Skip to content
/ PRTG-WinServices Public

Monitor automatically started Windows services with PRTG

License

MIT license
2 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Jannos-443/PRTG-WinServices

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits

media

media

 
 

.gitattributes

.gitattributes

 
 

LICENSE

LICENSE

 
 

PRTG-WinServices.ps1

PRTG-WinServices.ps1

 
 

README.md

README.md

 
 

prtg.winservices.state.ovl

prtg.winservices.state.ovl

 
 

Repository files navigation

PRTG-WinServices

Project Owner:

Jannos-443

Changelog

V1.0

  • Monitor automatic Windows Services
  • Added Ability to use HTTP Push to avoid local Permission on critical Remote Servers (Backup etc.)

V1.01

  • Added Ability to define Critical Services that have to be present

V1.02

  • Added ChannelPerService and HideAutomaticNotRunning parameter

HOW TO

Option 1: Execute on Remote Server without PRTG needing local permissions on the Remote Server (HTTP Push Advanced)

  1. Place the lookup file prtg.winservices.state.ovl on the PRTG probe(s) under C:\Program Files (x86)\PRTG Network Monitor\lookups\custom
  2. Place Script on Remote Server (C:\PRTG\PRTG-WinServices.ps1)
  3. Create PRTG "HTTP Push Advanced Sensor" and copy the Token (Token is available in the Sensor Settings after creating the Sensor)
    • you should set "no incoming data" to "switch to down status after x minutes"
  4. Create Schueduled Task

Example:

powershell.exe -Command "& 'C:\PRTG\PRTG-WinServices.ps1' -ComputerName 'localhost' -HttpPush -HttpServer 'YourPRTGServer' -HttpPort '5050' -HttpToken 'YourHTTPPushToken'"

task

Option 2: Execute on PRTG Server (EXE Advanced)

  1. Place PRTG-WinService.ps1 under C:\Program Files (x86)\PRTG Network Monitor\Custom Sensors\EXEXML

  2. Place the lookup file prtg.winservices.state.ovl on the PRTG probe(s) under C:\Program Files (x86)\PRTG Network Monitor\lookups\custom

  3. Create new Sensor

    Settings Value
    EXE/Script Advanced PRTG-WinService.ps1 -ComputerName "%host"
    Scanning Interval 10 min

Non Domain or IP

If you connect to Computers by IP or to not Domain Clients please read Microsoft Docs

you maybe have to add the target to the TrustedHosts on the PRTG Probe and use explicit credentials.

example (replace all currenty entries):

Set-Item -Path WSMan:\localhost\Client\TrustedHosts -Value "ServerIP1,ServerIP2,ServerHostname1"

example want to and and not replace the list:

$curValue = (Get-Item wsman:\localhost\Client\TrustedHosts).value
Set-Item WSMan:\localhost\Client\TrustedHosts -Value "$curValue,NewServer3.test.com"

exmaple PRTG parameter with explicit credentials:

-ComputerName "%host" -Username "%windowsuser" -Password "%windowspassword"

Usage

simple check automatic Services of Remote Computer

-ComputerName "%host"

exclude every service starting with "Intel"

-ComputerName "%host" -ExcludePattern '^(Intel.*)$'

exclude "Test123" and every service starting with "Intel"

-ComputerName "%host" -ExcludePattern '^(Intel.*|Test123)$'

only check services starting with "Intel"

-ComputerName "%host" -IncludePattern '^(Intel.*)$'

filters for "Bitdefender" Services that are preset. CriticalService will be the number of matching services

-ComputerName "%host" -CriticalServicePattern '^(Bitdefender)$'

filters for "Bitdefender" Services that are preset and running. CriticalService will be the number of matching services

-ComputerName "%host" -CriticalServicePattern '^(Bitdefender)$' -CriticalServiceMustRun

check automatic Services and require the client to have two matching CriticalServices present and running. Does only work for channel creation.

-ComputerName "%host" -CriticalServicePattern '^(Bitdefender|WinDefend)$' -CriticalServiceMustRun -CriticalServiceLimit 2

Use explicit credentials ("Windows credentials of parent device" is the better way)

-ComputerName "%host" -UserName "YourRemoteComputerUser" -Password "YourRemoteComputerPassword"

HTTP Push from Remote Server

powershell.exe -Command "& 'C:\PRTG\PRTG-WinServices.ps1' -ComputerName 'localhost' -HttpPush -HttpServer 'YourPRTGServer' -HttpPort '5050' -HttpToken 'YourHTTPPushToken'"

HTTP Push from Remote Server and exclude every service starting with "Intel"

powershell.exe -Command "& 'C:\PRTG\PRTG-WinServices.ps1' -ComputerName 'localhost' -HttpPush -HttpServer 'YourPRTGServer' -HttpPort '5050' -HttpToken 'YourHTTPPushToken' -ExcludePattern '^(Intel.*)$'"

Show channel for each service, use with "IncludePattern"

-ComputerName "%host" -IncludePattern '^(prtg.*)$' -HideTotalServiceCount -HideAutomaticNotRunning -ChannelPerService

Examples

PRTG-WinService

PRTG-WinService

PRTG-WinService

Includes/Excludes

You can use the variables to exclude/include Services The variables take a regular expression as input to provide maximum flexibility.

For more information about regular expressions in PowerShell, visit Microsoft Docs.

".+" is one or more charakters ".*" is zero or more charakters

Least Privilege

look into the following links:

About

Monitor automatically started Windows services with PRTG

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages