Weekend Scripter: Measure the Performance of Using Wildcards in a WMI Query

Doctor Scripto

Summary: Learn how to use the Windows PowerShell Measure-Command cmdlet to determine the performance of wildcard queries using WMI. Microsoft Scripting Guy, Ed Wilson, is here. It is the weekend in Charlotte, North Carolina, and tomorrow I fly to Seattle, Washington where I speak at the Microsoft-only TechReady 15 conference. It is a great event, and I always have fun getting to see a lot of friends from all over the world. TechReady is a very international event, and it is the one time when Microsoftees have a chance to get together. Because the conference is held twice a year, it provides a chance for people to come to one session or the other, and for Microsoft to still be able to carry on with its normal activities. This week, I had an idea based on a comment posted to one of my WMI articles, “What is the difference in performance between using the equality operator or using a wildcard character and the Like operator, when making a WMI query?” So I thought I would test it out.

Methodology

To measure the performance of different queries, the basic tool is the Measure-Command cmdlet. Because of potential caching issues, I reboot after each query. But before I do all that, I want to ensure that my WMI queries are working properly. For that, I do not need to reboot between commands. In addition, I want to ensure that my Measure-Command commands are working properly. So for that, I also test the commands. I ended up configuring three different query patterns. The patterns are listed here:

  1. Use the equality operator.
  2. Use the like operator and a wildcard character.
  3. Use the like operator and multiple wildcard characters.

When I am certain that my queries and Measure-Command commands work properly, it is time to begin the multiple reboot process.

Using the equality operator to find a process

My laptop is back up from the first reboot. As a baseline, I query for the explorer.exe process by using the equality operator. My expectations are that this will be the fastest query because it looks through all the processes and I am using the Name property to find the specific process. This is a non-indexed operation because the key to the Win32_Process class is handle and not the Name property. Here is the basic query.

Get-WmiObject -Class win32_process -Filter “name = ‘explorer.exe'” The command to measure the performance of the WMI query is shown here.

measure-command {Get-WmiObject -Class win32_process -Filter “name = ‘explorer.exe'”} So what are the results from the Measure-Command? They are shown here.

PS C:> measure-command {Get-WmiObject -Class win32_process -Filter “name = ‘explorer.exe'”}

 

Days              : 0

Hours             : 0

Minutes           : 0

Seconds           : 0

Milliseconds      : 351

Ticks             : 3514032

TotalDays         : 4.06716666666667E-06

TotalHours        : 9.7612E-05

TotalMinutes      : 0.00585672

TotalSeconds      : 0.3514032

TotalMilliseconds : 351.4032

Using the Like operator and a wildcard to find a process

Now as a point of comparison, I use the percentage symbol ( % ), which is a wildcard character in WMI WQL that means zero or more instances of a character.

Get-WmiObject -Class win32_process -Filter “name LIKE ‘explorer%'” The command to measure the performance of the WMI wildcard query is shown here.

measure-command {Get-WmiObject -Class win32_process -Filter “name LIKE ‘explorer%'”} As I come out of my second reboot, I once again open the Windows PowerShell console and run the first of my wildcard comparison commands. The command and associated output are shown here.

PS C:> measure-command {Get-WmiObject -Class win32_process -Filter “name LIKE ‘explorer%'”}

 

Days              : 0

Hours             : 0

Minutes           : 0

Seconds           : 0

Milliseconds      : 429

Ticks             : 4298977

TotalDays         : 4.97566782407407E-06

TotalHours        : 0.000119416027777778

TotalMinutes      : 0.00716496166666667

TotalSeconds      : 0.4298977

TotalMilliseconds : 429.8977

Use the Like operator and multiple wildcards to find a process

Does the amount and type of wildcard characters make any difference? I would suspect it would; but then, one never really knows. So here is a wildcard pattern that uses a range of letters, a single letter, and the zero or more letters character.

Get-WmiObject -Class win32_process -Filter “name LIKE ‘[A-F]xplo_er%'”

measure-command {Get-WmiObject -Class win32_process -Filter “name LIKE ‘[A-F]xplo_er%'”} Now, I have completed my last reboot. It is time to see if there is a difference using the “wilder” wildcard pattern. The command and associated output appears here.

PS C:Usersadministrator> measure-command {Get-WmiObject -Class win32_process -Filter “name LIKE ‘[A-F]xplo_er%'”}

 

Days              : 0

Hours             : 0

Minutes           : 0

Seconds           : 0

Milliseconds      : 339

Ticks             : 3391294

TotalDays         : 3.9251087962963E-06

TotalHours        : 9.42026111111111E-05

TotalMinutes      : 0.00565215666666667

TotalSeconds      : 0.3391294

TotalMilliseconds : 339.1294

Conclusions

Drawing conclusions from this little experiment is a little dangerous. The reason is that the Measure-Command cmdlet is not really accurate when it comes to measuring millisecond results. Therefore, making a hard and fast conclusion based upon millisecond results is not a best practice. Nevertheless, as a way of summarizing the results, following is a comparison table. The equality operator found the information and returned results in 351 milliseconds, and that was faster than using the Like operator with a single wildcard. If the results had remained like that, I would have said, “Cool, it proves my point.” However, the Like operator with multiple wildcards returned in 339 milliseconds, and that is completely counter intuitive. Therefore, additional testing is indicated. To prove the point, the results need to take multiple seconds to return so we move into the area that is more accurate for the Measure-Command. At this stage of my testing, I would have to say, there is no difference between using the equality operator and using one or more wildcards. The following table illustrates the results.

Test

Time in Milliseconds

Equality operator

351

Like operator with single wildcard

429

Like operator with multiple wildcards

339

I invite you to follow me on Twitter and Facebook. If you have any questions, send email to me at scripter@microsoft.com, or post your questions on the Official Scripting Guys Forum. See you tomorrow. Until then, peace.

Ed Wilson, Microsoft Scripting Guy 

0 comments

Discussion is closed.

Feedback usabilla icon