Reputation: 322
Command Line output still remains as null using WMIC, but displays in taskmgr gui (Windows)
the below shows display in the GUI of frmweb.exe process ( attached image/png )
where command line arguments are visible.
when the same is tried to be captured via command line it throws null. steps below is pasted as text. Need help with this, thanks
wmic path win32_process get name, commandline /format:"%WINDI%\System32\wbem\csv" | find "frmweb.exe" > commandline.txt
notepad commandline.txt
vbox_host,,frmweb.exe
vbox_host
vbox_host,,frmweb.exe
vbox_host
vbox_host,,frmweb.exe
vbox_host
vbox_host,,frmweb.exe
vbox_host
vbox_host,,frmweb.exe
vbox_host
vbox_host,,frmweb.exe
vbox_host
vbox_host,,frmweb.exe
vbox_host
vbox_host,,frmweb.exe
vbox_host
vbox_host,,frmweb.exe
vbox_host
vbox_host,find "frmweb.exe" ,find.exe
Here is a screenshot:
Upvotes: 3
Views: 1455
Answers (3)
Reputation: 3473
I had this issue and solved it by running the command prompt as Administrator. Then WMIC was able to show the CommandLine successfully just like the Task Manager GUI.
Upvotes: 0
Reputation: 38604
Just to ensure that you have actually tried to use a correct command, this is how I would probably perform the task using WMIC:
WMIC Process Where "Name='frmweb.exe'" Get CommandLine,Name /Format:"C:\Windows\System32\wbem\en-US\csv.xsl">"CommandLines.csv"
Because you've copied your csv.xsl file to C:\Windows\System32\wbem:
WMIC Process Where "Name='frmweb.exe'" Get CommandLine,Name /Format:csv >commandline.txt
If you're specifically wishing to exclude the header then:
WMIC Process Where "Name='frmweb.exe'" Get CommandLine,Name /Format:csv|Find ".">commandline.txt
I have a feeling that the comma in your CommandLine is causing the issue.
It may help if you change the way the results are transformed into output, so here's a suggestion.
Open the csv.xsl you've copied to %SystemRoot%\System32\wbem in a text editor and change the line:
<xsl:template match="VALUE" xml:space="preserve"><xsl:value-of select="."/></xsl:template>
To:
<xsl:template match="VALUE" xml:space="preserve">"<xsl:value-of select="."/>"</xsl:template>
The idea being that you're asking it to doublequote each value field of the csv output.
To ensure that the output is not actually null, you could test the command from PowerShell instead:
GWMI Win32_Process -F "Name='frmweb.exe'"|Select Name,CommandLine|Export-CSV -U -NoT .\commandline.txt
Upvotes: 1
Reputation: 18827
To catch the commandline of your process frmweb.exe with a batch file :
@echo off
Set "Process=frmweb.exe"
wmic path win32_process Get Name,Commandline /format:csv | find /I "%Process%" | findstr /i /v "find" >CommandLine.txt
Start "" CommandLine.txt
Upvotes: 0
Related Questions
- WMIC.bat file will not export/output properly
- wmic output to file without addtional line issue
- Why double results when call echo to output to file?
- Batch file, trying to terminate a process with WMIC, and it works in CMD prompt, but not in batch file
- cmd: save wmic output to variable
- wmic output difference in cmd and batch ..why?
- Start a program with WMIC and get its output
- different behaviors of WMIC in command line and windows explorer
- I'm having an issue with appending the output of wmic to a text file
- WMI query runs fine when typed, but fails when scripted