0

最近我发现可以WmiObject像这样发出 sql 查询:

Get-WmiObject -Query "SELECT * FROM Win32_Process WHERE Name='java.exe'"

我想进一步限制包含CommandLine参数的输出,例如:

Get-WmiObject -Query "SELECT * FROM Win32_Process WHERE Name='java.exe' AND CommandLine like '%glassfish%'"

或者

Get-WmiObject -Query "SELECT * FROM Win32_Process WHERE Name='java.exe' AND CommandLine like '*glassfish*'"

但是,这不会返回任何答案。我如何在那里制定近似匹配查询?我当然可以

Get-WmiObject -Query "SELECT * FROM Win32_Process WHERE Name='java.exe'" | Where-Object { $_.CommandLine -match "glassfish" }

但这看起来并不优雅。

编辑:我的进程中有一条 glassfish 正在运行(如果我删除“CommandLine like ...”: 在此处输入图像描述

4

1 回答 1

2

这个:

Get-WmiObject -Query "SELECT * FROM Win32_Process WHERE Name='java.exe' AND CommandLine like '%glassfish%'"

... 使用正确的语法,WQL 中的通配符确实是%.

如果要将变量子字符串传递给查询,请确保使用另一个反斜杠转义引号和反斜杠:

# define substring to looks for
$cmdLineSubstring = 'glassfish'

# escape quotes and backslashes
$cmdLineSubstring = $cmdLineSubstring -replace '[\\\p{Pi}\p{Pf}''"]','\$0'

$query = "SELECT * FROM Win32_Process WHERE Name = 'java.exe' AND CommandLine LIKE '%${cmdLineSubstring}%'"
于 2021-10-04T16:10:35.087 回答