Page 4 of 4 <1234
Topic Options
#90355 - 2006-08-08 08:56 AM Re: beta - KiXforms: ProcessMon
Arend_ Moderator Offline
MM club member
*****

Registered: 2005-01-17
Posts: 1894
Loc: Hilversum, The Netherlands
As of today I second that suggestion
I couln't find a way to get the owner of a process either

Top
#90356 - 2006-08-08 09:16 PM Re: beta - KiXforms: ProcessMon
krabourn Offline
Hey THIS is FUN
*****

Registered: 2000-12-11
Posts: 244
Loc: San Antonio, Texas, USA
Here you go.

Code:
$strComputer = "."
$processes = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" + $strComputer + "\root\cimv2").ExecQuery("Select * from Win32_Process")
FOR EACH $process IN $processes
$RT = $process.Methods_.Item("GetOwner")

$oOutParam = $process.ExecMethod_("GetOwner")
$ProcessDomain = $oOutParam.Domain
$ProcessUser = $oOutParam.User

? $process.Name + "--" + $ProcessDomain + "--" + $ProcessUser
NEXT

_________________________
Kelly

Top
#90357 - 2006-08-08 09:21 PM Re: beta - KiXforms: ProcessMon
krabourn Offline
Hey THIS is FUN
*****

Registered: 2000-12-11
Posts: 244
Loc: San Antonio, Texas, USA
Posted to fast. Here is another way. Code:
$strComputer = "."
$processes = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" + $strComputer + "\root\cimv2").ExecQuery("Select * from Win32_Process")
FOR EACH $process IN $processes

$ProcessDomain = $process.ExecMethod_("GetOwner").Domain
$ProcessUser = $process.ExecMethod_("GetOwner").User

? $process.Name + "--" + $ProcessDomain + "--" + $ProcessUser
NEXT

_________________________
Kelly

Top
#90358 - 2006-08-09 05:11 AM Re: beta - KiXforms: ProcessMon
Chris S. Offline
MM club member
*****

Registered: 2002-03-18
Posts: 2368
Loc: Earth
Nice one, Kelly (and on-topic to boot).
Top
#90359 - 2006-08-09 03:54 PM Re: beta - KiXforms: ProcessMon
krabourn Offline
Hey THIS is FUN
*****

Registered: 2000-12-11
Posts: 244
Loc: San Antonio, Texas, USA
Now here is my off topic post...

I learned more than I ever wanted to know about interacting with WMI thru kix thanks to SMS.

Oh! And I also would love to see byref.
_________________________
Kelly

Top
#90360 - 2006-08-10 09:10 AM Re: beta - KiXforms: ProcessMon
Arend_ Moderator Offline
MM club member
*****

Registered: 2005-01-17
Posts: 1894
Loc: Hilversum, The Netherlands
Wow very nice find man
Never thought of ExecMethod... never knew it existed.

Top
#174530 - 2007-03-06 07:00 PM Re: beta - KiXforms: ProcessMon [Re: Arend_]
therob Offline
Starting to like KiXtart

Registered: 2005-05-19
Posts: 150
Loc: Frankfurt/M., Germany
very nice script and thanks for pointing me here.

Edited by therob (2007-03-06 09:23 PM)
Edit Reason: my fault :)
_________________________
Eternity is a long time, especially towards the end. - W.Allan

Top
#194053 - 2009-05-29 05:13 PM Re: beta - KiXforms: ProcessMon [Re: therob]
Radimus Moderator Offline
Moderator
*****

Registered: 2000-01-06
Posts: 5187
Loc: Tampa, FL
Hey all... Long time no post ;\)

This thread came in very handy for a project of mine at work. Basically, the next step in monitoring app licenses, is to track app usage...

 Code:
$FilterList = '\windows\','iexplore.exe'

$objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
$colMonitored  = $objWMIService.ExecNotificationQuery("select * from __instancecreationevent within 1 where TargetInstance isa 'Win32_Process'")

While 1
	$NextProcess = $colMonitored.NextEvent
	$Filtered = 0
	$Name = $NextProcess.TargetInstance.Name
	$Path = $NextProcess.TargetInstance.executablepath
	$User = $NextProcess.TargetInstance.ExecMethod_("GetOwner").User

	If not $user = 'SYSTEM' and not instr($user,'SERVICE')
		For each $Filter in $filterList
			if instr($Path,$filter)
				$Filtered = 1
			EndIf
		Next
		If not $Filtered
			$OldDate1 = ReadProfileString('%windir%\ProcList.ini',$Path,'Date')
			if not @oldDate1 = @date	; Only log once per day and keep the last 3 usages
				$oldTime1 = ReadProfileString('%windir%\ProcList.ini',$Path,'Time')
				$oldDate2 = ReadProfileString('%windir%\ProcList.ini',$Path,'oldDate1')
				$oldTime2 = ReadProfileString('%windir%\ProcList.ini',$Path,'oldTime1')

				$nul = WriteProfileString('%windir%\ProcList.ini',$Path,'Name',$Name)
				$nul = WriteProfileString('%windir%\ProcList.ini',$Path,'User',$User)
				$nul = WriteProfileString('%windir%\ProcList.ini',$Path,'Date',@date)
				$nul = WriteProfileString('%windir%\ProcList.ini',$Path,'Time',@time)
				$nul = WriteProfileString('%windir%\ProcList.ini',$Path,'oldDate1',$OldDate1)
				$nul = WriteProfileString('%windir%\ProcList.ini',$Path,'oldTime1',$oldTime1)
				$nul = WriteProfileString('%windir%\ProcList.ini',$Path,'oldDate2',$OldDate2)
				$nul = WriteProfileString('%windir%\ProcList.ini',$Path,'oldTime2',$oldTime2)
			endif
		EndIf
	EndIf
Loop
_________________________
How to ask questions the smart way <-----------> Before you ask

Top
#194057 - 2009-05-29 08:09 PM Re: beta - KiXforms: ProcessMon [Re: Radimus]
Benny69 Offline
Moderator
*****

Registered: 2003-10-29
Posts: 1036
Loc: Lincoln, Ne
Rad, I luv your signature lol
_________________________
Wait don't order yet,... get KiXforms Designer .NET 2.0 (Beta)
KiXforms Designer .NET 2.0 (Beta)

Top
Page 4 of 4 <1234


Moderator:  Shawn, ShaneEP, Ruud van Velsen, Arend_, Jochen, Radimus, Glenn Barnas, Allen, Mart 
Hop to:
Shout Box

Who's Online
1 registered (Allen) and 382 anonymous users online.
Newest Members
gespanntleuchten, DaveatAdvanced, Paulo_Alves, UsTaaa, xxJJxx
17864 Registered Users

Generated in 0.063 seconds in which 0.026 seconds were spent on a total of 15 queries. Zlib compression enabled.

Search the board with:
superb Board Search
or try with google:
Google
Web kixtart.org