Login
    Contents x
    Windows PowerShell Commands
    • 13 Nov 2023
    • 2 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Windows PowerShell Commands

    • Updated on 13 Nov 2023
    • 2 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article summary

    If you are experiencing antivirus notifications about Netreo when monitoring Windows-based devices, please welcome list the following PowerShell commands.

    (See also WMI Class Reference for additional information about WMI classes used by Netreo.)

    DHCP Server

    See DHCP Server (Device Subtype)

    • gwmi -Namespace "" -Query "SELECT Name, DiscoversPersec, OffersPersec, RequestsPersec, InformsPersec, AcksPersec, NacksPersec, ReleasesPersec, Timestamp_Sys100NS, Frequency_Sys100NS FROM Win32_PerfRawData_DHCPServer_DHCPServer" | Select *

    Hyper-V Host

    Hyper-V Host (Device Type)

    • gwmi -Namespace "" -Query "SELECT Name, PercentTotalRunTime, PercentTotalRunTime_Base, Frequency_Sys100NS, Timestamp_Sys100NS FROM Win32_PerfRawData_HvStats_HyperVHypervisorVirtualProcessor" | Select *
    • gwmi -Namespace "" -Query "SELECT Name, PercentTotalRunTime, PercentTotalRunTime_Base, Frequency_Sys100NS, Timestamp_Sys100NS FROM Win32_PerfRawData_HvStats_HyperVHypervisorLogicalProcessor" | Select *
    • gwmi -Namespace "" -Query "SELECT Name, AvailableBytes, Timestamp_Sys100NS FROM Win32_PerfRawData_PerfOS_Memory" | Select *
    • gwmi -Namespace "" -Query "SELECT Name, CurrentBandwidth, BytesReceivedPersec, BytesSentPersec, PacketsOutboundErrors, PacketsOutboundDiscarded, PacketsReceivedErrors, PacketsReceivedDiscarded, Timestamp_Sys100NS, Frequency_Sys100NS FROM Win32_PerfRawData_Tcpip_NetworkInterface" | Select *
    • gwmi -Namespace "" -Query "SELECT DeviceID, DriveType, FreeSpace, Size FROM Win32_LogicalDisk" | Select *
    • gwmi -Namespace "" -Query "SELECT Name, DiskReadBytesPersec, DiskWriteBytesPersec, Timestamp_Sys100NS, Timestamp_PerfTime, Frequency_PerfTime, Frequency_Sys100NS FROM Win32_PerfRawData_PerfDisk_LogicalDisk" | Select *

    Microsoft IIS Server

    See Microsoft IIS Server (Device Subtype)

    • gwmi -Namespace "" -Query "SELECT Name, AvailableBytes, CommittedBytes, PagesPersec, PoolNonpagedBytes, Timestamp_Sys100NS, Timestamp_PerfTime, Frequency_PerfTime, Frequency_Sys100NS FROM Win32_PerfRawData_PerfOS_Memory" | Select *
    • gwmi -Namespace "" -Query "SELECT Name, RequestWaitTime, RequestsQueued FROM Win32_PerfRawData_ASPNET_ASPNET" | Select *
    • gwmi -Namespace "" -Query "SELECT Name, BytesReceivedPersec, BytesSentPersec, BytesTotalPersec, ConnectionAttemptsPersec, ConnectionAttemptsPersec, Timestamp_Sys100NS, Timestamp_PerfTime, Frequency_PerfTime, Frequency_Sys100NS FROM Win32_PerfRawData_W3SVC_WebService" | Select *

    Windows Mounted Volume

    See Windows Mounted Volume (Device Subtype)

    • gwmi -Namespace "" -Query "SELECT Capacity, FreeSpace FROM Win32_Volume" | Select *

    Windows Server

    See Windows Server - Detailed (Device Type) and Windows Server - Standard (Device Type)

    • gwmi -Namespace "" -Query "SELECT Name, LastBootUpTime FROM Win32_OperatingSystem" | Select *
    • gwmi -Namespace "" -Query "SELECT DeviceID, DriveType, FreeSpace, Size FROM Win32_LogicalDisk" | Select *
    • gwmi -Namespace "" -Query "SELECT Name, DiskReadBytesPersec, DiskWriteBytesPersec, Timestamp_Sys100NS, Timestamp_PerfTime, Frequency_PerfTime, Frequency_Sys100NS FROM Win32_PerfRawData_PerfDisk_PhysicalDisk" | Select *
    • gwmi -Namespace "" -Query "SELECT Name, AvgDiskReadQueueLength, AvgDiskWriteQueueLength, DiskReadsPersec, DiskWritesPersec, Timestamp_Sys100NS, Timestamp_PerfTime, Frequency_PerfTime, Frequency_Sys100NS  FROM Win32_PerfRawData_PerfDisk_LogicalDisk" | Select *
    • gwmi -Namespace "" -Query "SELECT Name, AvailableBytes, PageFaultsPersec, Timestamp_Sys100NS, Timestamp_PerfTime, Frequency_PerfTime, Frequency_Sys100NS FROM Win32_PerfRawData_PerfOS_Memory" | Select *
    • gwmi -Namespace "" -Query "SELECT Name, PercentProcessorTime, Timestamp_Sys100NS FROM Win32_PerfRawData_PerfOS_Processor" | Select *
    • gwmi -Namespace "" -Query "SELECT Name, WorkingSet, PercentProcessorTime, Timestamp_Sys100NS FROM Win32_PerfRawData_PerfProc_Process" | Select *
    • gwmi -Namespace "" -Query "SELECT Name, ContextSwitchesPersec, Timestamp_Sys100NS, Frequency_Sys100NS FROM Win32_PerfRawData_PerfOS_System" | Select *
    • gwmi -Namespace "" -Query "SELECT Name, CurrentBandwidth, BytesReceivedPersec, BytesSentPersec, PacketsOutboundErrors, PacketsOutboundDiscarded, PacketsReceivedErrors, PacketsReceivedDiscarded, Timestamp_Sys100NS, Frequency_Sys100NS FROM Win32_PerfRawData_Tcpip_NetworkInterface" | Select *
    • gwmi -Namespace "" -Query "SELECT Name, CurrentUsage FROM Win32_PageFileUsage" | Select *
    • gwmi -Namespace "" -Query "SELECT Name, NumberOfProcessors, NumberOfLogicalProcessors, TotalPhysicalMemory FROM Win32_ComputerSystem" | Select *
    • gwmi -Namespace "" -Query "SELECT SELECT Name, NumberOfProcessors, TotalPhysicalMemory FROM Win32_ComputerSystem" | Select *
    Was this article helpful?
    What's Next
    PLATFORM
    WHY NETREO?
    SOLUTIONS BY INITIATIVE
    SOLUTIONS BY INDUSTRY
    SOLUTIONS BY JOB FUNCTION
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout