PowerShell Service Status, Event logs in Email

(Last Updated On: November 13, 2016)

PowerShell, a scripting language for advanced Windows administrator’s, uses dot NET framework.  You will learn here, how to send Service Status, Error Event logs in email

Scenario :

Trigger an Email when a service goes down with error event logs to a particular email distribution list.

There is a critical service that shouldn’t go down and needs to monitor; let’s say every minute. In case if the service goes down it should trigger an email alert with service status and a separate email for system event logs with type errors.

 

Check for DFS service status for every minute if it is running, sleeps for 55 seconds and at a particular time. Let’s say every day 6:00 AM an email with last five system error event logs to a specific email distribution list in an HTML format.

Checking DFS Service Status

while ((Get-Service -ComputerName servername "DFS").status -eq "Running")
{
    Start-Sleep -Seconds 55
if (((Get-Date | %{$_.Hour}) -eq 06) -and ((Get-Date | %{$_.Minute}) -eq 00))
    {
        $msg.To.Add("DL@exchange.corp")
        $msg.From = "xyz@tothe.tech"
        $msg.Subject = "Error Alert on Server"
        $msg.IsBodyHTML = $true
        $msg.Priority = "High"
        $msg.Body = Get-EventLog -ComputerName servername -LogName System -EntryType Error -Newest 5 | Select-Object EventID, MachineName, EntryType, Message, Source, TimeGenerated, TimeWritten, UserName  | ConvertTo-Html | Out-String
        $smtp.Send($msg)
        
    }

}

In case if the DFS service status failed or stopped this continues to the rest of the code in the script file, which triggers two emails one or the current state of DFS service and the last five system error event logs.

Checking DFS Service Status, Error Event logs in Email

$smtpServer = "mail.exchange.corp"
$smtp = New-Object Net.Mail.SmtpClient($smtpServer)
$msg = New-Object Net.Mail.MailMessage
while ((Get-Service -ComputerName servername "DFS").status -eq "Running")
{
    Start-Sleep -Seconds 55
    
    if (((Get-Date | %{$_.Hour}) -eq 06) -and ((Get-Date | %{$_.Minute}) -eq 00))
    {
        $msg.To.Add("DL@exchange.corp")
        $msg.From = "xyz@tothe.tech"
        $msg.Subject = "Error Alert on Server"
        $msg.IsBodyHTML = $true
        $msg.Priority = "High"
        $msg.Body = Get-EventLog -ComputerName servername -LogName System -EntryType Error -Newest 5 | Select-Object EventID, MachineName, EntryType, Message, Source, TimeGenerated, TimeWritten, UserName  | ConvertTo-Html | Out-String
        $smtp.Send($msg)
        
    }

}

$msg.To.Add("DL@exchange.corp")
$msg.From = "xyz@tothe.tech"
$msg.Subject = "DFS Service Alert on Server"
$msg.IsBodyHTML = $true
$msg.Priority = "High"
$msg.Body = "servername DFS Service Status : " +  (Get-Service -ComputerName servername "DFS").status
$smtp.Send($msg)


$msg.To.Add("DL@exchange.corp")
$msg.From = "xyz@tothe.tech"
$msg.Subject = "Error Alert on servername"
$msg.IsBodyHTML = $true
$msg.Priority = "High"
$msg.Body = Get-EventLog -ComputerName servername -LogName System -EntryType Error -Newest 5 | Select-Object EventID, MachineName, EntryType, Message, Source, TimeGenerated, TimeWritten, UserName  | ConvertTo-Html | Out-String
$smtp.Send($msg)

Make sure you change the server name (localhost) in the Get-Eventlog Command.

Get-EventLog -ComputerName servername -LogName System -EntryType Error -Newest 5 | Select-Object EventID, MachineName, EntryType, Message, Source, TimeGenerated, TimeWritten, UserName  | ConvertTo-Html | Out-String

Save this code in .ps1 file and execute in PowerShell terminal.