PowerShell Get-Process: Complete Guide to Query Running Processes
PowerShell Get-Process: Complete Guide to Query Running Processes
Overview
The Get-Process cmdlet retrieves information about running processes on local or remote computers. It’s essential for system administration, troubleshooting, and process management.
Common Tasks:
- List all running processes
- Find specific process by name
- Monitor CPU and memory usage
- Find processes using most resources
- Identify zombie/stuck processes
- Export process list
- Find processes by user
- Monitor process performance
Prerequisites:
- PowerShell 5.1 or later
- Administrator privileges (for some operations)
- Network access to remote computers (for remote queries)
Syntax
Get-Process [-Name] <string> [-Id <Int>] [-ComputerName <string[]>] [-IncludeUserName] [-Module] [-FileVersionInfo]
Key Parameters
| Parameter | Type | Description |
|---|---|---|
-Name | String | Process name pattern |
-Id | Int | Process ID |
-ComputerName | String[] | Query remote computer |
-IncludeUserName | Switch | Include user running process |
-Module | Switch | Show loaded modules |
-FileVersionInfo | Switch | Include file version info |
Examples
Example 1: List All Processes
Get-Process | Select-Object Name, Id, Handles, Memory
Output: Shows all running processes with key properties.
Example 2: Get Specific Process by Name
Get-Process -Name "chrome"
Output: Shows all instances of the Chrome process.
Example 3: Find Processes Using Most Memory
Get-Process | Sort-Object -Property Memory -Descending | Select-Object -First 5 Name, Id, Memory
Output: Lists top 5 processes consuming most memory.
Example 4: Find Processes Using Most CPU
Get-Process | Where-Object { $_.CPU -gt 1000 } | Select-Object Name, CPU, Memory
Output: Shows processes with high CPU usage (>1000 seconds).
Example 5: Find Process by User
Get-Process -IncludeUserName | Where-Object { $_.UserName -eq "DOMAIN\jsmith" }
Output: Lists all processes running under specific user account.
Example 6: Monitor High Memory Processes
Get-Process | Where-Object { $_.WorkingSet -gt 500MB } | Select-Object Name, @{name="MemoryMB";expression={[math]::Round($_.Memory/1MB,2)}}
Output: Shows processes consuming more than 500MB of memory, formatted in MB.
Example 7: Get Process on Remote Computer
Get-Process -ComputerName "server01" -Name "sqlserver"
Output: Retrieves SQL Server process info from remote machine.
Example 8: Find Processes by Handle Count
Get-Process | Where-Object { $_.Handles -gt 1000 } | Select-Object Name, Handles
Output: Shows processes with many open handles (potential memory leaks).
Example 9: Export Process List to CSV
Get-Process | Select-Object Name, Id, CPU, Memory, Handles |
Export-Csv -Path "C:\processes-$(Get-Date -Format 'yyyy-MM-dd').csv" -NoTypeInformation
Output: Creates timestamped CSV file with process inventory.
Example 10: Find Stuck/Zombie Processes
Get-Process | Where-Object { $_.CPU -eq 0 -and $_.Memory -gt 100MB } | Select-Object Name, Memory
Output: Shows processes not using CPU but holding significant memory.
Common Use Cases
Monitor High CPU Processes
Get-Process | Where-Object { $_.CPU -gt 2000 } | Select-Object Name, CPU, Memory, Id
Find Specific Process by ID
Get-Process -Id 1234
Get Process with Modules Loaded
Get-Process -Name "powershell" -Module | Select-Object Name, ModuleName
Kill Process by Name (with caution!)
Stop-Process -Name "notepad" -Force
Monitor Process Count Over Time
while ($true) {
$count = @(Get-Process).Count
Write-Host "$(Get-Date): $count processes running"
Start-Sleep -Seconds 60
}
Best Practices
✅ Use specific names - Avoid retrieving all processes unless needed ✅ Sort by resource usage - Identify heavy processes ✅ Use filters - Don’t pipe all data unnecessarily ✅ Monitor over time - Track trends for performance issues ✅ Document baseline - Know normal process count and memory
Common Mistakes
- Running Get-Process without filters (slow on large systems)
- Killing processes without proper investigation
- Not considering dependencies (some processes depend on others)
- Assuming high CPU is always a problem (might be legitimate)
Troubleshooting
Process Won’t Stop
# Try graceful shutdown first
$process = Get-Process -Name "app"
$process.CloseMainWindow()
Start-Sleep -Seconds 5
# If still running, force kill
if (-not $process.HasExited) {
$process | Stop-Process -Force
}
Find Process Causing High Memory
$processHighMemory = Get-Process | Sort-Object Memory -Descending | Select-Object -First 1
Write-Host "Process with highest memory: $($processHighMemory.Name) - $([math]::Round($processHighMemory.Memory/1MB,2)) MB"
Related Commands
- Stop-Process - Kill processes
- Start-Process - Start new processes
- Get-Service - Query services
- Complete PowerShell Guide - PowerShell overview
FAQs
Q: How do I see which user runs a process?
A: Use -IncludeUserName parameter and check UserName property.
Q: Can I get process information from remote computer?
A: Yes, use -ComputerName parameter with computer name or IP.
Q: How do I see memory usage in MB?
A: Create custom expression: @{name="MemoryMB";expression={[math]::Round($_.Memory/1MB, 2)}}
Q: What’s the difference between Memory and WorkingSet? A: Memory is total memory, WorkingSet is physical RAM currently used.
Q: How do I find which process is listening on a port? A: Use netstat or Get-NetTCPConnection combined with Get-Process by PID.
See Also
- PowerShell Get-Service - Query services
- Complete PowerShell Guide - PowerShell overview
- System Administration - System management guide
Last Updated: February 6, 2026 Difficulty Level: Intermediate Reading Time: 10 minutes
Related Articles
Core Process Management
- PowerShell Get CPU Usage - Monitor CPU per process
- PowerShell Get Memory Usage - Monitor memory per process
- PowerShell Get Process Name - Extract process names
- PowerShell Get Process ID - Get process identifiers
Filtering & Selection
- PowerShell Where-Object - Filter processes by properties
- PowerShell Select-Object - Select process properties
- PowerShell ForEach-Object - Process each item
- PowerShell If-Else Statement - Conditional process handling
Sorting & Aggregation
- PowerShell Sort-Object - Sort process lists (if article exists)
- PowerShell Measure-Object - Calculate process statistics
- PowerShell Group-Object - Group processes by property
Data Structures
- PowerShell Arrays - Work with process arrays
- PowerShell Hashtables - Create process data structures
- PowerShell Variables - Store process information
Control Flow & Logic
- PowerShell Switch Statement - Switch-based process logic
- PowerShell Try-Catch - Error handling with processes
- PowerShell For Loops - Loop through processes
File & Output Operations
- PowerShell Output to File - Export process data
- PowerShell Export CSV - Export process list to CSV
- PowerShell Format Table - Display processes
Functions & Automation
- PowerShell Functions - Create reusable process functions
- PowerShell Add-Member - Add custom properties to processes
Advanced Operations
- PowerShell Get-Service - Related system management
- PowerShell Get-Partition - System disk monitoring
- PowerShell Get-NetAdapter - Network monitoring
Comprehensive Guides
- Complete PowerShell Guide - Full PowerShell with system management
- Complete PowerShell Tutorial - Comprehensive course