• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1782
  • Last Modified:

Powershell script to kill a process

Hi,

We have a program that has an issue that causes it to use 98% of the CPU. The developer of this program has left and we are working with others to try and correct this, but until resolved, does anyone know of a powershell script that could be run that would detect the high cpu usage, determine the PID of the problem process and then kill it specifically.

Thanks
0
TyreeSupport
Asked:
TyreeSupport
  • 11
  • 9
  • 3
1 Solution
 
Meir RivkinFull stack Software EngineerCommented:
Is it enough to periodacly check this specific program cpu usage and if above xxx% then kill it.
0
 
TyreeSupportAuthor Commented:
Hi sedgwick,

Yes I was assuming that I would run the script via task scheduler every 15 min.
0
 
Meir RivkinFull stack Software EngineerCommented:
change firefox to the process name.
the script kills the process when cpu is over 90,u can change it in the script to whatever u fill like.
the script creates logfile and log details upon every run.

cls
$procname = 'firefox'
$cpu_usage=90
$logfile = 'c:\temp\1.log'
$proc = Get-Process $procname | select cpu,id
"{0} {1} cpu usage: {2}" -f (Get-Date), $procname, $proc.cpu | Out-File -Append $logfile 

if($proc.cpu -gt $cpu_usage){
"killing process" | Out-File -Append $logfile
kill $proc.id 
}

Open in new window


save the script as xxx.ps1 and run the following command to create task scheduler:
schtasks /create /tn "TaskName" /sc MINUTE /mo 15 /tr "powershell xxx.ps1" 

Open in new window

change TaskName and xxx.ps1 to the full path of the script.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
TyreeSupportAuthor Commented:
just wanted to check and make sure, we run a number of copies of that program on the server, so I think the problem with this script is that it will kill all of them, but we need it to only kill the specific PID of the process that is out of control.
0
 
Meir RivkinFull stack Software EngineerCommented:
Let me modify the script
0
 
QlemoDeveloperCommented:
Should be easy, we just need a loop:
cls
$procname = 'firefox'
$cpu_usage=90
$logfile = 'c:\temp\1.log'
Get-Process $procname | select cpu,id | % {
  "{0} {1} cpu usage: {2}" -f (Get-Date), $procname, $_.cpu | Out-File -Append $logfile 
  if($_.cpu -gt $cpu_usage)
  {
    "killing process" | Out-File -Append $logfile
     kill $_.id 
  }  
}

Open in new window

BTW, you can also create scripts triggered by Performance counters. That way no periodic check script is needed.
0
 
Meir RivkinFull stack Software EngineerCommented:
here the script:
cls
$procname = 'firefox'
$cpu_usage=90
$logfile = 'c:\temp\1.log'
Get-Process $procname | select cpu,id | where 
{$_.cpu -gt $cpu_usage} | % {
  "{0} {1} cpu usage: {2}" -f (Get-Date), $procname, $_.cpu | Out-File -Append $logfile 
("killing process {0}" -f $_.id) | Out-File -Append $logfile
     kill $_.id
}

Open in new window

0
 
TyreeSupportAuthor Commented:
Hi,

I tried the script when I had the issue and it appeared to recognise the application that was causing the issue, but it asked me (with Yes or No prompt in the shell) to kill all the running version of the app, even thought they were not using high CPU usage.

Any reason why? I am running Powershell 2.0 on Windows 2003.
0
 
Meir RivkinFull stack Software EngineerCommented:
i changed the script to suppress the confirmation.
cls
$procname = 'firefox'
$cpu_usage=90
$logfile = 'c:\temp\1.log'
Get-Process $procname | select cpu,id | where 
{$_.cpu -gt $cpu_usage} | % {
  "{0} {1} cpu usage: {2}" -f (Get-Date), $procname, $_.cpu | Out-File -Append $logfile 
("killing process {0}" -f $_.id) | Out-File -Append $logfile
     kill $_.id -force
}

Open in new window


also when the issue occur again, prior running the script, open task manager and click Resource Monitor.
look for the PID of the app instances, and locate the one that causes the cpu exception.
now run the script and check in the log that it outputs, which process ID the script killed.
check which process IDs the script kills comparing to what u saw in the Resource Monitor.
screenshot
0
 
TyreeSupportAuthor Commented:
Hi,

Sorry been a while since the issue had occurred.

The first script you sent me would work, but the last two give me an error;

cmdlet Where-Object at command pipeline position 3
Supply values for the following parameters:
FilterScript:

Any suggestions as to what is happening?
0
 
Meir RivkinFull stack Software EngineerCommented:
who do u refer to?
can u post the script which gives the error with line number?
0
 
TyreeSupportAuthor Commented:
The script above is what I am running

cls
$procname ='BackflushStation.exe'
$cpu_usage=90
$logfile = 'c:\temp\HighCPU.log'
Get-Process $procname | select cpu,id | where 
{$_.cpu -gt $cpu_usage} | % {
  "{0} {1} cpu usage: {2}" -f (Get-Date), $procname, $_.cpu | Out-File -Append $logfile 
("killing process {0}" -f $_.id) | Out-File -Append $logfile
     kill $_.id 
}

Open in new window

0
 
Meir RivkinFull stack Software EngineerCommented:
first of all remove .exe from the proc name, the filter works on the name itself without the extension
0
 
TyreeSupportAuthor Commented:
I have tried that and I get the same error, sorry I left that on after last edit to see if I could get it going.
0
 
Meir RivkinFull stack Software EngineerCommented:
can u post the exact error?
which line?
0
 
TyreeSupportAuthor Commented:
But if I run the very first script that you sent in ID: 39167327 it runs OK, but wants to kill all process's running not the specific process with the high cpu usage.
0
 
Meir RivkinFull stack Software EngineerCommented:
the script kills just the process with specific id, which its cpu usage is exceeds the limit.
can u post the error please and the line number?
0
 
TyreeSupportAuthor Commented:
Hi,

If I run the script in powershell cli this is the error I get

cmdlet Where-Object at command pipeline position 3
Supply values for the following parameters:
FilterScript:


If I run it in the IDE, A box pops up with the above error and a window asking for the FilterScript parameter as attached.
Error.png
0
 
Meir RivkinFull stack Software EngineerCommented:
its because the opening curly bracket is in another line, pfffffffft.
here is updated script:
cls
$procname ='BackflushStation.exe'
$cpu_usage=90
$logfile = 'c:\temp\HighCPU.log'
Get-Process $procname | select cpu,id | where {$_.cpu -gt $cpu_usage} | % {
  "{0} {1} cpu usage: {2}" -f (Get-Date), $procname, $_.cpu | Out-File -Append $logfile 
("killing process {0}" -f $_.id) | Out-File -Append $logfile
     kill $_.id 
}

Open in new window

0
 
TyreeSupportAuthor Commented:
Sorry to be a pain, that now runs but it still wants to kill all sessions of the process that are running. When I ran it through the IDE each separate running copy of the process asked me did I want to kill it even though when I look in process monitor they are only using 1% or less of the CPU.

Maybe the metric is out because we have cpu usage as 90 in the script but when I open the log, it says they are all over 90. Below is the log file and attached is the process usage when I ran it.

30/05/2013 4:36:19 PM BackflushStation cpu usage: 1493.5
killing process 4340
30/05/2013 4:36:23 PM BackflushStation cpu usage: 454.59375
killing process 4608
30/05/2013 4:36:24 PM BackflushStation cpu usage: 989.9375
killing process 6204
30/05/2013 4:36:25 PM BackflushStation cpu usage: 1420.734375
killing process 9596
30/05/2013 4:36:25 PM BackflushStation cpu usage: 543.625
killing process 13936
30/05/2013 4:36:26 PM BackflushStation cpu usage: 1234.21875
killing process 16968
30/05/2013 4:36:28 PM BackflushStation cpu usage: 469.046875
killing process 20184
30/05/2013 4:36:28 PM BackflushStation cpu usage: 1268.890625
killing process 22512
30/05/2013 4:36:29 PM BackflushStation cpu usage: 1441.09375
killing process 26448
30/05/2013 4:36:30 PM BackflushStation cpu usage: 1133.09375
killing process 27512
30/05/2013 4:36:31 PM BackflushStation cpu usage: 322.46875
killing process 36132
process.png
0
 
Meir RivkinFull stack Software EngineerCommented:
try this one:
get-wmiobject win32_perfformatteddata_perfproc_process | where{$_.name -eq 'BackflushStation' -and $_.percentprocessortime -gt 90} | %{
"{0} {1} cpu usage: {2}" -f (Get-Date), $procname, $_.percentprocessortime | Out-File -Append $logfile 
("killing process {0}" -f $_.idprocess) | Out-File -Append $logfile
kill $_.idprocess
}

Open in new window

0
 
QlemoDeveloperCommented:
We should have checked that before, but System.Diagnostics.Process (the result of Get-Process) does not provide the CPU utilization. CPU is the same as TotalProcessorTime, and tells us how much time the process has consumed on all processors/cores since started.

Win32_PerfFormattedData_PerfProc_Process seems to be a good choice. However, I prefer to filter on WMI level, if possible. That is important in particular if you run WMI remotely.
Integrated in the script (I've also reintroduced the missing vars ;-), and changed the output slightly to be a single line only):
cls
$procname ='BackflushStation'
$cpu_usage=90
$logfile = 'c:\temp\HighCPU.log'
Get-WmiObject Win32_PerfFormattedData_PerfProc_Process -Filter "Name like '$procname%' and PercentProcessorTime > $cpu_usage" | 
% {
  "{0} - killing process {1} ID {2} cpu usage: {3}" -f (Get-Date), $procname, $_.IDProcess, $_.PercentProcessorTime | Out-File -Append $logfile 
  kill $_.idprocess
}

Open in new window

1
 
QlemoDeveloperCommented:
Why only a "B" grade, after leaving the question open for almost 6 months? Either the code works, and earns an "A", or it does not (and doesn't earn anything), or you were not able to test and need to fall back to either of both dispositions.
Looks like you just wanted to get rid of the question to be able to ask another one.
0

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

  • 11
  • 9
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now