[Osaka/Yokohama/Tokushima] Looking for infrastructure/server side engineers!

[Deployed by over 500 companies] AWS construction, operation, maintenance, and monitoring services

[Successor to CentOS] AlmaLinux OS server construction/migration service

[For WordPress only] Cloud server “Web Speed”

[Cheap] Website security automatic diagnosis “Quick Scanner”

[Reservation system development] EDISONE customization development service

[Registration of 100 URLs is 0 yen] Website monitoring service “Appmill”

[Compatible with over 200 countries] Global eSIM “Beyond SIM”

[If you are traveling, business trip, or stationed in China] Chinese SIM service “Choco SIM”

[Global exclusive service] Beyond's MSP in North America and China

[YouTube] Beyond official channel “Biyomaru Channel”

Obtaining detailed process information on a Windows machine [tasklist command]

2023.12.01

table of contents

1 Examples of using the tasklist command
2 Show details
3 Show processes using more than 100MB of memory
4 Process output in CSV format
5 Search by module name

Hello.
the All-You-Can-Eat Buffer Overflow
System Solution Department.

It's the end of the year. No, it was hot this year.
Next year, I want to experience the four seasons a little more in my daily life.

Now, I'm sure many of you will be busy towards the end of the year, but
how do you check the process status of your Windows machine? If you just want to take a quick look, I recommend using Task Manager or Resource Monitor.
It's easy to understand visually, but sometimes you want to see more detailed information, like with Linux.

⇩Task Manager⇩Resource

Monitor

tasklist is useful in such cases .
It can be used flexibly as it can
display additional information as an option and Today I would like to introduce this command. (This article uses Windows Server 2019, but the behavior is the same on Windows 10 and 11.)

Examples of using the tasklist command

First, start the command prompt and type the "tasklist" command without thinking.

task list

Then, a list of processes will be displayed as shown below.

Click here for official documentation

By default, there are only 5 items: "Image name", "PID", "Session name", "Session", and "Memory usage", so
if you want to output more details, add options. Help can be viewed below.

tasklist /?

Show details

You can get various information just by adding /v.

tasklist /v

Memory, status, and execution time are also clear at a glance.

Show processes using more than 100MB of memory

▶ This is useful when you want to quickly identify processes that use a lot of memory.

tasklist /fi "memusage gt 100000"

Process output in CSV format

It can also be output separated by commas. In addition, TABLE (default) and LIST can be specified.

tasklist /v /fo csv

⇩⇩⇩It's hard to see as it is, but

if you paste it into a spreadsheet as is, you can check it like this and it's convenient because you can sort it properly.

Search by module name

For example, use ⇩ to display the processes of modules that start with "win*".

tasklist /m win*

If you use this information to investigate, you
will be able to identify processes that are using a high amount of memory and conduct detailed investigations into what kind of processes are running.
Please try using it.

complete

If you found this article helpful , please give it a like!