Script to get # of handles for specific process on remote systems

This topic contains 8 replies, has 2 voices, and was last updated by Profile photo of Jake Sully Jake Sully 1 year, 11 months ago.

  • Author
    Posts
  • #21205
    Profile photo of Jake Sully
    Jake Sully
    Participant

    Howdy Scripting Gurus!

    I am working on trying to come up with a way to schedule a task that will run a script that will query a list of servers. I will define the servers in a text or csv file, whichever is suggested.

    I need to query the servers for the process, verify if the process is running or not, provide that "status" in the report, then if it is running I have to provide the number of handles in use by that process. Can someone please help as I've TRIED for a week to even get this to work on a local system, and I'm stuck entirely. I need the report to email the results out, any format is fine, ideally an HTML email would be great!

    Thanks for such a great learning resource!!
    Jake

  • #21212
    Profile photo of Will Anderson
    Will Anderson
    Keymaster

    Hey there Jake,

    Are you looking for processes or services? Because processes aren't shown in Get-Process if they're not running, however, services are if you run Get-Service. Or, are you looking maybe for a script to check the status of a service, and if it's running find out how many handles are tied to the associated process maybe?

  • #21215
    Profile photo of Will Anderson
    Will Anderson
    Keymaster

    Feasibly, provided you can feed the service name property into Get-Process' ProcessName property, you could do something like this:

    $computer = Get-Content c:\scripts\computers.txt
    ForEach [$comp in $computer]{
            $Service = Get-Service -Name PnkBstrA
            If[-not [$Service.Status -eq "Running"]]{Write-Host $Service.Name is $Service.Status}
            Else {$Service | Select-Object Name | Get-Process | Select-Object ProcessName,Handles} 
            }

    However, for a lot of the baked in Windows stuff, it won't work, while third-party stuff is hit and miss. Does that help?

  • #21241
    Profile photo of Jake Sully
    Jake Sully
    Participant

    Hey Will,

    Thanks! That seems to work, but it looks like I'm getting the same exact result for each of the systems in the list when the output displays in the console?

    I checked manually and they weren't identical, it seems like the 1st system handle count for the service comes back for each of the other systems, which I've not seen before.

    Also, how can I export this to a csv or excel report? An email with the results would be awesome! I'm also trying to output the results so it's computername, process (service name), and then handlecount.

  • #21248
    Profile photo of Will Anderson
    Will Anderson
    Keymaster

    Hey there Jake,

    I found an error in my code. I'm correcting it now. I'll have it ready shortly.

  • #21249
    Profile photo of Will Anderson
    Will Anderson
    Keymaster

    I really need to drink more coffee if I'm going to be coding that late. My apologies. Here's a corrected script. Also, I don't know why, but the code formatting is changing my roundy brackets to square brackets. I'll have to look into that...

    I'll work on outputting to a file shortly and update this post. Let me know if this is better!

    $computer = Get-Content c:\scripts\computers.txt
    ForEach($comp in $computer){
    $Service = Get-Service -ComputerName $comp -Name mcshield
    $Outfile = "C:\Scripts\ProcessCheck.txt"
    If($Service.Status -ne "Running"){Write-Output ($Service.Name + " is " + $Service.Status + " on " + $comp)| Out-File $Outfile -Append}
    Else {$Service | Select-Object Name | Get-Process -ComputerName $comp | Select-Object MachineName,Handles,ProcessName | Out-File $Outfile -Append}
    }

    Copy-Item -Path $Outfile -Destination C:\Scripts\Newfolder

    I updated the code for something more testable than PunkBuster, and made some corrections to get rid of Write-Host. I also added the Out-File line so you can see how you can pipe the data to write to a file. You can replace this with Export-Csv, or Export-HTML if you'd like. Outside of the ForEach loop is where you can copy the file to a different directory, or email the file to where you need it to go. I used the Copy-Item as an example.

  • #21255
    Profile photo of Will Anderson
    Will Anderson
    Keymaster

    Because I can't leave well enough alone. This should work for [i]any[/i] Service by looking for the associated ProcessID in CIM, and then passing the ID to Get-Process.

    $computer = Get-Content c:\scripts\computers.txt
    ForEach($comp in $computer){
    $Service = (Get-CimInstance -ClassName Win32_Service -ComputerName $comp).where({$PSItem.Name -eq "McAfeeFramework"}) | Select Name,ProcessID,PSComputerName,State
    $Outfile = "C:\Scripts\ProcessCheck.txt"
    If($Service.State -ne "Running"){Write-Output ($Service.Name + " is " + $Service.State + " on " + $comp)| Out-File $Outfile -Append}
    Else {Get-Process -ComputerName $Service.PSComputerName -id $Service.ProcessID | Select-Object MachineName,Handles,ProcessName| Out-File $Outfile -Append}

    }

  • #21282
    Profile photo of Jake Sully
    Jake Sully
    Participant

    Hey Will,

    Thanks again!!
    I tried the 1st script and I'm getting an error back with "computername is empty". I tried troubleshooting and it doesn't seem like the $comp variable gets populated?

    I tried the 2nd script and I'm getting an access error, so I'm troubleshooting that now on the systems I'm trying to query.

  • #21535
    Profile photo of Jake Sully
    Jake Sully
    Participant

    Hi, I'm stuck on getting either of these scripts to work. The 1st script throws an error that $comp is null, and I've tried a bunch of things but can't get it to work.

    The 2nd script I get some WINRM errors, but then on the systems that do respond I get an error that the computer variable is empty as well.

    If anyone has a minute to help it's much appreciated! Thank you all again, at least I'm learning some things, but I just can't get this going.

    I somehow managed to get the 1st script working but it wasn't reading the file, it would return the results for the same computer name repeatedly 🙂

    Then I lost my changes... 🙁

    Thanks!
    Jake

You must be logged in to reply to this topic.