Sometime you might want to start and stop kind of activities out of event logs for windows services . here is powershell script for this
Now that you have decided the culprit windows service, use this script to get whole available history:
Might be the case , you only want to list down which service is stopped and which one is active :
get last app pool recycle timings
$eventL = Get-EventLog -LogName "System" -Source "Service Control Manager" ;Get-Service | ForEach-Object {$st1 = "";$st2 = "";$st3 = "";$st1 = $_.Status;$st2 = $_.DisplayName;$st3 = $_.Name;#Write-Host $st1 $st2 $st3 -foregroundcolor cyan;$eventL | where { $_.Message.Contains($st2) -eq "true" } | Select-Object -First 1 | ForEach-Object {Write-Host $st1 $st2 $st3 -foregroundcolor cyan;$st4 = "";$st5 = "";$st4 = $_.Message;$st5 = $_.TimeGenerated;Write-Host $st4 $st5;}}$eventL = $null;Now that you have decided the culprit windows service, use this script to get whole available history:
$eventL = Get-EventLog -LogName "System" -Source "Service Control Manager" ;Get-Service | ForEach-Object {if($_.Name -eq "AAAAAAAAAAAA"){$st1 = "";$st2 = "";$st3 = "";$st1 = $_.Status;$st2 = $_.DisplayName;$st3 = $_.Name;#Write-Host $st1 $st2 $st3 -foregroundcolor cyan;$eventL | where { $_.Message.Contains($st2) -eq "true" } | ForEach-Object {#Write-Host $st1 $st2 $st3 -foregroundcolor cyan;$st4 = "";$st5 = "";$st4 = $_.Message;$st5 = $_.TimeGenerated;Write-Host $st4 $st5;}}}$eventL = $null;Might be the case , you only want to list down which service is stopped and which one is active :
Get-Service | ForEach-Object {$st1 = "";$st2 = "";$st3 = "";$st1 = $_.Status;$st2 = $_.DisplayName;$st3 = $_.Name;Write-Host $st1 "," $st2 "," $st3 -foregroundcolor cyan;}
get last app pool recycle timings
No comments:
Post a Comment