pid,'+', parent,'|termination_date-',termination)
And the output of this script it's :
firefox.exe  = pid - 13788 + 2564 |termination_date- None
explorer.exe = pid - 1048 + 772 |termination_date- None
sublime_text.exe = pid - 11404 + 2564 |termination_date- None
plugin_host.exe = pid - 7432 + 11404 |termination_date- None
cmd.exe = pid - 9568 + 2564 |termination_date- None
conhost.exe = pid - 14124 + 9568 |termination_date- None
conhost.exe = pid - 9700 + 11208 |termination_date- None
Taskmgr.exe = pid - 9424 + 13404 |termination_date- None
WmiPrvSE.exe = pid - 9764 + 772 |termination_date- None
SpfService64.exe = pid - 11908 + 684 |termination_date- None
python.exe = pid - 1308 + 9568 |termination_date- None

Viewing all articles
Browse latest Browse all 22462

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>