mag72

How to Monitor Windows Services via Powershell & Alert if Down/Up!

Monitor Windows Services via Powershell!

Marc Wilson

There are many ways to monitor Windows services but one of the most flexible methods is via PowerShell (PS).

The advanced PS scripts referenced in this post will help you detect when a Windows service is stopped, when it is back up again, and will ultimately send an email alert with details.

To help automate monitoring, you can configure PS to schedule tasks to run scripts daily, at different intervals.

PowerShell

The few critical Windows OS services are started when the server boots and are stopped when the server shuts down.

These services need to be continuously running and they don’t have a reason to stop their operations while the server is up.

But on the other hand, there are applications such as IIS, Exchange, Active Directory that are running on a Windows server.

These applications need their services to be up and running but, if any of these services stop, the whole application is disrupted.

A Windows Services monitoring solution should be able to keep track of these services and send alerts when one of these services stops or is down.

There are some Windows Services monitoring solutions that can help you automate this process.

These tools include PRTG Network Monitor, SolarWinds SAM, ManageEngine, and more.

But if you have basic Powershell scripting skills, you can set up your own monitoring solution with the help of basic functions and cmdlets.

Managing Services with Cmdlets

A cmdlet is a lightweight Windows PowerShell (PS) script that helps interact with the PS platform and the scripting language.

There are eight service cmdlets that let you perform an extensive number of tasks on Windows services.

These can let you query, reset, start, stop, and set services.

To get a list of the cmdlets, you can open PowerShell and use the command:

Get-Help \*-Service

Powershell Get Help

We will be using the “Get-Service” cmdlet to display the status of a service named Microsoft Remote Access Service (RasMan).

For example, let’s say that currently, RasMan is down.

Run the following command:

Get-Service -Name RasMan | Select-Object -Property *

PowerShell Get Service

As you can see from the output, the current “Status” of the service is “Stopped.”

From this output, you can also see other details like whether you can start it, stop it, reset it, its dependent services, type, etc.

The Get-Service is the right cmdlet to monitor services, but you can also use others to push actions such as the “Start-Service” or “Restart-Service.”

Let’s go ahead and attempt to start the service using the “Start-Service” cmdlet.

Run the following command:

Start-Service -Name RasMan

Powershell Start Service

And now from the results shown above, you can see that the service is up and running.

Now, the good thing with PowerShell is that you can combine the results of a “Get-Service” with the actions of the “Start-Service”.

You can use this combination of both to query and then start a service if it is equal to “stopped.”

To start a service if it is not running run the following line:

Get-Service RasMan | %{if ($_.Status -eq "Stopped") { Start-Service RasMan }}

Powershell Get Start

Cmdlets are amazing lightweight tools that can help monitor services running on a local or remote server.

But these tools will not be capable of notifying you when a service status changes or for automating specific tasks.

The next advanced PowerShell functions will take this simple script to a new level.

Advanced PowerShell Functions

The functions shown here are able to keep track of a Windows service, attempt to restart, and even send an alert via email.

The Get-PSServiceStatus Function:

The open-source PowerShell code Get-PSServiceStatus developed by dfranciscus, suggests using the Send-MailMessage function, along with the cmdlets.

This script is capable of sending alerts via email when the service changes.

The Get-PSServiceStatus can only keep track of the last service status polled and notify you when there is a change.

To accomplish this, the script uses a text file.

If a service is down, the code creates the text file with detailed information and sends an alert.

When the service is back up, it deletes the text file.

The following is the overall flow of the function:

  1. Check for a text file and the services.
  2. If there is a text file, it means that the service was not running before.
  3. If the service is not running and there is no text file, create a text file.
  4. Send an email alert saying that the service is down.
  5. If the service is running again, remove the text file.
  6.  Send an email saying that the service is up.

To run the function you’ll need to specify the computer name (remote or local), the service name, and path name where the text files will be stored.

Other important parameters to specify are, the source email and destination email.

For example:

C:\> Get-PSServiceStatus -ComputerName test-01, -ServiceName ‘RasMan' -Path ‘C:\PSServiceStatus\' -FromAddress ‘alerts@emailsrv.com' ‑ToAddress ‘ITadmin@emailsrv.com' -SmtpServer ‘smtp.domain.com'

Running this script will check the computer [test-01], the service [RasMan], and notify via email and the console if the service is not running.

Download the Source Code:

The Get-PSServiceStatus.ps1 can be downloaded here:
https://github.com/dfranciscus/Get-PSServiceStatus/blob/master/Get-PSServiceStatus.ps1

Other Functions

Below are two other PowerShell functions that can help you monitor Windows services, from the Microsoft web portal TechNet:

  • Check-Svc Function
    Another great script used to monitor Windows Services via PowerShell is Microsoft’s check-Svc. The script finds a stopped service with Get-Service cmdlet, and attempts to restart it. If after the third time, it is unable to start, it will send an alert via email.
  • CheckServices Function
    The Checkservices is another PS script that allows you to monitor the Windows Services of local and remote computers. This script will check the service status and report back in HTML all services that are running or stopped. It will also send an alert via email if the services are stopped.

Scheduling a Task to Run these PowerShell Functions

To automate the monitoring even more, you can use the Microsoft Windows Task Scheduler to automatically launch a PowerShell script, such as Get-PSServiceStatus function, at a certain time or when specific conditions are met.

For example to create a new task called “MonitorServ,” you can run the following command.

C:\Windows\System32\schtasks.exe /create /TN MonitorServ /ST 12:30 /SC DAILY /RI 10 /TR “powershell.exe C:\ Get-PSServiceStatus”

This newly created Windows Task Schedule will run the Get-PSServiceStatus function daily starting at 12:30 and every 10 minutes.

Final Words & Conclusion

A simple PowerShell script with two cmdlets can help you start a Windows service if it is stopped, much like the built-in Windows Services “Automatic Startup” function.

Throw in a scheduling task and you’ll have a simple polling system.

But when you start to combine it with other functions such as the “Send-MailMessage,” and advanced polling mechanisms such as the one in Get-PSServiceStatus, you can take your Windows Services monitoring to the next level.