dongtaijiao7140 2013-12-04 01:44
浏览 432
已采纳

从Go查询WMI

I would like to run WMI queries from Go. There are ways to call DLL functions from Go. My understanding is that there must be some DLL somewhere which, with the correct call, will return some data I can parse and use. I'd prefer to avoid calling into C or C++, especially since I would guess those are wrappers over the Windows API itself.

I've examined the output of dumpbin.exe /exports c:\windows\system32\wmi.dll, and the following entry looks promising:

WmiQueryAllDataA (forwarded to wmiclnt.WmiQueryAllDataA)

However I'm not sure what to do from here. What arguments does this function take? What does it return? Searching for WmiQueryAllDataA is not helpful. And that name only appears in a comment of c:\program files (x86)\windows kits\8.1\include\shared\wmistr.h, but with no function signature.

Are there better methods? Is there another DLL? Am I missing something? Should I just use a C wrapper?

Running a WMI query in Linqpad with .NET Reflector shows the use of WmiNetUtilsHelper:ExecQueryWmi (and a _f version), but neither have a viewable implementation.

Update: use the github.com/StackExchange/wmi package which uses the solution in the accepted answer.

  • 写回答

3条回答 默认 最新

  • donglaoe2979 2013-12-04 04:00
    关注

    Welcome to the wonderful world of COM, Object Oriented Programming in C from when C++ was "a young upstart".

    On github mattn has thrown together a little wrapper in Go, which I used to throw together a quick example program. "This repository was created for experimentation and should be considered unstable." instills all sorts of confidence.

    I'm leaving out a lot of error checking. Trust me when I say, you'll want to add it back.

    package main

import (
        "github.com/mattn/go-ole"
        "github.com/mattn/go-ole/oleutil"
)

func main() {
    // init COM, oh yeah
    ole.CoInitialize(0)
    defer ole.CoUninitialize()

    unknown, _ := oleutil.CreateObject("WbemScripting.SWbemLocator")
    defer unknown.Release()

    wmi, _ := unknown.QueryInterface(ole.IID_IDispatch)
    defer wmi.Release()

    // service is a SWbemServices
    serviceRaw, _ := oleutil.CallMethod(wmi, "ConnectServer")
    service := serviceRaw.ToIDispatch()
    defer service.Release()

    // result is a SWBemObjectSet
    resultRaw, _ := oleutil.CallMethod(service, "ExecQuery", "SELECT * FROM Win32_Process")
    result := resultRaw.ToIDispatch()
    defer result.Release()

    countVar, _ := oleutil.GetProperty(result, "Count")
    count := int(countVar.Val)

    for i :=0; i < count; i++ {
        // item is a SWbemObject, but really a Win32_Process
        itemRaw, _ := oleutil.CallMethod(result, "ItemIndex", i)
        item := itemRaw.ToIDispatch()
        defer item.Release()

        asString, _ := oleutil.GetProperty(item, "Name")

        println(asString.ToString())
    }
}

    The real meat is the call to ExecQuery, I happen to grab Win32_Process from the available classes because it's easy to understand and print.

    On my machine, this prints:

    System Idle Process
System
smss.exe
csrss.exe
wininit.exe
services.exe
lsass.exe
svchost.exe
svchost.exe
atiesrxx.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
spoolsv.exe
svchost.exe
AppleOSSMgr.exe
AppleTimeSrv.exe
... and so on
go.exe
main.exe

    I'm not running it elevated or with UAC disabled, but some WMI providers are gonna require a privileged user.

    I'm also not 100% that this won't leak a little, you'll want to dig into that. COM objects are reference counted, so defer should be a pretty good fit there (provided the method isn't crazy long running) but go-ole may have some magic inside I didn't notice.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(2条)

报告相同问题?

  • Golang 获取wmi windows硬件信息
    2019-02-12 15:59
    这是一个Golang 获取wmi windows硬件信息的源代码,包括CPU,网卡,内存,硬盘等信息
  • c#使用wmi查询usb设备信息示例
    2020-09-04 16:20
    4. **ManagementObjectSearcher 类**:这是.NET Framework中的一个类,用于执行WQL(WMI查询语言)查询并返回结果集。在示例中,它用于查找所有`Win32_USBControllerDevice`类型的对象,这代表了USB控制器。 5. **...
  • go-wmi-hyper-v.txt
    2021-09-28 13:39
    go通过调用Windows wmi 生成hyper-v虚拟机,不包括修改内存,CPU等操作
  • golang基于WMI获取所有外接硬盘(USB,移动硬盘)信息
    2024-08-14 14:25
    山与路的博客 【代码】golang基于WMI获取所有外接硬盘(USB,移动硬盘)信息。
  • wmi:WMI for Go
    2021-05-09 03:04
    WMI 软件包wmi提供了Windows WMI的WQL接口。 注意:它与本地计算机上的WMI接口,因此仅在Windows上运行。
  • go-wmi获取可移动磁盘信息
    2021-07-07 11:49
    Coding<_>的博客 官方API:Win32_LogicalDisk 类 - Win32... "github.com/StackExchange/wmi" "strings" "time" ) // Win32_LogicalDisk 本地磁盘类类型、名称不可更改 type Win32_LogicalDisk struct { Access uint16 Availability
  • 使用GO(golang) 通过wmi 创建HYPER-V虚拟机
    2021-10-02 14:00
    大金必成的博客 go version go1.17.1 windows/amd64 上代码: package main import ( "fmt" "github.com/go-ole/go-ole" "github.com/go-ole/go-ole/oleutil" "log" "time" ) func main() { ole.CoInitializeEx(0, ole....
  • 26、WMI查询:基础与复杂信息处理
    2025-11-30 06:29
    算法是你的笨蛋的博客 本文深入探讨了WMI查询的基础与高级应用,涵盖VBScript脚本编写、查询无结果的排查、远程服务器重启与网络配置修改等实际场景。详细介绍了模板式与直接连接两种查询方式的对比,解析了Win32_NetworkAdapterSetting等...
  • wmi:本地和远程Windows WMI的包装器,用于对COM的低级调用和高级Go对象映射
    2021-04-04 18:39
    在Go语言中,为了方便地使用WMI,存在专门的库和工具,如描述中的"本地和远程Windows WMI的包装器"。这个包装器的目的在于简化与WMI的交互,它提供了对COM(Component Object Model)的低级调用,并将这些调用转换为...
  • 26、WMI 查询:基础与复杂信息处理
    2025-12-21 08:20
    青柠汽水308的博客 本文深入讲解了WMI查询的基础与复杂信息处理方法,涵盖常见问题排查、VBScript脚本编写与优化、远程计算机管理、网络配置自动化以及关联类的使用。通过实际示例展示了如何修改模板脚本实现重启服务器、启用DHCP等...
  • 26、深入探究WMI查询:基础与复杂信息处理
    2025-12-08 01:09
    ol789012的博客 本文深入探讨了WMI查询的基础与复杂信息处理技术,涵盖VBScript脚本编写、WQL查询优化、关联类使用方法及实际应用场景。通过重启服务器、启用网络适配器DHCP等实例,展示了如何修改自动生成的脚本模板以满足实际需求...
  • Go-使用wmi获取硬盘smart信息并解析
    2021-07-07 11:46
    Coding<_>的博客 "github.com/StackExchange/wmi" ) const ( Power_On_Hours = 9 Power_Cycle_Count = 12 Temperature_Celsius = 194 ) var smartProperties = map[uint8]string{ Power_On_Hours: "通电总时长", Power_Cyc
  • WMI设置网卡及获取网卡信息
    2015-03-04 09:19
    WMI是Microsoft提供的一种系统管理接口,它允许开发者通过标准的脚本语言或编程语言来访问和操作Windows系统的各种组件信息,包括网络适配器(网卡)的状态和配置。 首先,我们要了解WMI中的NetAdapter类。...
  • 用GO语言实现监控和管理进程
    2024-02-21 16:37
    它是一个使用 Go 语言实现的进程监控项目。它主要实现了以下功能: 进程管理:用户可以通过命令行或者 HTTP 接口对被监控的进程进行启动、停止、重启、查询等操作。 进程监测:用户可以通过信号或者 ps 命令对被...
  • ladon入侵检测系统GO代码实现
    2023-05-14 18:46
    首先,Go语言(又称Golang)是Google开发的一种静态类型、编译型的编程语言,以其简洁的语法、高效的性能以及并发处理能力而被广泛应用在系统工具和服务器程序开发中。ladon系统选择Go语言作为实现基础,主要是看中...
  • WMI获取硬件信息封装函数方法(联想台式机出厂编号 CPUID BIOS序列号 硬盘信息 显卡信息 MAC地址)
    2020-09-04 20:59
    在本文中,我们将探讨如何封装WMI查询函数来获取联想台式机的特定硬件信息,如出厂编号、CPUID、BIOS序列号、硬盘信息、显卡信息以及MAC地址。 首先,我们来看两个关键的封装函数: 1. `identifier(string wmi...
  • 25、深入探讨WMI事件:查询、过滤与执行策略
    2025-12-03 03:33
    kkk56的博客 本文深入探讨了Windows Management Instrumentation(WMI)事件的查询、过滤与执行策略,详细介绍了WMI事件过滤器的构建方法、轮询机制中的WITHIN子句使用技巧,以及通过WBEMTest工具和VBScript实现半同步与异步通知...
  • WMI for Go 项目常见问题解决方案
    2024-11-06 07:18
    郁英忆的博客 WMI for Go 项目常见问题解决方案 wmi WMI for Go 项目地址: https://gitcode.com/gh_mirrors/wm/wmi 项目基础介绍...
  • 没有解决我的问题, 去提问