Services Down & % of Services Down

ginu · December 20, 2019, 12:18pm

Hi All
I have a metricbeat which checks the service status which monitors the WWWServices. See below the Query

event.dataset:windows.service AND windows.service.name: W3SVC AND windows.service.start_type.keyword:"Automatic"

I would like to query for a service down, i know that I can run

event.dataset:windows.service AND windows.service.name: W3SVC AND windows.service.start_type.keyword:"Automatic" AND NOT windows.service.state: Running

My requirement is to identify when a 20 % of the services are down on multiple host to raise an alert.

Any idea ?

regards, Ginu

system · January 17, 2020, 12:18pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Alert when specific Windows Service is down Beats elastic-stack-alerting , metricbeat	1	499	April 26, 2021
Windows services up/down alerting using watcher Elasticsearch elastic-stack-alerting	2	858	April 13, 2018
How to query for running services matching a specific list of services Beats metricbeat	1	281	April 2, 2020
Metric beat service turns off automatically in windows sever Beats metricbeat	7	772	January 14, 2020
Metricbeat doesnt create event when service is down Beats metricbeat	1	250	October 14, 2021

Services Down & % of Services Down

Related topics