Author Posts

April 8, 2016 at 4:31 am

Hi all,
I'm new with powershell and would like to understand something,
i would like to make myself a script that will add 1 member to Get-nettcpconnection pipe named FullProcessName and that will take the value of the process name when get-process id equals to get-nettcpconnection OwningProcess,
with what i've managed to do i do create new member but it's empty
i guess the mistake is somewhere over the "where {$bb.Id -eq "$aa.Owningprocess"}"
can some one explain ? is that because of INT\String issue ?
Thanks

$aa = Get-NetTCPConnection | where State -eq "established"
$bb = Get-NetTCPConnection | where State -eq "established" | Select @{n='Id';e={$_.OwningProcess}} | Get-Process
$fullobj = foreach ($a in $aa)
{
Add-Member -MemberType NoteProperty -Name FullProcessName -Value ( where {$bb.Id -eq "$aa.Owningprocess"}

) -InputObject $a -PassThru }

$fullobj | ft FullProcessName,LocalPort,State

April 8, 2016 at 5:15 am

It seems highly redundant to want the state since you are filtering on state -eq 'established'. Take a look at this and see if it does what you want.

$results = Get-NetTCPConnection | where State -eq "established" | foreach {
    [PSCustomObject]@{
        ProcessName = (Get-Process -Id $PSItem.OwningProcess).ProcessName
        LocalPort = $PSItem.LocalPort
        State = $PSItem.State
    }
}
# Sample outputs - pick one or more, your choice
$results
$results | Format-Table -AutoSize
$results | Out-GridView
$results | Export-Csv -Path .\foo.csv -NoTypeInformation -Encoding ASCII
$results | Out-File -FilePath .\foo.txt -Encoding ASCII
$results | Export-Clixml -Path .\foo.xml -Encoding ASCII

April 8, 2016 at 5:26 am

Hi Tomer,

As far as I can see OwningProcess is not a property of Get-NetTCPConnection

You can check this like so

$aa = Get-NetTCPConnection | where State -eq "established"
$aa | Get-Member

I might be missing something but that cmdlet looks more like a variation on Netstat (which doesn't give the process name) than TCPView or TCPVCon which does.

regards,

Michael

April 8, 2016 at 5:41 am

If you wanted to preserve the process object for further downstream processing, you could do something like this ...

$processes = Get-NetTCPConnection | where State -eq "established"
$results = foreach ($process in $processes) {
    $processName = (Get-Process -Id $process.OwningProcess).ProcessName
    $process | Add-Member -NotePropertyName ProcessName -NotePropertyValue $processName -PassThru
}
$results | select LocalPort, ProcessName

	
			
	

April 8, 2016 at 5:52 am

I once made a little piece of code for this same type of question:

Get-NetTCPConnection | Where-Object -Property State -EQ -Value 'Established' | ForEach-Object -Process {
    [PSCustomObject] @{
        'ProcessName'	= (Get-Process -Id $_.OwningProcess).Name
        'ProcessId'		= (Get-Process -Id $_.OwningProcess).Id
        'RemoteIP'		= $_.RemoteAddress
        'LocalPort'		= $_.LocalPort
        'State'			= $_.State
    }
} | Format-Table -AutoSize

You can also put this into a function of course:

#requires -Version 3 -Modules NetTCPIP
function Get-NetTCPConnectionProcessName
{
    [CmdletBinding()]
    Param (
        [Parameter(Mandatory = $false,Position = 0)]
        $Value = 'Established'
    
    )

    Get-NetTCPConnection |
    Where-Object -Property State -EQ -Value $Value | ForEach-Object -Process {
        [PSCustomObject] @{
            'ProcessName' = (Get-Process -Id $_.OwningProcess).Name
            'ProcessId' = (Get-Process -Id $_.OwningProcess).Id
            'RemoteIP'  = $_.RemoteAddress
            'LocalPort' = $_.LocalPort
            'State'     = $_.State
        }
    }
}

Then you can do stuff like this:

Get-NetTCPConnectionProcessName | Format-Table -Autosize

Or:

Get-NetTCPConnectionProcessName | Export-Csv -Path C:\Temp\stats.csv -NoTypeInformation

April 8, 2016 at 6:08 am

@michael: The property OwningProcess is new to Windows 10 / Server 2016.

April 8, 2016 at 6:13 am

Thanks Richard,

I thought I was going mad.

I'm running WMF 5.0 on (2012 R2/Windows 7)

Michael