How to query the task manager

I know the tasklist command in Windows will give a list of task names and their PID. There is another command WMIC path win32_process get Commandline which does give more detailed information, but its output is much messier and sometimes unpredictable (so its very hard to write a pattern/regex against it, especially with findstr in MSDOS!)

So, I am wondering in Windows, is there a way to query the task manager directly to find an image name and the command line part of it? I figure if the task manager itself can find this information, there must be a way.

I'd greatly prefer this to be done in a Batch script, but if using something more sophisticated (such as using .NET or VB) is needed, an example would be great!

I cannot find the command line in the output of Get-Process. Can you please elaborate?

Looks like Get-Process doesn't provide that information; you'll have to go with WMI as per the other answer.

Nice! That does get the information I need, only I notice lines get cut off if they are too long. I'd actually rather the lines do get printed out (no wrapping either) since I just pipe the output anyway. For example: "C:\Program Files\Internet Explorer\iexplore.exe" C:\6dof\NXT49L02\NXT49L02 ... Instead of the ... at the end, I'd rather it just spit the whole thing out

Add | FL at the end of the command to format the output as a list. That fully expands all command lines for me, though unless your terminal is like 1000 characters wide, you will get some word wrap.

Also keep in mind that you may need to run this command as administrator to get this data from processes running at a higher privilege level than you (such as services, etc.)

I noticed this powershell querey feels a bit like a SQL query. Is there a way to say powershell "gwmi Win32_Process | Select Name, ProcessId, CommandLine | WHERE Name = XYZ"? Edit I think I got it. | WHERE {$_.name -Match 'mongod.exe'}

"Get-Process explorer | Get-Member" will enumerate the properties available. Nothing seems to list the CommandLine value you get from WMI.

@E.S. Yes there is. gwmi -Query "SELECT * FROM Win32_Process WHERE ProcessID = 888" The language is called WQL - WMI Query Language. :)

@E.S. You could also do gwmi Win32_Process | Where { $_.ProcessName -EQ 'chrome.exe' } ... The difference is that in the first example, WMI does the filtering before returning the result to Powershell. In the second example, WMI returns all the results, and then Powershell does the filtering.