Log Insight – How to Monitor any Windows Service
Monitor critical services such as Exchange, SQL, Sharepoint, and more. The following guide will show you how to use Log Insight to monitor any Window Service and even get email alerts sent to you.
Login to Log Insight as Admin
On the top right corner, hit the dropdown and select Content Packs
- Verify that the Microsoft – Windows content pack is installed. If not install it
- Click on Microsoft – Windows > Agent Groups and copy everything in the Configuration box
Next go to the menu on the top right corner and select Administration
Click on Agents and paste everything to the Agent configuration box. Click on Save Configuration and then download the agent.
Note: The configuration must be entered else the Windows Service won’t get detected
Install the agent on the Windows machine that we want to monitor
- Next we need to find the Service name we want to monitor by going to Control Panel > Administrative Tools > Services
Double click on the service we want to monitor and copy the display name and then close out the window.
Note: In this example I chose the Print Spooler service, however the following steps applies to any Window Service. All you need is the Display Name of the service.
Now go back to Log Insight and click on Interactive Analytics
The following search Query applies to any Window Service. All we need to do is replace <Service Display Name> below with Print Spooler and enter it in the search query.
The <Service Display Name> service entered the stopped state
Next we can add it to a dashboard by click on the icon
- Fill out a name and assign it to a Dashboard and then click on Add
- Now go to Dashboards and click on the dropdown and select My Dashboards. You should now see the search query. It will display results only if a printer spooler service goes down.
Now if we wanted an email alert we would repeat steps 10 to 11 and select
> Create Alert from Query
Provide a Name and Email address and click on Save
- You will now get an email alert whenever the Printer Spooler goes down
Good Article to monitorin windows services !!!
Just have one query , does that email gives Machine name/Hostname so we can identify on which windows machine particular service is in down state ??
Although I haven’t tested it yet, it should if you use a Field Table and include the Host field