This is a command line (aka console) based tool for executing WMI queries. It outputs a list of the matching objects with their relevant properties and can invoke queries against either the local or remote machines.
Like most of my tools, this was designed as a test harness for my WMI library and was originally written before PowerShell was prevalent in the wild. I sometimes find PowerShell a little too sluggish for running simple WMI queries and so this tool still has a place in my toolchest.
The tool currently only supports a single command, but the syntax allows for future extensions. The basic format for invoking WMI Command is to run it with a command type and then provide any arguments using switches, e.g.
C:\> wmicmd command --option1 value1 --option2 value2
The arguments can be specified using either Windows style (e.g. /option)
or the more modern style (e.g. --option). Each switch has both a
short name and a longer name and you can see the list of all supported commands
using wmicmd -?. Each command also has its own help topic that
describes it and lists the switches that are applicable, e.g. wmicmd query -?.
The query command allows you to execute a WMI query which is
provided as a single argument after the command name (i.e. you must use quotes
around the text). It lists all the objects in the result sets by enumerating
their available properties.
C:\> wmicmd query "SELECT Name,State FROM Win32_Service" Name: Alerter State: Stopped . . . Name: Dhcp State: Running . . . Name: xmlprov State: Stopped
The command can also be run against one or more remote machines using the
--hosts switch. If required, an alternate set of credentials
can be provided with the --user and --password
switches; the same credentials will be used for all the listed hosts.
C:\> wmicmd query "SELECT State FROM Win32_Service WHERE Name='w32time'" --hosts machine1 machine2 machine3
C:\> wmicmd query "SELECT State FROM Win32_Service WHERE Name='w32time'" --hosts srv1 srv2 --user admin --password p455w0rd
Naturally a command line is not the easiest way to specify a long list of hosts
and so there is the --hostsfile switch that allows you to store
the host names in a text file and reference that instead.
# Hosts file - one per line, comments start with a hash, empty lines allowed machine1 machine2 machine3 C:\> wmicmd query "SELECT State FROM Win32_Service WHERE Name='w32time'" --hostsfile hostlist.txt
When running a query on multiple hosts the output doesn't contain the host name
anywhere by default so it may be tricky to work out which response was from
which host. So, you can use the --showhost switch to output an
extra property before each machine's results with the host name.
C:\> wmicmd query "select LastBootUpTime from Win32_operatingsystem" --hosts srv1 srv2 --showhost Host: srv1 LastBootUpTime: 01/01/2012 02:05:35 +060 Host: srv2 LastBootUpTime: 02/03/2012 04:23:00 +060
By default datetimes and 64-bit integers in WMI are actually returned as strings, not the equivalent OLE data types. Consequently it can be hard to decipher the values. WMICmd attempts to detect both these data types and displays them in a more readable format.
C:\> wmicmd query "select LastBootUpTime,TotalVirtualMemorySize from Win32_operatingsystem" LastBootUpTime: 25/06/2012 02:05:35 +060 TotalVirtualMemorySize: 2,097,024However, if you are executing the query for the purposes of scraping the output to use in a command pipline you may want to ditch the formatting and just output the raw values. The
--noformat switch will disable any formatting
and line spacing and just return the raw propery names and values.
C:\> wmicmd query "select DeviceID,Size from Win32_LogicalDisk" --noformat DeviceID: C: Size: 78658318336 DeviceID: D: Size: 41373122560
Conversely, if you have a wide variation in property name lengths in your output
if can be hard to read. The --align switch causes the right of the
property names and left side of the values to be aligned. This also has the
effect of creating a fixed width output that may also make parsing easier.
C:\> wmicmd query "select DeviceID,Size from Win32_LogicalDisk" --align DeviceID: C: Size : 78,658,318,336 DeviceID: D: Size : 41,373,122,560
If you're using the tool as a development aid and want to know what the actual
COM types of the properties are you can use the --showtypes switch.
This will append a string to the property name showing the VT_* symbols that represent
the Variant types.
C:\> wmicmd.exe query "select * from Win32_operatingsystem" --showtypes BootDevice [VT_BSTR]: \Device\HarddiskVolume1 . . . CurrentTimeZone [VT_I2]: 60 DataExecutionPrevention_Drivers [VT_BOOL]: True DataExecutionPrevention_SupportPolicy [VT_UI1]: 2 . . . EncryptionLevel [VT_I4]: 168 ForegroundApplicationBoost [VT_UI1]: 2 . . . LocalDateTime [VT_BSTR]: 20101011181637.234000+060 . . . SystemStartupOptions [VT_BSTR|VT_ARRAY]: <array of VT_BSTR>
One more switch that is useful if you know the WMI class but don't know what
properties it exposes, is --top. This acts just its SQL namesake
and only lists the first N objects.
C:\> wmicmd.exe query "select * from Win32_Process" --top 1 CSCreationClassName: Win32_ComputerSystem CSName: K9 Caption: System Idle Process . . .
There is one other global switch that allows you to launch this helpfile if you
should need it, --manual. If WMICmd is on your PATH
then you can access it from anywhere.
C:\> wmicmd.exe --manual
This application is freeware - you get what you pay for, nothing more, nothing less.
The full source code (C++) is available from my web site listed below.
Using the --version switch will also display my contact details. Please check the web site for updates.
Email: gort@cix.co.uk
Web: www.cix.co.uk/~gort
Chris Oldwood
26th June 2012