WQL is the query language in WMI, WQL's full name is WMI query Language, referred to as WQL, translated into Chinese as if it could be the Windows Management Specification query language. A friend who is familiar with the SQL language will feel that it is very similar to SQL.
WQL is actually very simple, it has the following characteristics:
1. Each WQL statement must start with a select;
2, after the Select and you need to query the name of the property (I just corresponding to the SQL referred to as the field name), but also like SQL, with * to return all the property values;
3, from the keyword;
4, you want to query the name of the class;
5, in addition, if you want to exact query results can also add where conditional clause. For example, a class has the ENABLE attribute, and you can add a where enable=true to the query.
The following are the correct WQL statements:
Copy Code code as follows:
Select * from Win32_LogicalDisk where drivetype=3 ' queries all hard disk partitions
SELECT * from Win32_Share ' Queries all shared directories
SELECT * from Win32_NetworkAdapterConfiguration WHERE dhcpenabled=true
SELECT Description from Win32_account WHERE name= ' Administrator '
SELECT Freespace,deviceid from Win32_LogicalDisk
In WinXP and Win2003, there is a self-contained WQL test tool called Wbemtest.exe, which allows you to see what classes and classes have properties, using the following methods:
First, run Wbemtest.exe, as shown below:
After you click OK, a window of the Windows Management Instrumentation Tester appears, as shown in the following figure:
Click "Connect" will appear a dialog box, we can choose to connect the local host or remote host, the following figure:
If it is a native test and is logged in as an administrator, you can not fill out the username and password, if it is a linked remote host will need to fill out the remote host username and password (recommended to use the remote host to log on as the administrator), click "Connect" will return to the main interface. Note that you can view and query only after you log in.
Click the "Query" button to enter the WQL statement we want to query, such as "Select * from Win32_LogicalDisk", which is the WQL statement that queries the logical drive of the system, as shown in the figure:
This is the majority of us will get a number for "0x80041010", described as "Invalid category" error, as shown below:
This error occurs because the default namespace is "Root/default" at the beginning, and we need to change the namespace. Then click the "Connect" button, change the default "Root/default" to "root/cimv2", and then click the "Connect" button, as shown below:
Once the login is successful, we can see what classes the system has, and we can also execute the WQL query.
You can query the properties of the class by clicking the Enum Category button and entering the name of the class you want to find in the dialog box that pops up. The following figure (note: I did not fill in the superclass name and select the Recursive radio button, which is recursively enumerating all the classes in the system):
The results of the query are shown below:
These are all useful things. Oh, if you are careful, you will find in this list all the classes I have designed in the WQL statements I used before, such as Win32_LogicalDisk, Win32_Share, and so on. Note that some have parentheses, and these are the methods.
The following are the results of some queries:
We can also double-click on one of the data to view the properties, as shown in the following figure:
If we are not accustomed to viewing this way, we can also click the "Show MOF" button in the above window, and the following is the result of clicking the "Show MOF" button:
You can see from the above diagram what attributes and corresponding property values this class has.
Today's content seems to have little to do with. NET, but only understanding and familiarity with WQL will enable us to write. NET code quickly and smoothly.
WMI Tester (Wbemtest.exe) Walkthrough
Now that you have some knowledge of the tools available for browsing and viewing the CIM, let's use the WMI Tester (Wbemtest.exe) to examine the Win32_Process class definition and modify the manifest 2 to retrieve some properties from the process that is running on your local computer.
Open a command prompt, type C:\>wbemtest.exe, and press Enter to start the WMI Tester tool. Note that most of the buttons are disabled on the main WMI Tester window, which means that you are not connected to WMI at this time.
Click Connect ? Connect to the WMI service on a local or remote computer. Displays the connection dialog box, which provides a text input area labeled Namespace , which defaults to root\default. Change the value of the Namespace area to root\cimv2, and click the Connect button in the Connection dialog box to return to the main WMI tester window.
The namespace identifier in the upper-left corner of the main window should be displayed as root\cimv2. Note that all of the buttons are now enabled, which means that you have successfully connected to WMI on the local host under the current credential environment. Click the Enum Classes? Open the Superclass Information dialog box.
In the Superclass Information dialog box, do not fill in the Enter superclass name area, click the recursive option, and click OK to enumerate all the CIM classes defined in the root\cimv2 namespace 。
At this point, you might be looking at a Query Results dialog box that lists hundreds of class definitions. The number of classes depends primarily on the version of Windows that you are running. For example, if you are using Windows 2000, you should see approximately 600 class definitions. If you are running Windows XP, you should see approximately 900 class definitions.
Note that the class that is listed at the top of the Query Results dialog box starts with two underscores. These are system classes. System classes are predefined CIM classes that support internal WMI configuration and operations, such as provider registration, namespace security, and event notifications. Now, ignoring the system class, scroll down the Query Results dialog box until you see a class that starts with cim_.
A class whose name begins with Cim_ is the core and common base class maintained by DMTF. Continue scrolling down until you reach a class that starts with Win32_.
A class whose name begins with Win32_ is a Microsoft extended class that represents Windows-specific managed resources. If this is the first time you check the root\cimv2 namespace, you may want to familiarize yourself with the complete collection of classes in the root\cimv2 namespace, especially those with win32_ prefixes.
Scroll down the Query Results dialog box until you reach the Win32_Process class, and double-click the class name to open the Object Editor of the Win32_Process dialog box.
The Object Editor dialog box displays details (properties and methods) of the definition and implementation of the selected class. Recall what we discussed earlier-class definitions are the blueprints for WMI's manageable resources.
Select the Hide System properties check box to hide systems properties. The remaining Win32_Process properties indicate the information that you can retrieve from a process running on a local or remote computer.
To complete your WMI scripting exercise, try to retrieve the Name,Handle , and ProcessID properties. Using one of the previous three listings as the template, try to run the script before step 7th.
note to run the script on the local computer, set the value of the StrComputer variable to "." (a single point within the quotation marks).
After you run the newly created Getprocesses.vbs script, you can validate the results of the script with the Wimi tester. In the object Editor of the Win32_Process dialog box, click Instances. The resulting Query Results dialog box lists instances of processes running on the computer. Double-click a specified process instance to view the details of the instance.
Software Download Address: http://www.jb51.net/softs/193574.html
Answers to the WMI tester walkthrough
Copy Code code as follows:
StrComputer = "." ' Dot (.) equals local computer in WMI
Set wbemservices = Getobject ("winmgmts:\\" & StrComputer)
Set wbemObjectSet = wbemservices.instancesof ("Win32_Process")
For each wbemobject in wbemObjectSet
WScript.Echo "Name:" & Wbemobject.name & VbCrLf & _
"Handle:" & Wbemobject.handle & VbCrLf & _
"Process ID:" & Wbemobject.processidnext