The Where-Object and Select-Object commands are used to filter and select PowerShell objects in the following topic in the PowerShell Fundamental series. You can precisely define which items are displayed or acted on by using these commands.
Overview: Where-object and Select-object
It’s critical to comprehend the ideas discussed in previous sections before learning how to utilize the Where-Object and Select-Object commands. First and foremost, PowerShell is an object-oriented programming language. Almost every command returns an object with several characteristics that may be independently examined and filtered.
The Get-Process command, for example, will return various bits of information about currently running Windows processes, such as the start time, and current memory use. Each of these is saved as a Process object’s property. With the Pipeline character: |, PowerShell commands can also be chained together. When you do this, the results of the commands on the left of the pipe are sent to the commands on the right. The processes identified by the Get-Process command will be halted if you pipe Get-Process to Stop-Process, as in Get-Process | Stop-Process. This would try to stop all of the running processes on the system if there was no filtering in place.
Where-object: Syntax, Working, and Examples
The Where-Object command can be used to filter objects based on any property they have.
PS C:\Users\dhrub> get-command Where-Object -Syntax
Where-Object [-Property] <string> [[-Value] <Object>] [-InputObject <psobject>] [-EQ] [<CommonParameters>]
Where-Object [-FilterScript] <scriptblock> [-InputObject <psobject>] [<CommonParameters>]
Where-Object [-Property] <string> [[-Value] <Object>] -Match [-InputObject <psobject>] [<CommonParameters>]
The most commonly used syntax is:
Where-Object {$_.PropertyName -ComparisonType FilterValue}
The “PropertyName” property is the name of the object whose property you’re filtering. ComparisonType is a brief keyword that describes the type of comparison you’re performing. “eq” stands for equals, “gt” stands for greater than, “lt” stands for less than, and “like” stands for a wildcard search. Finally, the FilterValue is the value against which the object’s property is being compared. The Get-Process command, example is shown below with output.
PS C:\Users\dhrub> get-process| Where-Object {$_.processname -eq "armsvc"}
Handles NPM(K) PM(K) WS(K) CPU(s) Id SI ProcessName
------- ------ ----- ----- ------ -- -- -----------
124 8 1588 2800 4956 0 armsvc
Select-object: Syntax, Working, and Examples
The Select-Object command is another one to become acquainted with. This command is used to restrict or modify the output of other commands. There are numerous applications for it, but one of the most common is to select the first N results of another command.
PS C:\Users\dhrub> Get-Command Select-Object -Syntax
Select-Object [[-Property] <Object[]>] [-InputObject <psobject>] [-ExcludeProperty <string[]>] [-ExpandProperty <string>] [-Unique] [-Last <int>] [-First <int>] [-Skip <int>] [-Wait]
[<CommonParameters>]
Select-Object [[-Property] <Object[]>] [-InputObject <psobject>] [-ExcludeProperty <string[]>] [-ExpandProperty <string>] [-Unique] [-SkipLast <int>] [<CommonParameters>]
Select-Object [-InputObject <psobject>] [-Unique] [-Wait] [-Index <int[]>] [<CommonParameters>]
Below is one of the ways we can filter the process.
PS C:\Users\dhrub> get-process |select Name
Name
----
AdobeIPCBroker
amdfendrsr
AppHelperCap
ApplicationFrameHost
The below example shows the first five processes running in the system.
PS C:\Users\dhrub> get-process |Select-Object -First 5
Handles NPM(K) PM(K) WS(K) CPU(s) Id SI ProcessName
------- ------ ----- ----- ------ -- -- -----------
206 13 2428 10492 0.09 836 6 AdobeIPCBroker
110 8 2012 4612 3368 0 amdfendrsr
334 15 5692 9724 2284 0 AppHelperCap
394 22 15564 32088 0.30 13260 6 ApplicationFrameHost
124 8 1588 2800 4956 0 armsvc
The below example shows the last five processes running in the system.
PS C:\Users\dhrub> get-process |Select-Object -last 5
Handles NPM(K) PM(K) WS(K) CPU(s) Id SI ProcessName
------- ------ ----- ----- ------ -- -- -----------
1064 75 55192 2556 10.11 14596 6 WinStore.App
186 13 3380 8544 3856 0 WmiPrvSE
189 12 3900 11268 7532 0 WmiPrvSE
462 16 4900 8100 1288 0 WUDFHost
767 51 30048 17588 1.89 14588 6 YourPhone
Conclusion
You can easily control which items you are working on in PowerShell by using the Where-Object and Select-Object commands. You can use these commands to filter the data you’re viewing or to limit actions (like stopping services or removing files) to those that match the filters you set. This series will conclude with the next article. We’ll look at looping through groups of objects in order to perform more complex tasks on a collection of items.
