Querying count of TCP Connections for a given process in Powershell

Question

It seems the class to do this is MSFT_NetTransportConnection.

However I cannot query this class via Get-WmiObject:

C:\Users\Justin Dearing> Get-WmiObject MSFT_NetTransportConnection
Get-WmiObject : Invalid class "MSFT_NetTransportConnection"
At line:1 char:1
+ Get-WmiObject MSFT_NetTransportConnection
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidType: (:) [Get-WmiObject], ManagementException
    + FullyQualifiedErrorId : GetWMIManagementException,Microsoft.PowerShell.Commands.GetWmiObjectCommand

C:\Users\Justin Dearing> Get-WmiObject MSFT_NetTransportConnection  -Namespace "root/StandardCimv2"
Get-WmiObject : Not supported
At line:1 char:1
+ Get-WmiObject MSFT_NetTransportConnection  -Namespace "root/StandardC ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [Get-WmiObject], ManagementException
    + FullyQualifiedErrorId : GetWMIManagementException,Microsoft.PowerShell.Commands.GetWmiObjectCommand

C:\Users\Justin Dearing> Get-WmiObject MSFT_NetTransportConnection  -Namespace "fff"
Get-WmiObject : Invalid namespace "fff"
At line:1 char:1
+ Get-WmiObject MSFT_NetTransportConnection  -Namespace "fff"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [Get-WmiObject], ManagementException
    + FullyQualifiedErrorId : GetWMIManagementException,Microsoft.PowerShell.Commands.GetWmiObjectCommand

What am I doing wrong?

Answer 1

Can the MSFT_NetTcpConnection class be suitable?

Get-WmiObject -Namespace 'ROOT/StandardCimv2' -ClassName MSFT_NetTCPConnection |
    Group-Object OwningProcess

Sort Process with Most Connections

You can also use Sort-Object to sort the list of processes with the most connections. This makes it easier to visually discover which processes have the most connections.

Get-CimInstance -Namespace root/standardcimv2 -ClassName MSFT_NetTCPConnection | 
  Group-Object -Property OwningProcess | 
  Sort-Object -Property Count

Answer 2

I also don't have that WMI/CIM class. You may need to figure out what namespace it is in to use it.

You can get the number of network connections that each process has by using Get-NetTCPConnection and grouping on the OwningProcess property.

Get-NetTCPConnection -State Established, TimeWait -ErrorAction SilentlyContinue |
    Group-Object OwningProcess