PowerShell 技能连载 - 进程和服务管理技巧

在 PowerShell 中管理进程和服务是系统管理的重要任务。本文将介绍一些实用的进程和服务管理技巧。

首先，让我们看看进程管理的基本操作：

# 获取进程信息
$processes = Get-Process | Where-Object { $_.CPU -gt 0 } | 
    Sort-Object CPU -Descending | 
    Select-Object -First 10

Write-Host "`nCPU 使用率最高的进程："
$processes | Format-Table Name, CPU, WorkingSet, Id -AutoSize

进程资源监控：

# 创建进程监控函数
function Monitor-Process {
    param(
        [string]$ProcessName,
        [int]$Duration = 60,
        [int]$Interval = 1
    )
    
    $endTime = (Get-Date).AddSeconds($Duration)
    Write-Host "开始监控进程：$ProcessName"
    Write-Host "监控时长：$Duration 秒"
    Write-Host "采样间隔：$Interval 秒"
    
    while ((Get-Date) -lt $endTime) {
        $process = Get-Process -Name $ProcessName -ErrorAction SilentlyContinue
        if ($process) {
            Write-Host "`n时间：$(Get-Date -Format 'HH:mm:ss')"
            Write-Host "CPU使用率：$($process.CPU)%"
            Write-Host "内存使用：$([math]::Round($process.WorkingSet64/1MB, 2)) MB"
            Write-Host "线程数：$($process.Threads.Count)"
            Write-Host "句柄数：$($process.HandleCount)"
        }
        else {
            Write-Host "`n进程 $ProcessName 未运行"
        }
        Start-Sleep -Seconds $Interval
    }
}

服务管理：

# 服务状态管理
$services = @(
    "wuauserv",  # Windows Update
    "bits",      # Background Intelligent Transfer Service
    "spooler"    # Print Spooler
)

foreach ($service in $services) {
    $svc = Get-Service -Name $service -ErrorAction SilentlyContinue
    if ($svc) {
        Write-Host "`n服务名称：$($svc.DisplayName)"
        Write-Host "当前状态：$($svc.Status)"
        Write-Host "启动类型：$($svc.StartType)"
        
        # 如果服务未运行，尝试启动
        if ($svc.Status -ne "Running") {
            try {
                Start-Service -Name $service
                Write-Host "已启动服务"
            }
            catch {
                Write-Host "启动失败：$_"
            }
        }
    }
    else {
        Write-Host "`n服务 $service 不存在"
    }
}

进程和服务的高级管理：

# 创建进程和服务管理函数
function Manage-ProcessAndService {
    param(
        [string]$Name,
        [ValidateSet("Process", "Service")]
        [string]$Type,
        [ValidateSet("Start", "Stop", "Restart")]
        [string]$Action
    )
    
    try {
        switch ($Type) {
            "Process" {
                $item = Get-Process -Name $Name -ErrorAction Stop
                switch ($Action) {
                    "Stop" {
                        Stop-Process -Name $Name -Force
                        Write-Host "已停止进程：$Name"
                    }
                    "Start" {
                        Start-Process -Name $Name
                        Write-Host "已启动进程：$Name"
                    }
                    "Restart" {
                        Stop-Process -Name $Name -Force
                        Start-Sleep -Seconds 2
                        Start-Process -Name $Name
                        Write-Host "已重启进程：$Name"
                    }
                }
            }
            "Service" {
                $item = Get-Service -Name $Name -ErrorAction Stop
                switch ($Action) {
                    "Stop" {
                        Stop-Service -Name $Name -Force
                        Write-Host "已停止服务：$Name"
                    }
                    "Start" {
                        Start-Service -Name $Name
                        Write-Host "已启动服务：$Name"
                    }
                    "Restart" {
                        Restart-Service -Name $Name -Force
                        Write-Host "已重启服务：$Name"
                    }
                }
            }
        }
    }
    catch {
        Write-Host "操作失败：$_"
    }
}

一些实用的进程和服务管理技巧：

1. 进程树分析：

   # 获取进程树
   function Get-ProcessTree {
       param(
           [string]$ProcessName
       )
       
       $process = Get-Process -Name $ProcessName -ErrorAction SilentlyContinue
       if ($process) {
           Write-Host "`n进程树：$ProcessName"
           Write-Host "PID: $($process.Id)"
           Write-Host "父进程：$($process.Parent.ProcessName)"
           
           $children = Get-Process | Where-Object { $_.Parent.Id -eq $process.Id }
           if ($children) {
               Write-Host "`n子进程："
               $children | ForEach-Object {
                   Write-Host "- $($_.ProcessName) (PID: $($_.Id))"
               }
           }
       }
   }

2. 服务依赖分析：

   # 分析服务依赖
   function Get-ServiceDependencies {
       param(
           [string]$ServiceName
       )
       
       $service = Get-Service -Name $ServiceName -ErrorAction SilentlyContinue
       if ($service) {
           Write-Host "`n服务：$($service.DisplayName)"
           Write-Host "状态：$($service.Status)"
           
           $deps = Get-Service -Name $ServiceName | Select-Object -ExpandProperty DependentServices
           if ($deps) {
               Write-Host "`n依赖此服务的其他服务："
               $deps | ForEach-Object {
                   Write-Host "- $($_.DisplayName) (状态: $($_.Status))"
               }
           }
       }
   }

3. 进程资源限制：

   # 限制进程资源使用
   function Limit-ProcessResources {
       param(
           [string]$ProcessName,
           [int]$MaxMemoryMB
       )
       
       $process = Get-Process -Name $ProcessName -ErrorAction SilentlyContinue
       if ($process) {
           $maxBytes = $MaxMemoryMB * 1MB
           $job = Start-Job -ScriptBlock {
               param($pid, $maxMem)
               $process = Get-Process -Id $pid
               while ($true) {
                   if ($process.WorkingSet64 -gt $maxMem) {
                       Stop-Process -Id $pid -Force
                       break
                   }
                   Start-Sleep -Seconds 1
               }
           } -ArgumentList $process.Id, $maxBytes
           
           Write-Host "已启动资源监控任务"
           Write-Host "进程：$ProcessName"
           Write-Host "内存限制：$MaxMemoryMB MB"
       }
   }

这些技巧将帮助您更有效地管理进程和服务。记住，在管理进程和服务时，始终要注意系统稳定性和安全性。同时，建议在执行重要操作前先进行备份或创建还原点。