When debugging or monitoring Windows systems, developers often need to view the exact command line used to launch a process, including all arguments. While Task Manager shows this information in its "Command Line" column, automation scenarios require command-line alternatives.
The Windows Management Instrumentation Command-line (WMIC) provides the most straightforward method:
wmic process where "name='processname.exe'" get commandline
For example, to check Java processes:
wmic process where "name='java.exe'" get commandline
PowerShell offers more flexible options through Get-WmiObject or Get-CimInstance:
Get-WmiObject Win32_Process -Filter "name = 'notepad.exe'" | Select-Object CommandLine
Or using Get-Process:
Get-Process | Where-Object {$_.ProcessName -eq 'chrome'} | Select-Object -ExpandProperty Path
For elevated processes or system services, you might need to run these commands as Administrator. When dealing with multiple instances:
wmic process where "name='python.exe'" get processid,commandline
Here's how to extract JVM arguments from running Java processes:
wmic process where "name='java.exe'" get commandline | findstr /i "Xmx Xms"
This helps in:
- Verifying runtime parameters
- Debugging memory issues
- Auditing production configurations
While WMIC is convenient, frequent queries can impact system performance. For monitoring scenarios, consider:
- Caching results
- Running queries at intervals
- Using performance counters for basic monitoring
Be aware that command line arguments may contain sensitive information like passwords or API keys. Implement proper access controls when:
- Logging process information
- Sharing diagnostics output
- Automating process monitoring
When debugging or monitoring processes on Windows, you often need to see the complete command line that launched a process - including all arguments. While Task Manager shows this information in its "Command Line" column, you might need to access it programmatically or through command-line tools.
Here are the most effective ways to achieve this:
Using WMIC
wmic process where "name='java.exe'" get CommandLineExample output:
CommandLine
"C:\Program Files\Java\jdk1.8.0_201\bin\java.exe" -Xmx1024m -jar myapp.jarUsing PowerShell
More modern approach with Get-WmiObject or Get-CimInstance:
Get-WmiObject Win32_Process -Filter "name = 'python.exe'" | Select-Object CommandLineOr using Get-Process:
Get-Process | Where-Object {$_.ProcessName -eq "chrome"} | Select-Object -ExpandProperty CommandLineFor more advanced scenarios, consider these tools:
Process Explorer (Sysinternals)
procexp.exe /accepteula -a CommandLineHandle (Sysinternals)
handle.exe -p <PID> -aFinding all Java processes with their arguments:
wmic process where "name='java.exe'" get ProcessId,CommandLinePowerShell function to find process by name and show command line:
function Get-ProcessCommandLine {
param (
[string]$ProcessName
)
Get-CimInstance Win32_Process -Filter "name = '$ProcessName'" |
Select-Object ProcessId, CommandLine
}Note that WMI queries can be slow for systems with many processes. For frequent monitoring, consider:
- Caching results
- Filtering by specific process names/PIDs
- Using performance counters instead for basic monitoring
Be aware that:
- Some processes might hide their command lines
- Administrator privileges might be required
- Sensitive information (passwords) might be visible in command lines