Sorry, I wasn't asking for a tool, but for method. We already use Nagios here to watch for event ID's, I was wondering if it makes more sense to look for "service stopped" messages in the event log or should I look for 55 services independently.
Going forward I plan to monitor all services on all servers, and watching the event log would be FAR simpler than legging out 5,000 services. I'm just wondering if it's possible (or likely) that a service would stop without a corresponding Event log entry. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Sherry Abercrombie [mailto:[email protected]] Sent: Tuesday, March 02, 2010 9:55 AM To: NT System Admin Issues Subject: Re: Monitoring services I will second Nagios. There is a way to monitor event id's, but I'm not sure what that process is. We don't really use it for event id's, but do use it for passive checks. There are always new add-ins for Nagios. On Tue, Mar 2, 2010 at 11:39 AM, Cameron <[email protected]<mailto:[email protected]>> wrote: I think Nagios can monitor pretty much any service, but I don't think it will monitor for Event ID's...but I could be mistaken (and you can't beat the price! (free!)) On Tue, Mar 2, 2010 at 11:36 AM, David Lum <[email protected]<mailto:[email protected]>> wrote: I would like to add comprehensive monitoring of all running Windows server services. One method is to monitor each service specifically, but could you pretty much the same thing by monitoring the System event logs for event ID 7056? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 -- Sherry Abercrombie "Any sufficiently advanced technology is indistinguishable from magic." Arthur C. Clarke ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
