header

Software Development
Services

We offer offshore software development, e business consulting and web design services. We specialize in PHP/Perl Development as well as LAMP technologies...

Read More...
customisation

Creative Arts

Bring life to your imagination and dreams. Our innovative creative arts team transforms your ideas and visions to inspirational and unique Graphics design. We focus on HTML and full Flash/Flex based site design. We follow international standards in design and coding, to ensure multi browser compatibility.

Read More...

Moneyback Guarentee

Moneyback Guarantee on all support plans incase you're not satisfied with our service.

Read More...

Affiliate Programme

Start making money from advertising. Partner with us and earn upto 20% in every recurring payment made by your referral. Partner with us to make your every dream a reality...

Read More...

Process Management Using WMI

In a scenario where we have routers servers and other network related equipment of different makes from various vendors on a large network. Using CIM the administrators task becomes very easy. The administrator can list the complete information on each of the devices and equipments in the network including serial number, model number, the storage capacity, the location of the equipment in the network and the relationship to the application that runs in the network.

Common Information Model(CI) is an industry standard by the Distributed Management Task Force (DMTF), for describing and accessing data from different platform and network , which ensures interoperability across a network.

Windows Management Instrumentation (WMI ) is an Application Interface(API) for the Windows between Operating System and its devices, so that the devices can be easily managed and controlled. It enables the developers to query and program information on workstations, applications and networks.Information that is already in the WMI or CIM databases is accessible as read only.

Each process in Windows is represented by Win32_Process class. The typical structure of a Win32_Process class is defined below.

class Win32_Process : CIM_Process
{
string Caption;
string CommandLine;
string CreationClassName;
datetime CreationDate;
string CSCreationClassName;
string CSName;
string Description;
string ExecutablePath;
uint16 ExecutionState;
string Handle;
uint32 HandleCount;
datetime InstallDate;
uint64 KernelModeTime;
uint32 MaximumWorkingSetSize;
uint32 MinimumWorkingSetSize;
string Name;
string OSCreationClassName;
string OSName;
uint64 OtherOperationCount;
uint64 OtherTransferCount;
uint32 PageFaults;
uint32 PageFileUsage;
uint32 ParentProcessId;
uint32 PeakPageFileUsage;
uint64 PeakVirtualSize;
uint32 PeakWorkingSetSize;
uint32 Priority;
uint64 PrivatePageCount;
uint32 ProcessId;
uint32 QuotaNonPagedPoolUsage;
uint32 QuotaPagedPoolUsage;
uint32 QuotaPeakNonPagedPoolUsage;
uint32 QuotaPeakPagedPoolUsage;
uint64 ReadOperationCount;
uint64 ReadTransferCount;
uint32 SessionId;
string Status;
datetime TerminationDate;
uint32 ThreadCount;
uint64 UserModeTime;
uint64 VirtualSize;
string WindowsVersion;
uint64 WorkingSetSize;
uint64 WriteOperationCount;
uint64 WriteTransferCount;
}

Methods

The Win32_Process class defines the following methods.

AttachDebugger - Launches the currently registered debugger for a process.

Create - Creates a new process.

GetOwner - Retrieves the user name and domain name under which the process is running.

GetOwnerSid - Retrieves the security identifier (SID) for the owner of a process.

SetPriority - Changes the execution priority of a process.

Terminate - Terminates a process and all of its threads

Properties

The properties described in the WMI_process class is defined below

Caption
Data type: string
Access type: Read-only

It is a short description of an object.

CommandLine
Data type: string
Access type: Read-only

Command line used to start a specific process, if applicable.

CreationClassName
Data type: string
Access type: Read-only
Qualifiers: Key, MaxLen(256)

Name of the first concrete class in the inheritance chain that is used to create an instance. You can use this property with other key properties of the class to uniquely identify all of the instances of the class and its subclasses. This property is inherited from CIM_System.

CreationDate
Data type: datetime
Access type: Read-only

Date the process begins executing.

CSCreationClassName
Data type: string
Access type: Read-only

Creation class name of the scoping computer system.

CSName
Data type: string
Access type: Read-only

Name of the scoping computer system.

Description
Data type: string
Access type: Read-only

Description of an object.

ExecutablePath
Data type: string
Access type: Read-only
Qualifiers: Privileges(SeDebugPrivilege)

Path to the executable file of the process.

ExecutionState
Data type: uint16
Access type: Read-only

This property is not implemented and does not get populated for any
instance of this class. This property is always NULL.

Handle
Data type: string
Access type: Read-only
Qualifiers: Key

Process identifier.

HandleCount
Data type: uint32
Access type: Read-only

Total number of open handles owned by the process. HandleCount is the sum of the handles currently open by each thread in this process. A handle is used to examine or modify the system resources. Each handle has an entry in a table that is maintained internally. Entries contain the addresses of the resources and data to identify the resource type.

InstallDate
Data type: datetime
Access type: Read-only

Date an object is installed. The object may be installed without a value
being written to this property.

KernelModeTime
Data type: uint64
Access type: Read-only

Time in kernel mode, in 100 nanosecond units. If this information is not
available, use a value of 0 (zero).

MaximumWorkingSetSize
Data type: uint32
Access type: Read-only
Qualifiers: Privileges(SeDebugPrivilege), Units(Kilobytes)

Maximum working set size of the process. The working set of a process is
the set of memory pages visible to the process in physical RAM.

Example: 64120

MinimumWorkingSetSize
Data type: uint32
Access type: Read-only
Qualifiers: Privileges(SeDebugPrivilege), Units(Kilobytes)

Minimum working set size of the process. The working set of a process is the set of memory pages visible to the process in physical RAM. These pages are resident and available for an application to use without triggering a page fault.

Example: 1020

Name
Data type: string
Access type: Read-only

Label for an object. When inherited by a subclass, the property can be
overridden to be a key property.

OSCreationClassName
Data type: string
Access type: Read-only

Creation class name of the scoping operating system.

OSName
Data type: string
Access type: Read-only

Name of the Operating system.

OtherOperationCount
Data type: uint64
Access type: Read-only

Number of I/O operations performed that are not read or write operations.

OtherTransferCount
Data type: uint64
Access type: Read-only
Qualifiers: Units(Bytes)

Amount of data transferred during operations that are not read or write
operations.

PageFaults
Data type: uint32
Access type: Read-only

Number of page faults that a process generates.

Example: 8

PageFileUsage
Data type: uint32
Access type: Read-only
Qualifiers: Units(Kilobytes)

Amount of page file space that a process is using currently. This value is consistent with the VMSize value in TaskMgr.exe.

Example: 1035

ParentProcessId
Data type: uint32
Access type: Read-only

It is the ID of the parent process.

PeakPageFileUsage
Data type: uint32
Access type: Read-only
Qualifiers: Units(Kilobytes)

Maximum amount of page file space used during the life of a process.

Example: 10000

PeakVirtualSize
Data type: uint64
Access type: Read-only
Qualifiers: Units(Bytes)

Maximum virtual address space a process uses at any one time. Using virtual address space does not necessarily imply corresponding use of either disk or main memory pages. However, virtual space is finite, and by using too much the process might not be able to load libraries.

PeakWorkingSetSize
Data type: uint32
Access type: Read-only
Qualifiers: Units(Kilobytes)

Peak working set size of a process.

Example: 1413320

Priority
Data type: uint32
Access type: Read-only

Scheduling priority of a process within an operating system. The higher the value, the higher priority a process receives. Priority values can range from 0 (zero), which is the lowest priority to 31, which is highest priority.

Example: 5

PrivatePageCount
Data type: uint64
Access type: Read-only

Current number of pages allocated that are only accessible to the process represented by this Win32_Process instance.

ProcessId
Data type: uint32
Access type: Read-only

Global process identifier that is used to identify a process. The value is valid from the time a process is created until it is terminated.

QuotaNonPagedPoolUsage
Data type: uint32
Access type: Read-only

It is the quota amount of nonpaged pool usage for a process.

Example: 15

QuotaPagedPoolUsage
Data type: uint32
Access type: Read-only

It is the quota amount of paged pool usage for a process.

Example: 20

QuotaPeakNonPagedPoolUsage
Data type: uint32
Access type: Read-only

It is the Peak quota amount of nonpaged pool usage for a process.

Example: 28

QuotaPeakPagedPoolUsage
Data type: uint32
Access type: Read-only

Peak quota amount of paged pool usage for a process.

Example: 28

ReadOperationCount
Data type: uint64
Access type: Read-only

Number of read operations performed.

ReadTransferCount
Data type: uint64
Access type: Read-only
Qualifiers: Units(Bytes)

Amount of data read.

SessionId
Data type: uint32
Access type: Read-only

Unique identifier that an operating system generates when a session is created. A session spans a period of time from logon until logoff from a
specific system.

Status
Data type: string
Access type: Read-only

This property is not implemented and does not get populated for any instance of this class. It is always NULL.

TerminationDate
Data type: datetime
Access type: Read-only

Process was stopped or terminated. To get the termination time, a handle to the process must be held open. Otherwise, this property returns NULL.

ThreadCount
Data type: uint32
Access type: Read-only

Number of active threads in a process. An instruction is the basic unit of execution in a processor, and a thread is the object that executes an instruction. Each running process has at least one thread.

Windows Me/98/95: This property is not available.

UserModeTime
Data type: uint64
Access type: Read-only

Time in user mode, in 100 nanosecond units. If this information is not available, use a value of 0 (zero).

VirtualSize
Data type: uint64
Access type: Read-only
Qualifiers: Units(Bytes)

Current size of the virtual address space that a process is using, not the physical or virtual memory actually used by the process. Using virtual address space does not necessarily imply corresponding use of either disk or main memory pages. Virtual space is finite, and by using too much, the process might not be able to load libraries. This value is consistent with what you see in Perfmon.exe.

WindowsVersion
Data type: string
Access type: Read-only

Version of Windows in which the process is running.

WorkingSetSize
Data type: uint64
Access type: Read-only

Amount of memory in bytes that a process needs to execute efficiently—for an operating system that uses page-based memory management. If the system does not have enough memory (less than the working set size), thrashing occurs. If the size of the working set is not known, use NULL or 0 (zero). If working set data is provided, you can monitor the information to understand the changing memory
requirements of a process.

WriteOperationCount
Data type: uint64
Access type: Read-only

Number of write operations performed.

WriteTransferCount
Data type: uint64
Access type: Read-only
Qualifiers: Units(Bytes)

Amount of data written.

These data are accessed using Objected oriented languages like perl, C++ or VBscript. There is a query language implemented known as WMI query language for accessing these WMI class variables as if we use in a mysql
query.

For example to get the process information of a Windows machine use the following code

use Win32::Process::Info
$pi = Win32::Process::Info->new (undef, 'WMI');
$pi->Set (elapsed_as_seconds => 0); # In clunks, not seconds.
@pids = $pi->ListPids (); # Get all known PIDs
@info = $pi->GetProcInfo (); # Get the max

The program will list all the processes running on a Windows machine with all the details of each process.