Services & Processes
Windows
Services
see also: tasklist
sc query state=all
\\computer query state=all
sc query service_name
\\computer stop service_name
\\computer start service_name
net start | findstr Firewall
Example
Get-Service
Get-Service | Where-Object {$_.Status -EQ "Running"}
Get-Service RpcSs, spooler
Status Name DisplayName
------ ---- -----------
Running RpcSs Remote Procedure Call (RPC)
Running spooler Print Spooler
Service Startup Type
Get-Service | select -property name,starttype
Name StartType
---- ---------
AarSvc_70289 Manual
AdobeARMservice Automatic
AESMService Automatic
AJRouter Manual
ALG Manual
AppIDSvc Manual
Appinfo Manual
AppMgmt Manual
AppReadiness Manual
AppVClient Disabled
AppXSvc Manual
AssignedAccessManagerSvc Manual
aswbIDSAgent Manual
Tasks
Examples:
TASKLIST
TASKLIST /M
TASKLIST /V /FO CSV
TASKLIST /SVC /FO LIST
TASKLIST /APPS /FI "STATUS eq RUNNING"
TASKLIST /M wbem*
TASKLIST /S system /FO LIST
TASKLIST /S system /U domain\username /FO CSV /NH
TASKLIST /S system /U username /P password /FO TABLE /NH
TASKLIST /FI "USERNAME ne NT AUTHORITY\SYSTEM" /FI "STATUS eq running"
Debian
tools
htop
top -n 1
Services
systemctl --list-units
service --status-all
service --status-all | grep '\[ + \]'
service --status-all | grep '\[ - \]'
service apache2 status
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2023-05-15 00:27:01 UTC; 12h ago
Docs: https://httpd.apache.org/docs/2.4/
Process: 1100114 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCESS)
Process: 1131519 ExecReload=/usr/sbin/apachectl graceful (code=exited, status=0/SUCCESS)
Main PID: 1100119 (apache2)
Tasks: 7 (limit: 2323)
Memory: 180.2M
CPU: 5min 10.529s
CGroup: /system.slice/apache2.service
├─1100119 /usr/sbin/apache2 -k start
├─1131546 /usr/sbin/apache2 -k start
├─1131549 /usr/sbin/apache2 -k start
├─1131550 /usr/sbin/apache2 -k start
├─1131692 /usr/sbin/apache2 -k start
├─1131700 /usr/sbin/apache2 -k start
└─1132116 /usr/sbin/apache2 -k start
May 15 11:50:01 somedomain.com systemd[1]: Reloading The Apache HTTP Server...
May 15 11:50:01 somedomain.com systemd[1]: Reloaded The Apache HTTP Server.
May 15 12:00:01 somedomain.com systemd[1]: Reloading The Apache HTTP Server...
May 15 12:00:01 somedomain.com systemd[1]: Reloaded The Apache HTTP Server.
May 15 12:25:01 somedomain.com systemd[1]: Reloading The Apache HTTP Server...
May 15 12:25:01 somedomain.com systemd[1]: Reloaded The Apache HTTP Server.
May 15 12:50:01 somedomain.com systemd[1]: Reloading The Apache HTTP Server...
May 15 12:50:01 somedomain.com systemd[1]: Reloaded The Apache HTTP Server.
May 15 13:00:01 somedomain.com systemd[1]: Reloading The Apache HTTP Server...
May 15 13:00:01 somedomain.com systemd[1]: Reloaded The Apache HTTP Server.
ps
(1:905)# ps -ef | grep ntp | grep -v grep
ntp 24731 1 0 11:09 ? 00:00:00 /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 103:105
ps aux | grep "Z"
ps axf
1024 ? S 0:00 /usr/sbin/xrdp-sesman
1029 ? Ss 0:00 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups
3995 ? Ss 0:00 \_ sshd: james [priv]
4175 ? S 0:00 \_ sshd: james@pts/0
4178 pts/0 Ss 0:00 \_ -bash
4458 pts/0 R+ 0:00 \_ ps axf
1049 ? S 0:00 /usr/sbin/xrdp