MonitorWare Knowledge Base

Your first source for knowledge

Skip to content

How to detect service start / stop in event log?

Discuss Windows Event Log events. What they mean, what they tell you about your machine's security ... and whatever questions else you have.

Moderator: alorbach

Post a reply

How to detect service start / stop in event log?

Postby Ernie on Wed Jun 02, 2004 9:42 am

Hi all.

In a windows NT system I could detect a service start using 592 (proccess start); I could not detect service stop - the only way I know is to use 593, proccess stop, but I need to know the process ID (the same ID that was assigned to the service when started)

In win 2000 I read there is a tool in the resource kit to add the event,...

Any way, my question is related to windows NT, do you have any idea to monitoring the service start and stop?
Ernie
 
Top

Google Ads

Post a reply

Return to Windows Events

Who is online

Users browsing this forum: No registered users and 0 guests

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
phpBB SEO

Time : 0.022s | 13 Queries | GZIP : On
cron