Where-Object
In addition to sorting, you may need to limit or filter the output. The Where-Object cmdlet is a filter that lets you control what data is ultimately displayed. This cmdlet is almost always used in a pipeline expression where output from one cmdlet is piped to this cmdlet. The Where-Object cmdlet requires a code block enclosed in braces that is executed as the filter.
Here's an expression to get all instances of the Win32_Service class where the state property of each object equals stopped.
get-wmiobject -class win32_service | where {$_.state -eq "Stopped"} You may want to further refine this expression and format the output by piping to yet another cmdlet:
PS C:\> get-wmiobject -class win32_service | ` >>where {$_.state -eq "Stopped"} | format-wide >> Alerter ALG AppMgmt aspnet_state BAsfIpM Browser CiSvc ClipSrv clr_optimization_v2.0.50727_32 COMSysApp CVPND dmadmin dmserver ERSvc FastUserSwitchingCompatibility GrooveAuditService GrooveInstallerService GrooveRunOnceInstaller helpsvc HidServ NetDDE NetDDEdsdm Netlogon NtLmSsp NtmsSvc ose PDEngine Pml Driver HPZ12 PolicyAgent RasAuto RDSessMgr RemoteAccess rpcapd RpcLocator RSVP SharedAccess SQLAgent$CRM SQLAgent$MICROSOFTSMLBIZ SQLWriter SSDPSRV SwPrv SysmonLog TlntSvr TrkWks upnphost UPS VMAuthdService VMnetDHCP vmount2 VMware NAT Service VSS W3SVC WmdmPmSN Wmi wscsvc xmlprov PS C:\> In this example we've taken the same Get-Wmiobject expression and piped it through Format-Wide to get a nice two column report.
The key is recognizing that the script block in braces is what filters the object. If nothing matches, the filter then nothing will be displayed.
