Forum Discussion
Rahul_Mahajan
Jul 23, 2019Brass Contributor
How to monitor windows services
Hi All,
How to monitor services in Azure VMs like IIS, MSSQL or any other Windows service. Here we already have integration with service-now and want to achieve if Windows service is down we will get alert and then once service is online it will resolve the alert or it will not regenerate alert at frequency.
Thanks in advance.
HIi Rahul_Mahajan you cannot achieve fully the scenario of closing the alert once the service is up. You can only achieve to get alert once the service is down. I have blogged about this here:
https://cloudadministrator.net/2018/01/24/monitoring-windows-services-sates-with-log-analytics/
The method described there is by using the System event log but the same thing can be achieved with using Change Tracking solution which also tracks Windows Services states. In our book Inside Azure Management we have descried the scenario with using Change tracking as well. The example in the scenario also includes automatic service remediation by starting the service on the VM via runbook. This is described in the Automation chapter.
- MonitorpackCopper ContributorSuper easy way to monitor windows services https://youtu.be/gn1QuK4TFSc?feature=shared
HIi Rahul_Mahajan you cannot achieve fully the scenario of closing the alert once the service is up. You can only achieve to get alert once the service is down. I have blogged about this here:
https://cloudadministrator.net/2018/01/24/monitoring-windows-services-sates-with-log-analytics/
The method described there is by using the System event log but the same thing can be achieved with using Change Tracking solution which also tracks Windows Services states. In our book Inside Azure Management we have descried the scenario with using Change tracking as well. The example in the scenario also includes automatic service remediation by starting the service on the VM via runbook. This is described in the Automation chapter.
- Ashok42Copper ContributorCan we monitor linux services using change tracking?
- Adam3032Copper Contributor
Stanislav_Zhelyazkov Stanislav Zhelyazkov
Is there any other MP to monitor all windows services using a “Monitor” (not Rule) ?
Currently we are monitoring windows services using a "Rule" which needs manual intervention to close the Service alerts in SCOM to avoid that we are looking for a MP to monitor all windows services using a “Monitor” which will close the alert automatically once the service is up.
Please let me know if there is any such MP to make this possible.
Thanks in Advance !!
- Ruheena
Microsoft
Hello Stanislav,
I am trying to write a query to get results when ‘Service A’ is in running state and ‘Service B’ is in stopped state. I am getting 0 results. Below is the query
Event
| where EventLog == ‘System’ and EventID == 7036 and Source == ‘Service Control Manager’
| parse kind=relaxed EventData with * ” Windows_Service_Name ” Windows_Service_State ” *
| where Windows_Service_Name == “Service A” and Windows_Service_State == “running”
| where Windows_Service_Name == “Service B” and Windows_Service_State == “stopped”
| sort by TimeGenerated desc
| project Computer, Windows_Service_Name, Windows_Service_State, TimeGeneratedAppreciate your response.